github.com/paulmey/terraform@v0.5.2-0.20150519145237-046e9b4c884d/builtin/providers/aws/resource_aws_elasticache_security_group.go

github.com/paulmey/terraform@v0.5.2-0.20150519145237-046e9b4c884d/builtin/providers/aws/resource_aws_elasticache_security_group.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  	"time"
     7  
     8  	"github.com/awslabs/aws-sdk-go/aws"
     9  	"github.com/awslabs/aws-sdk-go/service/elasticache"
    10  	"github.com/hashicorp/terraform/helper/hashcode"
    11  	"github.com/hashicorp/terraform/helper/resource"
    12  	"github.com/hashicorp/terraform/helper/schema"
    13  )
    14  
    15  func resourceAwsElasticacheSecurityGroup() *schema.Resource {
    16  	return &schema.Resource{
    17  		Create: resourceAwsElasticacheSecurityGroupCreate,
    18  		Read:   resourceAwsElasticacheSecurityGroupRead,
    19  		Delete: resourceAwsElasticacheSecurityGroupDelete,
    20  
    21  		Schema: map[string]*schema.Schema{
    22  			"description": &schema.Schema{
    23  				Type:     schema.TypeString,
    24  				Required: true,
    25  				ForceNew: true,
    26  			},
    27  			"name": &schema.Schema{
    28  				Type:     schema.TypeString,
    29  				Required: true,
    30  				ForceNew: true,
    31  			},
    32  			"security_group_names": &schema.Schema{
    33  				Type:     schema.TypeSet,
    34  				Required: true,
    35  				ForceNew: true,
    36  				Elem:     &schema.Schema{Type: schema.TypeString},
    37  				Set: func(v interface{}) int {
    38  					return hashcode.String(v.(string))
    39  				},
    40  			},
    41  		},
    42  	}
    43  }
    44  
    45  func resourceAwsElasticacheSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
    46  	conn := meta.(*AWSClient).elasticacheconn
    47  
    48  	name := d.Get("name").(string)
    49  	desc := d.Get("description").(string)
    50  	nameSet := d.Get("security_group_names").(*schema.Set)
    51  
    52  	names := make([]string, nameSet.Len())
    53  	for i, name := range nameSet.List() {
    54  		names[i] = name.(string)
    55  	}
    56  
    57  	log.Printf("[DEBUG] Cache security group create: name: %s, description: %s, security_group_names: %v", name, desc, names)
    58  	res, err := conn.CreateCacheSecurityGroup(&elasticache.CreateCacheSecurityGroupInput{
    59  		Description:            aws.String(desc),
    60  		CacheSecurityGroupName: aws.String(name),
    61  	})
    62  	if err != nil {
    63  		return fmt.Errorf("Error creating CacheSecurityGroup: %s", err)
    64  	}
    65  
    66  	for _, n := range names {
    67  		log.Printf("[DEBUG] Authorize cache security group ingress name: %v, ec2 security group name: %v", name, n)
    68  		_, err = conn.AuthorizeCacheSecurityGroupIngress(&elasticache.AuthorizeCacheSecurityGroupIngressInput{
    69  			CacheSecurityGroupName:  aws.String(name),
    70  			EC2SecurityGroupName:    aws.String(n),
    71  			EC2SecurityGroupOwnerID: aws.String(*res.CacheSecurityGroup.OwnerID),
    72  		})
    73  		if err != nil {
    74  			log.Printf("[ERROR] Failed to authorize: %v", err)
    75  			_, err := conn.DeleteCacheSecurityGroup(&elasticache.DeleteCacheSecurityGroupInput{
    76  				CacheSecurityGroupName: aws.String(d.Id()),
    77  			})
    78  			log.Printf("[ERROR] Revert cache security group: %v", err)
    79  		}
    80  	}
    81  
    82  	d.SetId(name)
    83  
    84  	return nil
    85  }
    86  
    87  func resourceAwsElasticacheSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
    88  	conn := meta.(*AWSClient).elasticacheconn
    89  	req := &elasticache.DescribeCacheSecurityGroupsInput{
    90  		CacheSecurityGroupName: aws.String(d.Get("name").(string)),
    91  	}
    92  
    93  	res, err := conn.DescribeCacheSecurityGroups(req)
    94  	if err != nil {
    95  		return err
    96  	}
    97  	if len(res.CacheSecurityGroups) == 0 {
    98  		return fmt.Errorf("Error missing %v", d.Get("name"))
    99  	}
   100  
   101  	var group *elasticache.CacheSecurityGroup
   102  	for _, g := range res.CacheSecurityGroups {
   103  		log.Printf("[DEBUG] CacheSecurityGroupName: %v, id: %v", g.CacheSecurityGroupName, d.Id())
   104  		if *g.CacheSecurityGroupName == d.Id() {
   105  			group = g
   106  		}
   107  	}
   108  	if group == nil {
   109  		return fmt.Errorf("Error retrieving cache security group: %v", res)
   110  	}
   111  
   112  	d.Set("name", group.CacheSecurityGroupName)
   113  	d.Set("description", group.Description)
   114  
   115  	return nil
   116  }
   117  
   118  func resourceAwsElasticacheSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
   119  	conn := meta.(*AWSClient).elasticacheconn
   120  
   121  	log.Printf("[DEBUG] Cache security group delete: %s", d.Id())
   122  
   123  	return resource.Retry(5*time.Minute, func() error {
   124  		_, err := conn.DeleteCacheSecurityGroup(&elasticache.DeleteCacheSecurityGroupInput{
   125  			CacheSecurityGroupName: aws.String(d.Id()),
   126  		})
   127  		if err != nil {
   128  			apierr, ok := err.(aws.APIError)
   129  			if !ok {
   130  				return err
   131  			}
   132  			log.Printf("[DEBUG] APIError.Code: %v", apierr.Code)
   133  			switch apierr.Code {
   134  			case "InvalidCacheSecurityGroupState":
   135  				return err
   136  			case "DependencyViolation":
   137  				// If it is a dependency violation, we want to retry
   138  				return err
   139  			default:
   140  				return resource.RetryError{Err: err}
   141  			}
   142  		}
   143  		return nil
   144  	})
   145  }