github.com/andresvia/terraform@v0.6.15-0.20160412045437-d51c75946785/builtin/providers/aws/resource_aws_elasticache_security_group.go

github.com/andresvia/terraform@v0.6.15-0.20160412045437-d51c75946785/builtin/providers/aws/resource_aws_elasticache_security_group.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  	"time"
     7  
     8  	"github.com/aws/aws-sdk-go/aws"
     9  	"github.com/aws/aws-sdk-go/aws/awserr"
    10  	"github.com/aws/aws-sdk-go/service/elasticache"
    11  	"github.com/hashicorp/terraform/helper/resource"
    12  	"github.com/hashicorp/terraform/helper/schema"
    13  )
    14  
    15  func resourceAwsElasticacheSecurityGroup() *schema.Resource {
    16  	return &schema.Resource{
    17  		Create: resourceAwsElasticacheSecurityGroupCreate,
    18  		Read:   resourceAwsElasticacheSecurityGroupRead,
    19  		Delete: resourceAwsElasticacheSecurityGroupDelete,
    20  
    21  		Schema: map[string]*schema.Schema{
    22  			"description": &schema.Schema{
    23  				Type:     schema.TypeString,
    24  				Required: true,
    25  				ForceNew: true,
    26  			},
    27  			"name": &schema.Schema{
    28  				Type:     schema.TypeString,
    29  				Required: true,
    30  				ForceNew: true,
    31  			},
    32  			"security_group_names": &schema.Schema{
    33  				Type:     schema.TypeSet,
    34  				Required: true,
    35  				ForceNew: true,
    36  				Elem:     &schema.Schema{Type: schema.TypeString},
    37  				Set:      schema.HashString,
    38  			},
    39  		},
    40  	}
    41  }
    42  
    43  func resourceAwsElasticacheSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
    44  	conn := meta.(*AWSClient).elasticacheconn
    45  
    46  	name := d.Get("name").(string)
    47  	desc := d.Get("description").(string)
    48  	nameSet := d.Get("security_group_names").(*schema.Set)
    49  
    50  	names := make([]string, nameSet.Len())
    51  	for i, name := range nameSet.List() {
    52  		names[i] = name.(string)
    53  	}
    54  
    55  	log.Printf("[DEBUG] Cache security group create: name: %s, description: %s, security_group_names: %v", name, desc, names)
    56  	res, err := conn.CreateCacheSecurityGroup(&elasticache.CreateCacheSecurityGroupInput{
    57  		Description:            aws.String(desc),
    58  		CacheSecurityGroupName: aws.String(name),
    59  	})
    60  	if err != nil {
    61  		return fmt.Errorf("Error creating CacheSecurityGroup: %s", err)
    62  	}
    63  
    64  	for _, n := range names {
    65  		log.Printf("[DEBUG] Authorize cache security group ingress name: %v, ec2 security group name: %v", name, n)
    66  		_, err = conn.AuthorizeCacheSecurityGroupIngress(&elasticache.AuthorizeCacheSecurityGroupIngressInput{
    67  			CacheSecurityGroupName:  aws.String(name),
    68  			EC2SecurityGroupName:    aws.String(n),
    69  			EC2SecurityGroupOwnerId: aws.String(*res.CacheSecurityGroup.OwnerId),
    70  		})
    71  		if err != nil {
    72  			log.Printf("[ERROR] Failed to authorize: %v", err)
    73  			_, err := conn.DeleteCacheSecurityGroup(&elasticache.DeleteCacheSecurityGroupInput{
    74  				CacheSecurityGroupName: aws.String(d.Id()),
    75  			})
    76  			log.Printf("[ERROR] Revert cache security group: %v", err)
    77  		}
    78  	}
    79  
    80  	d.SetId(name)
    81  
    82  	return nil
    83  }
    84  
    85  func resourceAwsElasticacheSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
    86  	conn := meta.(*AWSClient).elasticacheconn
    87  	req := &elasticache.DescribeCacheSecurityGroupsInput{
    88  		CacheSecurityGroupName: aws.String(d.Get("name").(string)),
    89  	}
    90  
    91  	res, err := conn.DescribeCacheSecurityGroups(req)
    92  	if err != nil {
    93  		return err
    94  	}
    95  	if len(res.CacheSecurityGroups) == 0 {
    96  		return fmt.Errorf("Error missing %v", d.Get("name"))
    97  	}
    98  
    99  	var group *elasticache.CacheSecurityGroup
   100  	for _, g := range res.CacheSecurityGroups {
   101  		log.Printf("[DEBUG] CacheSecurityGroupName: %v, id: %v", g.CacheSecurityGroupName, d.Id())
   102  		if *g.CacheSecurityGroupName == d.Id() {
   103  			group = g
   104  		}
   105  	}
   106  	if group == nil {
   107  		return fmt.Errorf("Error retrieving cache security group: %v", res)
   108  	}
   109  
   110  	d.Set("name", group.CacheSecurityGroupName)
   111  	d.Set("description", group.Description)
   112  
   113  	return nil
   114  }
   115  
   116  func resourceAwsElasticacheSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
   117  	conn := meta.(*AWSClient).elasticacheconn
   118  
   119  	log.Printf("[DEBUG] Cache security group delete: %s", d.Id())
   120  
   121  	return resource.Retry(5*time.Minute, func() *resource.RetryError {
   122  		_, err := conn.DeleteCacheSecurityGroup(&elasticache.DeleteCacheSecurityGroupInput{
   123  			CacheSecurityGroupName: aws.String(d.Id()),
   124  		})
   125  		if err != nil {
   126  			apierr, ok := err.(awserr.Error)
   127  			if !ok {
   128  				return resource.RetryableError(err)
   129  			}
   130  			log.Printf("[DEBUG] APIError.Code: %v", apierr.Code())
   131  			switch apierr.Code() {
   132  			case "InvalidCacheSecurityGroupState":
   133  				return resource.RetryableError(err)
   134  			case "DependencyViolation":
   135  				// If it is a dependency violation, we want to retry
   136  				return resource.RetryableError(err)
   137  			default:
   138  				return resource.NonRetryableError(err)
   139  			}
   140  		}
   141  		return nil
   142  	})
   143  }