From 67c9538c942327bf43cd60ceccba11bdaeae0092 Mon Sep 17 00:00:00 2001 From: Kash Date: Thu, 26 Apr 2018 09:05:29 -0400 Subject: [PATCH] set security groups in network interfaces --- aws/resource_aws_launch_template.go | 18 +++++++++++++++++- aws/resource_aws_launch_template_test.go | 2 ++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_launch_template.go b/aws/resource_aws_launch_template.go index bed22574eab..8f802a45b1f 100644 --- a/aws/resource_aws_launch_template.go +++ b/aws/resource_aws_launch_template.go @@ -702,7 +702,17 @@ func getNetworkInterfaces(n []*ec2.LaunchTemplateInstanceNetworkInterfaceSpecifi } if len(v.Groups) > 0 { - networkInterface["security_groups"] = aws.StringValueSlice(v.Groups) + raw, ok := networkInterface["security_groups"] + if !ok { + raw = schema.NewSet(schema.HashString, nil) + } + list := raw.(*schema.Set) + + for _, group := range v.Groups { + list.Add(aws.StringValue(group)) + } + + networkInterface["security_groups"] = list } s = append(s, networkInterface) @@ -969,6 +979,12 @@ func readNetworkInterfacesFromConfig(ni map[string]interface{}) *ec2.LaunchTempl networkInterface.SubnetId = aws.String(v) } + if v := ni["security_groups"].(*schema.Set); v.Len() > 0 { + for _, v := range v.List() { + networkInterface.Groups = append(networkInterface.Groups, aws.String(v.(string))) + } + } + ipv6AddressList := ni["ipv6_addresses"].(*schema.Set).List() for _, address := range ipv6AddressList { ipv6Addresses = append(ipv6Addresses, &ec2.InstanceIpv6AddressRequest{ diff --git a/aws/resource_aws_launch_template_test.go b/aws/resource_aws_launch_template_test.go index 762b487c4cf..8e1ec46852c 100644 --- a/aws/resource_aws_launch_template_test.go +++ b/aws/resource_aws_launch_template_test.go @@ -90,6 +90,7 @@ func TestAccAWSLaunchTemplate_data(t *testing.T) { resource.TestCheckResourceAttrSet(resName, "key_name"), resource.TestCheckResourceAttr(resName, "monitoring.#", "1"), resource.TestCheckResourceAttr(resName, "network_interfaces.#", "1"), + resource.TestCheckResourceAttr(resName, "network_interfaces.0.security_groups.#", "1"), resource.TestCheckResourceAttr(resName, "placement.#", "1"), resource.TestCheckResourceAttrSet(resName, "ram_disk_id"), resource.TestCheckResourceAttr(resName, "vpc_security_group_ids.#", "1"), @@ -275,6 +276,7 @@ resource "aws_launch_template" "foo" { network_interfaces { associate_public_ip_address = true network_interface_id = "eni-123456ab" + security_groups = ["sg-1a23bc45"] } placement {