IntenseWebs/opentofu
3
0
Fork 0
mirror of https://github.com/opentofu/opentofu.git synced 2025-02-25 18:45:20 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1189 from hashicorp/b-aws-instance-sec-groups

Browse Source 
Fix issue with Network interfaces and an instance-level security groups
This commit is contained in:
Clint 2015-03-13 16:37:11 -05:00
commit 9c7f5975bb
3 changed files with 96 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
builtin/providers/aws/resource_aws_instance.go
View File

@ -293,6 +293,17 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error {
subnet, hasSubnet := d.GetOk("subnet_id") subnet, hasSubnet := d.GetOk("subnet_id")
subnetID := subnet.(string) subnetID := subnet.(string)
var groups []string
if v := d.Get("security_groups"); v != nil {
// Security group names.
// For a nondefault VPC, you must use security group IDs instead.
// See http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html
for _, v := range v.(*schema.Set).List() {
str := v.(string)
groups = append(groups, str)
}
}
if hasSubnet && associatePublicIPAddress { if hasSubnet && associatePublicIPAddress {
// If we have a non-default VPC / Subnet specified, we can flag // If we have a non-default VPC / Subnet specified, we can flag
// AssociatePublicIpAddress to get a Public IP assigned. By default these are not provided. // AssociatePublicIpAddress to get a Public IP assigned. By default these are not provided.
@ -311,6 +322,10 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error {
ni.PrivateIPAddress = aws.String(v.(string)) ni.PrivateIPAddress = aws.String(v.(string))
} }
if len(groups) > 0 {
ni.Groups = groups
}
runOpts.NetworkInterfaces = []ec2.InstanceNetworkInterfaceSpecification{ni} runOpts.NetworkInterfaces = []ec2.InstanceNetworkInterfaceSpecification{ni}
} else { } else {
if subnetID != "" { if subnetID != "" {
@ -320,21 +335,6 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error {
if v, ok := d.GetOk("private_ip"); ok { if v, ok := d.GetOk("private_ip"); ok {
runOpts.PrivateIPAddress = aws.String(v.(string)) runOpts.PrivateIPAddress = aws.String(v.(string))
} }
}
if v, ok := d.GetOk("key_name"); ok {
runOpts.KeyName = aws.String(v.(string))
}
if v := d.Get("security_groups"); v != nil {
// Security group names.
// For a nondefault VPC, you must use security group IDs instead.
// See http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html
var groups []string
for _, v := range v.(*schema.Set).List() {
str := v.(string)
groups = append(groups, str)
}
if runOpts.SubnetID != nil && if runOpts.SubnetID != nil &&
*runOpts.SubnetID != "" { *runOpts.SubnetID != "" {
runOpts.SecurityGroupIDs = groups runOpts.SecurityGroupIDs = groups
@ -343,6 +343,10 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error {
} }
} }
if v, ok := d.GetOk("key_name"); ok {
runOpts.KeyName = aws.String(v.(string))
}
blockDevices := make([]interface{}, 0) blockDevices := make([]interface{}, 0)
if v := d.Get("block_device"); v != nil { if v := d.Get("block_device"); v != nil {

65
builtin/providers/aws/resource_aws_instance_test.go
View File

@ -207,6 +207,25 @@ func TestAccAWSInstance_vpc(t *testing.T) {
}) })
} }
func TestAccInstance_NetworkInstanceSecurityGroups(t *testing.T) {
var v ec2.Instance
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckInstanceDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccInstanceNetworkInstanceSecurityGroups,
Check: resource.ComposeTestCheckFunc(
testAccCheckInstanceExists(
"aws_instance.foo_instance", &v),
),
},
},
})
}
func TestAccAWSInstance_tags(t *testing.T) { func TestAccAWSInstance_tags(t *testing.T) {
var v ec2.Instance var v ec2.Instance
@ -533,3 +552,49 @@ resource "aws_instance" "foo" {
private_ip = "10.1.1.42" private_ip = "10.1.1.42"
} }
` `
const testAccInstanceNetworkInstanceSecurityGroups = `
resource "aws_internet_gateway" "gw" {
vpc_id = "${aws_vpc.foo.id}"
}
resource "aws_vpc" "foo" {
cidr_block = "10.1.0.0/16"
tags {
Name = "tf-network-test"
}
}
resource "aws_security_group" "tf_test_foo" {
name = "tf_test_foo"
description = "foo"
vpc_id="${aws_vpc.foo.id}"
ingress {
protocol = "icmp"
from_port = -1
to_port = -1
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_subnet" "foo" {
cidr_block = "10.1.1.0/24"
vpc_id = "${aws_vpc.foo.id}"
}
resource "aws_instance" "foo_instance" {
ami = "ami-21f78e11"
instance_type = "t1.micro"
security_groups = ["${aws_security_group.tf_test_foo.id}"]
subnet_id = "${aws_subnet.foo.id}"
associate_public_ip_address = true
depends_on = ["aws_internet_gateway.gw"]
}
resource "aws_eip" "foo_eip" {
instance = "${aws_instance.foo_instance.id}"
vpc = true
depends_on = ["aws_internet_gateway.gw"]
}
`

12
website/source/docs/providers/aws/r/internet_gateway.html.markdown
View File

@ -29,6 +29,18 @@ The following arguments are supported:
* `vpc_id` - (Required) The VPC ID to create in. * `vpc_id` - (Required) The VPC ID to create in.
* `tags` - (Optional) A mapping of tags to assign to the resource. * `tags` - (Optional) A mapping of tags to assign to the resource.
-> **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:
resource "aws_internet_gateway" "gw" {
vpc_id = "${aws_vpc.main.id}"
}
resource "aws_instance" "foo" {
depends_on = ["aws_internet_gateway.gw"]
}
## Attributes Reference ## Attributes Reference
The following attributes are exported: The following attributes are exported: