provider/aws: aws_main_route_table_association
This resource allows an existing Route Table to be assigned as the "main" Route Table of a VPC. This means that the Route Table will be used for any subnets within the VPC without an explicit Route Table assigned [1]. This is particularly useful in getting an Internet Gateway in place as the default for a VPC, since the automatically created Main Route Table does not have one [2]. Note that this resource is an abstraction over an association and does not map directly to a CRUD-able object in AWS. In order to retain a coherent "Delete" operation for this resource, we remember the ID of the AWS-created Route Table and reset the VPC's main Route Table to it when this resource is deleted. refs #843, #748 [1] http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html#RouteTableDetails [2] http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Internet_Gateway.html#Add_IGW_Routing
This commit is contained in:
parent
c18b01fa2a
commit
92335b742a
|
@ -45,26 +45,27 @@ func Provider() terraform.ResourceProvider {
|
|||
},
|
||||
|
||||
ResourcesMap: map[string]*schema.Resource{
|
||||
"aws_autoscaling_group": resourceAwsAutoscalingGroup(),
|
||||
"aws_db_instance": resourceAwsDbInstance(),
|
||||
"aws_db_parameter_group": resourceAwsDbParameterGroup(),
|
||||
"aws_db_security_group": resourceAwsDbSecurityGroup(),
|
||||
"aws_db_subnet_group": resourceAwsDbSubnetGroup(),
|
||||
"aws_eip": resourceAwsEip(),
|
||||
"aws_elb": resourceAwsElb(),
|
||||
"aws_instance": resourceAwsInstance(),
|
||||
"aws_internet_gateway": resourceAwsInternetGateway(),
|
||||
"aws_key_pair": resourceAwsKeyPair(),
|
||||
"aws_launch_configuration": resourceAwsLaunchConfiguration(),
|
||||
"aws_network_acl": resourceAwsNetworkAcl(),
|
||||
"aws_route53_record": resourceAwsRoute53Record(),
|
||||
"aws_route53_zone": resourceAwsRoute53Zone(),
|
||||
"aws_route_table": resourceAwsRouteTable(),
|
||||
"aws_route_table_association": resourceAwsRouteTableAssociation(),
|
||||
"aws_s3_bucket": resourceAwsS3Bucket(),
|
||||
"aws_security_group": resourceAwsSecurityGroup(),
|
||||
"aws_subnet": resourceAwsSubnet(),
|
||||
"aws_vpc": resourceAwsVpc(),
|
||||
"aws_autoscaling_group": resourceAwsAutoscalingGroup(),
|
||||
"aws_db_instance": resourceAwsDbInstance(),
|
||||
"aws_db_parameter_group": resourceAwsDbParameterGroup(),
|
||||
"aws_db_security_group": resourceAwsDbSecurityGroup(),
|
||||
"aws_db_subnet_group": resourceAwsDbSubnetGroup(),
|
||||
"aws_eip": resourceAwsEip(),
|
||||
"aws_elb": resourceAwsElb(),
|
||||
"aws_instance": resourceAwsInstance(),
|
||||
"aws_internet_gateway": resourceAwsInternetGateway(),
|
||||
"aws_key_pair": resourceAwsKeyPair(),
|
||||
"aws_launch_configuration": resourceAwsLaunchConfiguration(),
|
||||
"aws_main_route_table_association": resourceAwsMainRouteTableAssociation(),
|
||||
"aws_network_acl": resourceAwsNetworkAcl(),
|
||||
"aws_route53_record": resourceAwsRoute53Record(),
|
||||
"aws_route53_zone": resourceAwsRoute53Zone(),
|
||||
"aws_route_table": resourceAwsRouteTable(),
|
||||
"aws_route_table_association": resourceAwsRouteTableAssociation(),
|
||||
"aws_s3_bucket": resourceAwsS3Bucket(),
|
||||
"aws_security_group": resourceAwsSecurityGroup(),
|
||||
"aws_subnet": resourceAwsSubnet(),
|
||||
"aws_vpc": resourceAwsVpc(),
|
||||
},
|
||||
|
||||
ConfigureFunc: providerConfigure,
|
||||
|
|
|
@ -0,0 +1,155 @@
|
|||
package aws
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
"github.com/mitchellh/goamz/ec2"
|
||||
)
|
||||
|
||||
func resourceAwsMainRouteTableAssociation() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Create: resourceAwsMainRouteTableAssociationCreate,
|
||||
Read: resourceAwsMainRouteTableAssociationRead,
|
||||
Update: resourceAwsMainRouteTableAssociationUpdate,
|
||||
Delete: resourceAwsMainRouteTableAssociationDelete,
|
||||
|
||||
Schema: map[string]*schema.Schema{
|
||||
"vpc_id": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
},
|
||||
|
||||
"route_table_id": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
},
|
||||
|
||||
// We use this field to record the main route table that is automatically
|
||||
// created when the VPC is created. We need this to be able to "destroy"
|
||||
// our main route table association, which we do by returning this route
|
||||
// table to its original place as the Main Route Table for the VPC.
