github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/aws/resource_aws_elasticache_security_group.go

github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/aws/resource_aws_elasticache_security_group.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  	"time"
     7  
     8  	"github.com/aws/aws-sdk-go/aws"
     9  	"github.com/aws/aws-sdk-go/aws/awserr"
    10  	"github.com/aws/aws-sdk-go/service/elasticache"
    11  	"github.com/hashicorp/terraform/helper/hashcode"
    12  	"github.com/hashicorp/terraform/helper/resource"
    13  	"github.com/hashicorp/terraform/helper/schema"
    14  )
    15  
    16  func resourceAwsElasticacheSecurityGroup() *schema.Resource {
    17  	return &schema.Resource{
    18  		Create: resourceAwsElasticacheSecurityGroupCreate,
    19  		Read:   resourceAwsElasticacheSecurityGroupRead,
    20  		Delete: resourceAwsElasticacheSecurityGroupDelete,
    21  
    22  		Schema: map[string]*schema.Schema{
    23  			"description": &schema.Schema{
    24  				Type:     schema.TypeString,
    25  				Required: true,
    26  				ForceNew: true,
    27  			},
    28  			"name": &schema.Schema{
    29  				Type:     schema.TypeString,
    30  				Required: true,
    31  				ForceNew: true,
    32  			},
    33  			"security_group_names": &schema.Schema{
    34  				Type:     schema.TypeSet,
    35  				Required: true,
    36  				ForceNew: true,
    37  				Elem:     &schema.Schema{Type: schema.TypeString},
    38  				Set: func(v interface{}) int {
    39  					return hashcode.String(v.(string))
    40  				},
    41  			},
    42  		},
    43  	}
    44  }
    45  
    46  func resourceAwsElasticacheSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
    47  	conn := meta.(*AWSClient).elasticacheconn
    48  
    49  	name := d.Get("name").(string)
    50  	desc := d.Get("description").(string)
    51  	nameSet := d.Get("security_group_names").(*schema.Set)
    52  
    53  	names := make([]string, nameSet.Len())
    54  	for i, name := range nameSet.List() {
    55  		names[i] = name.(string)
    56  	}
    57  
    58  	log.Printf("[DEBUG] Cache security group create: name: %s, description: %s, security_group_names: %v", name, desc, names)
    59  	res, err := conn.CreateCacheSecurityGroup(&elasticache.CreateCacheSecurityGroupInput{
    60  		Description:            aws.String(desc),
    61  		CacheSecurityGroupName: aws.String(name),
    62  	})
    63  	if err != nil {
    64  		return fmt.Errorf("Error creating CacheSecurityGroup: %s", err)
    65  	}
    66  
    67  	for _, n := range names {
    68  		log.Printf("[DEBUG] Authorize cache security group ingress name: %v, ec2 security group name: %v", name, n)
    69  		_, err = conn.AuthorizeCacheSecurityGroupIngress(&elasticache.AuthorizeCacheSecurityGroupIngressInput{
    70  			CacheSecurityGroupName:  aws.String(name),
    71  			EC2SecurityGroupName:    aws.String(n),
    72  			EC2SecurityGroupOwnerId: aws.String(*res.CacheSecurityGroup.OwnerId),
    73  		})
    74  		if err != nil {
    75  			log.Printf("[ERROR] Failed to authorize: %v", err)
    76  			_, err := conn.DeleteCacheSecurityGroup(&elasticache.DeleteCacheSecurityGroupInput{
    77  				CacheSecurityGroupName: aws.String(d.Id()),
    78  			})
    79  			log.Printf("[ERROR] Revert cache security group: %v", err)
    80  		}
    81  	}
    82  
    83  	d.SetId(name)
    84  
    85  	return nil
    86  }
    87  
    88  func resourceAwsElasticacheSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
    89  	conn := meta.(*AWSClient).elasticacheconn
    90  	req := &elasticache.DescribeCacheSecurityGroupsInput{
    91  		CacheSecurityGroupName: aws.String(d.Get("name").(string)),
    92  	}
    93  
    94  	res, err := conn.DescribeCacheSecurityGroups(req)
    95  	if err != nil {
    96  		return err
    97  	}
    98  	if len(res.CacheSecurityGroups) == 0 {
    99  		return fmt.Errorf("Error missing %v", d.Get("name"))
   100  	}
   101  
   102  	var group *elasticache.CacheSecurityGroup
   103  	for _, g := range res.CacheSecurityGroups {
   104  		log.Printf("[DEBUG] CacheSecurityGroupName: %v, id: %v", g.CacheSecurityGroupName, d.Id())
   105  		if *g.CacheSecurityGroupName == d.Id() {
   106  			group = g
   107  		}
   108  	}
   109  	if group == nil {
   110  		return fmt.Errorf("Error retrieving cache security group: %v", res)
   111  	}
   112  
   113  	d.Set("name", group.CacheSecurityGroupName)
   114  	d.Set("description", group.Description)
   115  
   116  	return nil
   117  }
   118  
   119  func resourceAwsElasticacheSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
   120  	conn := meta.(*AWSClient).elasticacheconn
   121  
   122  	log.Printf("[DEBUG] Cache security group delete: %s", d.Id())
   123  
   124  	return resource.Retry(5*time.Minute, func() error {
   125  		_, err := conn.DeleteCacheSecurityGroup(&elasticache.DeleteCacheSecurityGroupInput{
   126  			CacheSecurityGroupName: aws.String(d.Id()),
   127  		})
   128  		if err != nil {
   129  			apierr, ok := err.(awserr.Error)
   130  			if !ok {
   131  				return err
   132  			}
   133  			log.Printf("[DEBUG] APIError.Code: %v", apierr.Code)
   134  			switch apierr.Code() {
   135  			case "InvalidCacheSecurityGroupState":
   136  				return err
   137  			case "DependencyViolation":
   138  				// If it is a dependency violation, we want to retry
   139  				return err
   140  			default:
   141  				return resource.RetryError{Err: err}
   142  			}
   143  		}
   144  		return nil
   145  	})
   146  }