mirror of
https://github.com/opentofu/opentofu.git
synced 2025-01-08 15:13:56 -06:00
Remove aws_network_acl_rule if not found. (#13608)
This commit is contained in:
parent
ce09cc1bb9
commit
da7041f4be
@ -163,10 +163,14 @@ func resourceAwsNetworkAclRuleCreate(d *schema.ResourceData, meta interface{}) e
|
||||
// API (see issue GH-4721). Retry the `findNetworkAclRule` function until it is
|
||||
// visible (which in most cases is likely immediately).
|
||||
err = resource.Retry(3*time.Minute, func() *resource.RetryError {
|
||||
_, findErr := findNetworkAclRule(d, meta)
|
||||
r, findErr := findNetworkAclRule(d, meta)
|
||||
if findErr != nil {
|
||||
return resource.RetryableError(findErr)
|
||||
}
|
||||
if r == nil {
|
||||
err := fmt.Errorf("Network ACL rule (%s) not found", d.Id())
|
||||
return resource.RetryableError(err)
|
||||
}
|
||||
|
||||
return nil
|
||||
})
|
||||
@ -182,6 +186,11 @@ func resourceAwsNetworkAclRuleRead(d *schema.ResourceData, meta interface{}) err
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if resp == nil {
|
||||
log.Printf("[DEBUG] Network ACL rule (%s) not found", d.Id())
|
||||
d.SetId("")
|
||||
return nil
|
||||
}
|
||||
|
||||
d.Set("rule_number", resp.RuleNumber)
|
||||
d.Set("cidr_block", resp.CidrBlock)
|
||||
@ -257,7 +266,11 @@ func findNetworkAclRule(d *schema.ResourceData, meta interface{}) (*ec2.NetworkA
|
||||
return nil, fmt.Errorf("Error Finding Network Acl Rule %d: %s", d.Get("rule_number").(int), err.Error())
|
||||
}
|
||||
|
||||
if resp == nil || len(resp.NetworkAcls) != 1 || resp.NetworkAcls[0] == nil {
|
||||
if resp == nil || len(resp.NetworkAcls) == 0 || resp.NetworkAcls[0] == nil {
|
||||
// Missing NACL rule.
|
||||
return nil, nil
|
||||
}
|
||||
if len(resp.NetworkAcls) > 1 {
|
||||
return nil, fmt.Errorf(
|
||||
"Expected to find one Network ACL, got: %#v",
|
||||
resp.NetworkAcls)
|
||||
|
@ -137,6 +137,26 @@ func TestResourceAWSNetworkAclRule_validateICMPArgumentValue(t *testing.T) {
|
||||
|
||||
}
|
||||
|
||||
func TestAccAWSNetworkAclRule_deleteRule(t *testing.T) {
|
||||
var networkAcl ec2.NetworkAcl
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckAWSNetworkAclRuleDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
{
|
||||
Config: testAccAWSNetworkAclRuleBasicConfig,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckAWSNetworkAclRuleExists("aws_network_acl_rule.baz", &networkAcl),
|
||||
testAccCheckAWSNetworkAclRuleDelete("aws_network_acl_rule.baz"),
|
||||
),
|
||||
ExpectNonEmptyPlan: true,
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckAWSNetworkAclRuleDestroy(s *terraform.State) error {
|
||||
|
||||
for _, rs := range s.RootModule().Resources {
|
||||
@ -179,7 +199,7 @@ func testAccCheckAWSNetworkAclRuleExists(n string, networkAcl *ec2.NetworkAcl) r
|
||||
}
|
||||
|
||||
if rs.Primary.ID == "" {
|
||||
return fmt.Errorf("No Network ACL Id is set")
|
||||
return fmt.Errorf("No Network ACL Rule Id is set")
|
||||
}
|
||||
|
||||
req := &ec2.DescribeNetworkAclsInput{
|
||||
@ -209,6 +229,40 @@ func testAccCheckAWSNetworkAclRuleExists(n string, networkAcl *ec2.NetworkAcl) r
|
||||
}
|
||||
}
|
||||
|
||||
func testAccCheckAWSNetworkAclRuleDelete(n string) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
rs, ok := s.RootModule().Resources[n]
|
||||
if !ok {
|
||||
return fmt.Errorf("Not found: %s", n)
|
||||
}
|
||||
|
||||
if rs.Primary.ID == "" {
|
||||
return fmt.Errorf("No Network ACL Rule Id is set")
|
||||
}
|
||||
|
||||
egress, err := strconv.ParseBool(rs.Primary.Attributes["egress"])
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
ruleNo, err := strconv.ParseInt(rs.Primary.Attributes["rule_number"], 10, 64)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
conn := testAccProvider.Meta().(*AWSClient).ec2conn
|
||||
_, err = conn.DeleteNetworkAclEntry(&ec2.DeleteNetworkAclEntryInput{
|
||||
NetworkAclId: aws.String(rs.Primary.Attributes["network_acl_id"]),
|
||||
RuleNumber: aws.Int64(ruleNo),
|
||||
Egress: aws.Bool(egress),
|
||||
})
|
||||
if err != nil {
|
||||
return fmt.Errorf("Error deleting Network ACL Rule (%s) in testAccCheckAWSNetworkAclRuleDelete: %s", rs.Primary.ID, err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
const testAccAWSNetworkAclRuleBasicConfig = `
|
||||
provider "aws" {
|
||||
region = "us-east-1"
|
||||
|
Loading…
Reference in New Issue
Block a user