|
||||
"original_route_table_id": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func resourceAwsMainRouteTableAssociationCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
ec2conn := meta.(*AWSClient).ec2conn
|
||||
vpcId := d.Get("vpc_id").(string)
|
||||
routeTableId := d.Get("route_table_id").(string)
|
||||
|
||||
log.Printf("[INFO] Creating main route table association: %s => %s", vpcId, routeTableId)
|
||||
|
||||
mainAssociation, err := findMainRouteTableAssociation(ec2conn, vpcId)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
resp, err := ec2conn.ReassociateRouteTable(
|
||||
mainAssociation.AssociationId,
|
||||
routeTableId,
|
||||
)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.Set("original_route_table_id", mainAssociation.RouteTableId)
|
||||
d.SetId(resp.AssociationId)
|
||||
log.Printf("[INFO] New main route table association ID: %s", d.Id())
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceAwsMainRouteTableAssociationRead(d *schema.ResourceData, meta interface{}) error {
|
||||
ec2conn := meta.(*AWSClient).ec2conn
|
||||
|
||||
mainAssociation, err := findMainRouteTableAssociation(
|
||||
ec2conn,
|
||||
d.Get("vpc_id").(string))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if mainAssociation.AssociationId != d.Id() {
|
||||
// It seems it doesn't exist anymore, so clear the ID
|
||||
d.SetId("")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Update is almost exactly like Create, except we want to retain the
|
||||
// original_route_table_id - this needs to stay recorded as the AWS-created
|
||||
// table from VPC creation.
|
||||
func resourceAwsMainRouteTableAssociationUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||
ec2conn := meta.(*AWSClient).ec2conn
|
||||
vpcId := d.Get("vpc_id").(string)
|
||||
routeTableId := d.Get("route_table_id").(string)
|
||||
|
||||
log.Printf("[INFO] Updating main route table association: %s => %s", vpcId, routeTableId)
|
||||
|
||||
resp, err := ec2conn.ReassociateRouteTable(d.Id(), routeTableId)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
d.SetId(resp.AssociationId)
|
||||
log.Printf("[INFO] New main route table association ID: %s", d.Id())
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func resourceAwsMainRouteTableAssociationDelete(d *schema.ResourceData, meta interface{}) error {
|
||||
ec2conn := meta.(*AWSClient).ec2conn
|
||||
vpcId := d.Get("vpc_id").(string)
|
||||
originalRouteTableId := d.Get("original_route_table_id").(string)
|
||||
|
||||
log.Printf("[INFO] Deleting main route table association by resetting Main Route Table for VPC: %s to its original Route Table: %s",
|
||||
vpcId,
|
||||
originalRouteTableId)
|
||||
|
||||
resp, err := ec2conn.ReassociateRouteTable(d.Id(), originalRouteTableId)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
log.Printf("[INFO] Resulting Association ID: %s", resp.AssociationId)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func findMainRouteTableAssociation(ec2conn *ec2.EC2, vpcId string) (*ec2.RouteTableAssociation, error) {
|
||||
mainRouteTable, err := findMainRouteTable(ec2conn, vpcId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
for _, a := range mainRouteTable.Associations {
|
||||
if a.Main {
|
||||
return &a, nil
|
||||
}
|
||||
}
|
||||
return nil, fmt.Errorf("Could not find main routing table association for VPC: %s", vpcId)
|
||||
}
|
||||
|
||||
func findMainRouteTable(ec2conn *ec2.EC2, vpcId string) (*ec2.RouteTable, error) {
|
||||
filter := ec2.NewFilter()
|
||||
filter.Add("association.main", "true")
|
||||
filter.Add("vpc-id", vpcId)
|
||||
routeResp, err := ec2conn.DescribeRouteTables(nil, filter)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
} else if len(routeResp.RouteTables) != 1 {
|
||||
return nil, fmt.Errorf(
|
||||
"Expected to find a single main routing table for VPC: %s, but found %d",
|
||||
vpcId,
|
||||
len(routeResp.RouteTables))
|
||||
}
|
||||
|
||||
return &routeResp.RouteTables[0], nil
|
||||
}
|
|
@ -0,0 +1,148 @@
|
|||
package aws
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
