github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/alicloud/resource_alicloud_security_group.go

github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/alicloud/resource_alicloud_security_group.go (about)

     1  package alicloud
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"github.com/denverdino/aliyungo/common"
     7  	"github.com/denverdino/aliyungo/ecs"
     8  	"github.com/hashicorp/terraform/helper/resource"
     9  	"github.com/hashicorp/terraform/helper/schema"
    10  	"time"
    11  )
    12  
    13  func resourceAliyunSecurityGroup() *schema.Resource {
    14  	return &schema.Resource{
    15  		Create: resourceAliyunSecurityGroupCreate,
    16  		Read:   resourceAliyunSecurityGroupRead,
    17  		Update: resourceAliyunSecurityGroupUpdate,
    18  		Delete: resourceAliyunSecurityGroupDelete,
    19  
    20  		Schema: map[string]*schema.Schema{
    21  			"name": &schema.Schema{
    22  				Type:         schema.TypeString,
    23  				Optional:     true,
    24  				ValidateFunc: validateSecurityGroupName,
    25  			},
    26  
    27  			"description": &schema.Schema{
    28  				Type:         schema.TypeString,
    29  				Optional:     true,
    30  				ValidateFunc: validateSecurityGroupDescription,
    31  			},
    32  
    33  			"vpc_id": &schema.Schema{
    34  				Type:     schema.TypeString,
    35  				Optional: true,
    36  				ForceNew: true,
    37  			},
    38  		},
    39  	}
    40  }
    41  
    42  func resourceAliyunSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
    43  	conn := meta.(*AliyunClient).ecsconn
    44  
    45  	args, err := buildAliyunSecurityGroupArgs(d, meta)
    46  	if err != nil {
    47  		return err
    48  	}
    49  
    50  	securityGroupID, err := conn.CreateSecurityGroup(args)
    51  	if err != nil {
    52  		return err
    53  	}
    54  
    55  	d.SetId(securityGroupID)
    56  
    57  	return resourceAliyunSecurityGroupRead(d, meta)
    58  }
    59  
    60  func resourceAliyunSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
    61  	conn := meta.(*AliyunClient).ecsconn
    62  
    63  	args := &ecs.DescribeSecurityGroupAttributeArgs{
    64  		SecurityGroupId: d.Id(),
    65  		RegionId:        getRegion(d, meta),
    66  	}
    67  
    68  	sg, err := conn.DescribeSecurityGroupAttribute(args)
    69  	if err != nil {
    70  		if notFoundError(err) {
    71  			d.SetId("")
    72  			return nil
    73  		}
    74  		return fmt.Errorf("Error DescribeSecurityGroupAttribute: %#v", err)
    75  	}
    76  
    77  	if sg == nil {
    78  		d.SetId("")
    79  		return nil
    80  	}
    81  
    82  	d.Set("name", sg.SecurityGroupName)
    83  	d.Set("description", sg.Description)
    84  
    85  	return nil
    86  }
    87  
    88  func resourceAliyunSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {
    89  
    90  	conn := meta.(*AliyunClient).ecsconn
    91  
    92  	d.Partial(true)
    93  	attributeUpdate := false
    94  	args := &ecs.ModifySecurityGroupAttributeArgs{
    95  		SecurityGroupId: d.Id(),
    96  		RegionId:        getRegion(d, meta),
    97  	}
    98  
    99  	if d.HasChange("name") {
   100  		d.SetPartial("name")
   101  		args.SecurityGroupName = d.Get("name").(string)
   102  
   103  		attributeUpdate = true
   104  	}
   105  
   106  	if d.HasChange("description") {
   107  		d.SetPartial("description")
   108  		args.Description = d.Get("description").(string)
   109  
   110  		attributeUpdate = true
   111  	}
   112  	if attributeUpdate {
   113  		if err := conn.ModifySecurityGroupAttribute(args); err != nil {
   114  			return err
   115  		}
   116  	}
   117  
   118  	return nil
   119  }
   120  
   121  func resourceAliyunSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
   122  
   123  	conn := meta.(*AliyunClient).ecsconn
   124  
   125  	return resource.Retry(5*time.Minute, func() *resource.RetryError {
   126  		err := conn.DeleteSecurityGroup(getRegion(d, meta), d.Id())
   127  
   128  		if err != nil {
   129  			e, _ := err.(*common.Error)
   130  			if e.ErrorResponse.Code == SgDependencyViolation {
   131  				return resource.RetryableError(fmt.Errorf("Security group in use - trying again while it is deleted."))
   132  			}
   133  		}
   134  
   135  		sg, err := conn.DescribeSecurityGroupAttribute(&ecs.DescribeSecurityGroupAttributeArgs{
   136  			RegionId:        getRegion(d, meta),
   137  			SecurityGroupId: d.Id(),
   138  		})
   139  
   140  		if err != nil {
   141  			e, _ := err.(*common.Error)
   142  			if e.ErrorResponse.Code == InvalidSecurityGroupIdNotFound {
   143  				return nil
   144  			}
   145  			return resource.NonRetryableError(err)
   146  		} else if sg == nil {
   147  			return nil
   148  		}
   149  
   150  		return resource.RetryableError(fmt.Errorf("Security group in use - trying again while it is deleted."))
   151  	})
   152  
   153  }
   154  
   155  func buildAliyunSecurityGroupArgs(d *schema.ResourceData, meta interface{}) (*ecs.CreateSecurityGroupArgs, error) {
   156  
   157  	args := &ecs.CreateSecurityGroupArgs{
   158  		RegionId: getRegion(d, meta),
   159  	}
   160  
   161  	if v := d.Get("name").(string); v != "" {
   162  		args.SecurityGroupName = v
   163  	}
   164  
   165  	if v := d.Get("description").(string); v != "" {
   166  		args.Description = v
   167  	}
   168  
   169  	if v := d.Get("vpc_id").(string); v != "" {
   170  		args.VpcId = v
   171  	}
   172  
   173  	return args, nil
   174  }