Skip to content

Commit

Permalink
provider/aws: Avoid dropping a security group from state on AWS consi…
Browse files Browse the repository at this point in the history
…stency issues

It appears, based on the report in hashicorp#6991, that the EC2 API is being
inconsistent in reporting that a security group exists shortly after it
has been created; we've seen Terraform get past the "Waiting for
Security Group to exist" step but then apparently detect that it's gone
again once we get into the Update function.
  • Loading branch information
carlossg committed Jan 23, 2017
1 parent 084bad3 commit 59176c0
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions builtin/providers/aws/resource_aws_security_group.go
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,7 @@ func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) er

}

return resourceAwsSecurityGroupUpdate(d, meta)
return resourceAwsSecurityGroupUpdateExisting(group, d, meta)
}

func resourceAwsSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
Expand Down Expand Up @@ -329,10 +329,12 @@ func resourceAwsSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) er
d.SetId("")
return nil
}

group := sgRaw.(*ec2.SecurityGroup)
return resourceAwsSecurityGroupUpdateExisting(group, d, meta)
}

err = resourceAwsSecurityGroupUpdateRules(d, "ingress", meta, group)
func resourceAwsSecurityGroupUpdateExisting(group *ec2.SecurityGroup, d *schema.ResourceData, meta interface{}) error {
err := resourceAwsSecurityGroupUpdateRules(d, "ingress", meta, group)
if err != nil {
return err
}
Expand All @@ -345,6 +347,7 @@ func resourceAwsSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) er
}

if !d.IsNewResource() {
conn := meta.(*AWSClient).ec2conn
if err := setTags(conn, d); err != nil {
return err
}
Expand Down

0 comments on commit 59176c0

Please sign in to comment.