)
|
||||
|
||||
func TestAccAWSMainRouteTableAssociation(t *testing.T) {
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckMainRouteTableAssociationDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccMainRouteTableAssociationConfig,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckMainRouteTableAssociation(
|
||||
"aws_main_route_table_association.foo",
|
||||
"aws_vpc.foo",
|
||||
"aws_route_table.foo",
|
||||
),
|
||||
),
|
||||
},
|
||||
resource.TestStep{
|
||||
Config: testAccMainRouteTableAssociationConfigUpdate,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckMainRouteTableAssociation(
|
||||
"aws_main_route_table_association.foo",
|
||||
"aws_vpc.foo",
|
||||
"aws_route_table.bar",
|
||||
),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckMainRouteTableAssociationDestroy(s *terraform.State) error {
|
||||
if len(s.RootModule().Resources) > 0 {
|
||||
return fmt.Errorf("Expected all resources to be gone, but found: %#v", s.RootModule().Resources)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func testAccCheckMainRouteTableAssociation(
|
||||
mainRouteTableAssociationResource string,
|
||||
vpcResource string,
|
||||
routeTableResource string) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
rs, ok := s.RootModule().Resources[mainRouteTableAssociationResource]
|
||||
if !ok {
|
||||
return fmt.Errorf("Not found: %s", mainRouteTableAssociationResource)
|
||||
}
|
||||
|
||||
if rs.Primary.ID == "" {
|
||||
return fmt.Errorf("No ID is set")
|
||||
}
|
||||
|
||||
vpc, ok := s.RootModule().Resources[vpcResource]
|
||||
if !ok {
|
||||
return fmt.Errorf("Not found: %s", vpcResource)
|
||||
}
|
||||
|
||||
conn := testAccProvider.Meta().(*AWSClient).ec2conn
|
||||
mainAssociation, err := findMainRouteTableAssociation(conn, vpc.Primary.ID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if mainAssociation.AssociationId != rs.Primary.ID {
|
||||
return fmt.Errorf("Found wrong main association: %s",
|
||||
mainAssociation.AssociationId)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
const testAccMainRouteTableAssociationConfig = `
|
||||
resource "aws_vpc" "foo" {
|
||||
cidr_block = "10.1.0.0/16"
|
||||
}
|
||||
|
||||
resource "aws_subnet" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
cidr_block = "10.1.1.0/24"
|
||||
}
|
||||
|
||||
resource "aws_internet_gateway" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
}
|
||||
|
||||
resource "aws_route_table" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
route {
|
||||
cidr_block = "10.0.0.0/8"
|
||||
gateway_id = "${aws_internet_gateway.foo.id}"
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_main_route_table_association" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
route_table_id = "${aws_route_table.foo.id}"
|
||||
}
|
||||
`
|
||||
|
||||
const testAccMainRouteTableAssociationConfigUpdate = `
|
||||
resource "aws_vpc" "foo" {
|
||||
cidr_block = "10.1.0.0/16"
|
||||
}
|
||||
|
||||
resource "aws_subnet" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
cidr_block = "10.1.1.0/24"
|
||||
}
|
||||
|
||||
resource "aws_internet_gateway" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
}
|
||||
|
||||
// Need to keep the old route table around when we update the
|
||||
// main_route_table_association, otherwise Terraform will try to destroy the
|
||||
// route table too early, and will fail because it's still the main one
|
||||
resource "aws_route_table" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
route {
|
||||
cidr_block = "10.0.0.0/8"
|
||||
gateway_id = "${aws_internet_gateway.foo.id}"
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_route_table" "bar" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
route {
|
||||
cidr_block = "10.0.0.0/8"
|
||||
gateway_id = "${aws_internet_gateway.foo.id}"
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_main_route_table_association" "foo" {
|
||||
vpc_id = "${aws_vpc.foo.id}"
|
||||
route_table_id = "${aws_route_table.bar.id}"
|
||||
}
|
||||
`
|
Loading…
Reference in New Issue