provider/aws: fix sg rule crash

Fixes crash in #2431 Decided that `findResourceSecurityGroup` should return an error when the SG is not found, since the callers cannot happily continue with a `nil` SG Also passes through a few error cases that were being swallowed. /cc @catsby
2025-02-20 11:48:24 -06:00 · 2015-06-23 09:25:55 -05:00 · 2015-06-23 09:25:55 -05:00 · e0fccf2dcc
commit e0fccf2dcc
parent 6fd4f65946
1 changed files with 8 additions and 14 deletions
--- a/builtin/providers/aws/resource_aws_security_group_rule.go
+++ b/builtin/providers/aws/resource_aws_security_group_rule.go
@ -87,7 +87,7 @@ func resourceAwsSecurityGroupRuleCreate(d *schema.ResourceData, meta interface{}
 	sg, err := findResourceSecurityGroup(conn, sg_id)

 	if err != nil {
-		return fmt.Errorf("sorry")
+		return err
 	}

 	perm := expandIPPerm(d, sg)
@ -205,7 +205,7 @@ func resourceAwsSecurityGroupRuleDelete(d *schema.ResourceData, meta interface{}
 	sg, err := findResourceSecurityGroup(conn, sg_id)

 	if err != nil {
-		return fmt.Errorf("sorry")
+		return err
 	}

 	perm := expandIPPerm(d, sg)
@ -255,18 +255,12 @@ func findResourceSecurityGroup(conn *ec2.EC2, id string) (*ec2.SecurityGroup, er
 	}
 	resp, err := conn.DescribeSecurityGroups(req)
 	if err != nil {
-		if ec2err, ok := err.(awserr.Error); ok {
-			if ec2err.Code() == "InvalidSecurityGroupID.NotFound" ||
-				ec2err.Code() == "InvalidGroup.NotFound" {
-				resp = nil
-				err = nil
-			}
-		}
-
-		if err != nil {
-			log.Printf("Error on findResourceSecurityGroup: %s", err)
-			return nil, err
-		}
+		return nil, err
+	}
+	if len(resp.SecurityGroups) != 1 {
+		return nil, fmt.Errorf(
+			"Expected to find one security group with ID %q, got: %#v",
+			id, resp.SecurityGroups)
 	}

 	return resp.SecurityGroups[0], nil