github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/alicloud/resource_alicloud_security_group.go

github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/alicloud/resource_alicloud_security_group.go (about)

     1  package alicloud
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"github.com/denverdino/aliyungo/common"
     7  	"github.com/denverdino/aliyungo/ecs"
     8  	"github.com/hashicorp/terraform/helper/resource"
     9  
    10  	"github.com/hashicorp/terraform/helper/schema"
    11  	"time"
    12  )
    13  
    14  func resourceAliyunSecurityGroup() *schema.Resource {
    15  	return &schema.Resource{
    16  		Create: resourceAliyunSecurityGroupCreate,
    17  		Read:   resourceAliyunSecurityGroupRead,
    18  		Update: resourceAliyunSecurityGroupUpdate,
    19  		Delete: resourceAliyunSecurityGroupDelete,
    20  
    21  		Schema: map[string]*schema.Schema{
    22  			"name": &schema.Schema{
    23  				Type:         schema.TypeString,
    24  				Optional:     true,
    25  				ValidateFunc: validateSecurityGroupName,
    26  			},
    27  
    28  			"description": &schema.Schema{
    29  				Type:         schema.TypeString,
    30  				Optional:     true,
    31  				ValidateFunc: validateSecurityGroupDescription,
    32  			},
    33  
    34  			"vpc_id": &schema.Schema{
    35  				Type:     schema.TypeString,
    36  				Optional: true,
    37  				ForceNew: true,
    38  			},
    39  		},
    40  	}
    41  }
    42  
    43  func resourceAliyunSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
    44  	conn := meta.(*AliyunClient).ecsconn
    45  
    46  	args, err := buildAliyunSecurityGroupArgs(d, meta)
    47  	if err != nil {
    48  		return err
    49  	}
    50  
    51  	securityGroupID, err := conn.CreateSecurityGroup(args)
    52  	if err != nil {
    53  		return err
    54  	}
    55  
    56  	d.SetId(securityGroupID)
    57  
    58  	return resourceAliyunSecurityGroupRead(d, meta)
    59  }
    60  
    61  func resourceAliyunSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
    62  	conn := meta.(*AliyunClient).ecsconn
    63  
    64  	args := &ecs.DescribeSecurityGroupAttributeArgs{
    65  		SecurityGroupId: d.Id(),
    66  		RegionId:        getRegion(d, meta),
    67  	}
    68  
    69  	sg, err := conn.DescribeSecurityGroupAttribute(args)
    70  	if err != nil {
    71  		if notFoundError(err) {
    72  			d.SetId("")
    73  			return nil
    74  		}
    75  		return fmt.Errorf("Error DescribeSecurityGroupAttribute: %#v", err)
    76  	}
    77  
    78  	d.Set("name", sg.SecurityGroupName)
    79  	d.Set("description", sg.Description)
    80  
    81  	return nil
    82  }
    83  
    84  func resourceAliyunSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {
    85  
    86  	conn := meta.(*AliyunClient).ecsconn
    87  
    88  	d.Partial(true)
    89  	attributeUpdate := false
    90  	args := &ecs.ModifySecurityGroupAttributeArgs{
    91  		SecurityGroupId: d.Id(),
    92  		RegionId:        getRegion(d, meta),
    93  	}
    94  
    95  	if d.HasChange("name") {
    96  		d.SetPartial("name")
    97  		args.SecurityGroupName = d.Get("name").(string)
    98  
    99  		attributeUpdate = true
   100  	}
   101  
   102  	if d.HasChange("description") {
   103  		d.SetPartial("description")
   104  		args.Description = d.Get("description").(string)
   105  
   106  		attributeUpdate = true
   107  	}
   108  	if attributeUpdate {
   109  		if err := conn.ModifySecurityGroupAttribute(args); err != nil {
   110  			return err
   111  		}
   112  	}
   113  
   114  	return nil
   115  }
   116  
   117  func resourceAliyunSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
   118  
   119  	conn := meta.(*AliyunClient).ecsconn
   120  
   121  	return resource.Retry(5*time.Minute, func() *resource.RetryError {
   122  		err := conn.DeleteSecurityGroup(getRegion(d, meta), d.Id())
   123  
   124  		if err != nil {
   125  			e, _ := err.(*common.Error)
   126  			if e.ErrorResponse.Code == SgDependencyViolation {
   127  				return resource.RetryableError(fmt.Errorf("Security group in use - trying again while it is deleted."))
   128  			}
   129  		}
   130  
   131  		sg, err := conn.DescribeSecurityGroupAttribute(&ecs.DescribeSecurityGroupAttributeArgs{
   132  			RegionId:        getRegion(d, meta),
   133  			SecurityGroupId: d.Id(),
   134  		})
   135  
   136  		if err != nil {
   137  			e, _ := err.(*common.Error)
   138  			if e.ErrorResponse.Code == InvalidSecurityGroupIdNotFound {
   139  				return nil
   140  			}
   141  			return resource.NonRetryableError(err)
   142  		} else if sg == nil {
   143  			return nil
   144  		}
   145  
   146  		return resource.RetryableError(fmt.Errorf("Security group in use - trying again while it is deleted."))
   147  	})
   148  }
   149  
   150  func buildAliyunSecurityGroupArgs(d *schema.ResourceData, meta interface{}) (*ecs.CreateSecurityGroupArgs, error) {
   151  
   152  	args := &ecs.CreateSecurityGroupArgs{
   153  		RegionId: getRegion(d, meta),
   154  	}
   155  
   156  	if v := d.Get("name").(string); v != "" {
   157  		args.SecurityGroupName = v
   158  	}
   159  
   160  	if v := d.Get("description").(string); v != "" {
   161  		args.Description = v
   162  	}
   163  
   164  	if v := d.Get("vpc_id").(string); v != "" {
   165  		args.VpcId = v
   166  	}
   167  
   168  	return args, nil
   169  }