github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/alicloud/resource_alicloud_security_group.go (about) 1 package alicloud 2 3 import ( 4 "fmt" 5 6 "github.com/denverdino/aliyungo/common" 7 "github.com/denverdino/aliyungo/ecs" 8 "github.com/hashicorp/terraform/helper/resource" 9 10 "github.com/hashicorp/terraform/helper/schema" 11 "time" 12 ) 13 14 func resourceAliyunSecurityGroup() *schema.Resource { 15 return &schema.Resource{ 16 Create: resourceAliyunSecurityGroupCreate, 17 Read: resourceAliyunSecurityGroupRead, 18 Update: resourceAliyunSecurityGroupUpdate, 19 Delete: resourceAliyunSecurityGroupDelete, 20 21 Schema: map[string]*schema.Schema{ 22 "name": &schema.Schema{ 23 Type: schema.TypeString, 24 Optional: true, 25 ValidateFunc: validateSecurityGroupName, 26 }, 27 28 "description": &schema.Schema{ 29 Type: schema.TypeString, 30 Optional: true, 31 ValidateFunc: validateSecurityGroupDescription, 32 }, 33 34 "vpc_id": &schema.Schema{ 35 Type: schema.TypeString, 36 Optional: true, 37 ForceNew: true, 38 }, 39 }, 40 } 41 } 42 43 func resourceAliyunSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error { 44 conn := meta.(*AliyunClient).ecsconn 45 46 args, err := buildAliyunSecurityGroupArgs(d, meta) 47 if err != nil { 48 return err 49 } 50 51 securityGroupID, err := conn.CreateSecurityGroup(args) 52 if err != nil { 53 return err 54 } 55 56 d.SetId(securityGroupID) 57 58 return resourceAliyunSecurityGroupRead(d, meta) 59 } 60 61 func resourceAliyunSecurityGroupRead(d *schema.ResourceData, meta interface{}) error { 62 conn := meta.(*AliyunClient).ecsconn 63 64 args := &ecs.DescribeSecurityGroupAttributeArgs{ 65 SecurityGroupId: d.Id(), 66 RegionId: getRegion(d, meta), 67 } 68 69 sg, err := conn.DescribeSecurityGroupAttribute(args) 70 if err != nil { 71 if notFoundError(err) { 72 d.SetId("") 73 return nil 74 } 75 return fmt.Errorf("Error DescribeSecurityGroupAttribute: %#v", err) 76 } 77 78 d.Set("name", sg.SecurityGroupName) 79 d.Set("description", sg.Description) 80 81 return nil 82 } 83 84 func resourceAliyunSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error { 85 86 conn := meta.(*AliyunClient).ecsconn 87 88 d.Partial(true) 89 attributeUpdate := false 90 args := &ecs.ModifySecurityGroupAttributeArgs{ 91 SecurityGroupId: d.Id(), 92 RegionId: getRegion(d, meta), 93 } 94 95 if d.HasChange("name") { 96 d.SetPartial("name") 97 args.SecurityGroupName = d.Get("name").(string) 98 99 attributeUpdate = true 100 } 101 102 if d.HasChange("description") { 103 d.SetPartial("description") 104 args.Description = d.Get("description").(string) 105 106 attributeUpdate = true 107 } 108 if attributeUpdate { 109 if err := conn.ModifySecurityGroupAttribute(args); err != nil { 110 return err 111 } 112 } 113 114 return nil 115 } 116 117 func resourceAliyunSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error { 118 119 conn := meta.(*AliyunClient).ecsconn 120 121 return resource.Retry(5*time.Minute, func() *resource.RetryError { 122 err := conn.DeleteSecurityGroup(getRegion(d, meta), d.Id()) 123 124 if err != nil { 125 e, _ := err.(*common.Error) 126 if e.ErrorResponse.Code == SgDependencyViolation { 127 return resource.RetryableError(fmt.Errorf("Security group in use - trying again while it is deleted.")) 128 } 129 } 130 131 sg, err := conn.DescribeSecurityGroupAttribute(&ecs.DescribeSecurityGroupAttributeArgs{ 132 RegionId: getRegion(d, meta), 133 SecurityGroupId: d.Id(), 134 }) 135 136 if err != nil { 137 e, _ := err.(*common.Error) 138 if e.ErrorResponse.Code == InvalidSecurityGroupIdNotFound { 139 return nil 140 } 141 return resource.NonRetryableError(err) 142 } else if sg == nil { 143 return nil 144 } 145 146 return resource.RetryableError(fmt.Errorf("Security group in use - trying again while it is deleted.")) 147 }) 148 } 149 150 func buildAliyunSecurityGroupArgs(d *schema.ResourceData, meta interface{}) (*ecs.CreateSecurityGroupArgs, error) { 151 152 args := &ecs.CreateSecurityGroupArgs{ 153 RegionId: getRegion(d, meta), 154 } 155 156 if v := d.Get("name").(string); v != "" { 157 args.SecurityGroupName = v 158 } 159 160 if v := d.Get("description").(string); v != "" { 161 args.Description = v 162 } 163 164 if v := d.Get("vpc_id").(string); v != "" { 165 args.VpcId = v 166 } 167 168 return args, nil 169 }