resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit from @BSick7: 

Implementing vpc_peering_connection_accept.

Additions from @ewbankkit:
Rename 'aws_vpc_peering_connection_accept' to 'aws_vpc_peering_connection_accepter'.
Get it working reusing functionality from 'aws_vpc_peering_connection' resource.
This commit is contained in:
Brad Sickles 2016-05-23 18:24:28 -04:00 committed by Kit Ewbank
parent dd6d025dbb
commit ea642dd1ee
6 changed files with 219 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
builtin/providers/aws/provider.go
View File

@ -385,20 +385,21 @@ func Provider() terraform.ResourceProvider {
"aws_vpc_dhcp_options_association": resourceAwsVpcDhcpOptionsAssociation(),
"aws_vpc_dhcp_options": resourceAwsVpcDhcpOptions(),
"aws_vpc_peering_connection": resourceAwsVpcPeeringConnection(),
"aws_vpc": resourceAwsVpc(),
"aws_vpc_endpoint": resourceAwsVpcEndpoint(),
"aws_vpc_endpoint_route_table_association": resourceAwsVpcEndpointRouteTableAssociation(),
"aws_vpn_connection": resourceAwsVpnConnection(),
"aws_vpn_connection_route": resourceAwsVpnConnectionRoute(),
"aws_vpn_gateway": resourceAwsVpnGateway(),
"aws_vpn_gateway_attachment": resourceAwsVpnGatewayAttachment(),
"aws_waf_byte_match_set": resourceAwsWafByteMatchSet(),
"aws_waf_ipset": resourceAwsWafIPSet(),
"aws_waf_rule": resourceAwsWafRule(),
"aws_waf_size_constraint_set": resourceAwsWafSizeConstraintSet(),
"aws_waf_web_acl": resourceAwsWafWebAcl(),
"aws_waf_xss_match_set": resourceAwsWafXssMatchSet(),
"aws_waf_sql_injection_match_set": resourceAwsWafSqlInjectionMatchSet(),
"aws_vpc_peering_connection_accepter": resourceAwsVpcPeeringConnectionAccepter(),
"aws_vpc": resourceAwsVpc(),
"aws_vpc_endpoint": resourceAwsVpcEndpoint(),
"aws_vpc_endpoint_route_table_association": resourceAwsVpcEndpointRouteTableAssociation(),
"aws_vpn_connection": resourceAwsVpnConnection(),
"aws_vpn_connection_route": resourceAwsVpnConnectionRoute(),
"aws_vpn_gateway": resourceAwsVpnGateway(),
"aws_vpn_gateway_attachment": resourceAwsVpnGatewayAttachment(),
"aws_waf_byte_match_set": resourceAwsWafByteMatchSet(),
"aws_waf_ipset": resourceAwsWafIPSet(),
"aws_waf_rule": resourceAwsWafRule(),
"aws_waf_size_constraint_set": resourceAwsWafSizeConstraintSet(),
"aws_waf_web_acl": resourceAwsWafWebAcl(),
"aws_waf_xss_match_set": resourceAwsWafXssMatchSet(),
"aws_waf_sql_injection_match_set": resourceAwsWafSqlInjectionMatchSet(),
},
ConfigureFunc: providerConfigure,
}

69
builtin/providers/aws/resource_aws_vpc_peering_connection_accepter.go Normal file
View File

@ -0,0 +1,69 @@
package aws
import (
"errors"
"log"
"github.com/hashicorp/terraform/helper/schema"
)
func resourceAwsVpcPeeringConnectionAccepter() *schema.Resource {
return &schema.Resource{
Create: resourceAwsVPCPeeringAccepterCreate,
Read: resourceAwsVPCPeeringRead,
Update: resourceAwsVPCPeeringUpdate,
Delete: resourceAwsVPCPeeringAccepterDelete,
Schema: map[string]*schema.Schema{
"vpc_peering_connection_id": &schema.Schema{
Type: schema.TypeString,
Required: true,
ForceNew: true,
Computed: false,
},
"auto_accept": {
Type: schema.TypeBool,
Optional: true,
},
"accept_status": {
Type: schema.TypeString,
Computed: true,
},
"vpc_id": {
Type: schema.TypeString,
Computed: true,
},
"peer_vpc_id": {
Type: schema.TypeString,
Computed: true,
},
"peer_owner_id": {
Type: schema.TypeString,
Computed: true,
},
"accepter": vpcPeeringConnectionOptionsSchema(),
"requester": vpcPeeringConnectionOptionsSchema(),
"tags": tagsSchema(),
},
}
}
func resourceAwsVPCPeeringAccepterCreate(d *schema.ResourceData, meta interface{}) error {
d.SetId(d.Get("vpc_peering_connection_id").(string))
if err := resourceAwsVPCPeeringUpdate(d, meta); err != nil {
return err
}
// Ensure that this IS as cross-account VPC peering connection.
if d.Get("peer_owner_id").(string) == meta.(*AWSClient).accountid {
return errors.New("aws_vpc_peering_connection_accepter can only adopt into management cross-account VPC peering connections")
}
return nil
}
func resourceAwsVPCPeeringAccepterDelete(d *schema.ResourceData, meta interface{}) error {
log.Printf("[WARN] Will not delete VPC peering connection. Terraform will remove this resource from the state file, however resources may remain.")
d.SetId("")
return nil
}

33
builtin/providers/aws/resource_aws_vpc_peering_connection_accepter_test.go Normal file
View File

@ -0,0 +1,33 @@
// make testacc TEST=./builtin/providers/aws/ TESTARGS='-run=TestAccAwsVPCPeeringConnectionAccepter_'
package aws
import (
"testing"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAwsVPCPeeringConnectionAccepter_basic(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testAccAwsVPCPeeringConnectionAccepterConfig,
Check: resource.ComposeTestCheckFunc(
testAccAwsVPCPeeringConnectionAccepterCheckSomething(""),
),
},
},
})
}
func testAccAwsVPCPeeringConnectionAccepterCheckSomething(name string) resource.TestCheckFunc {
return func(s *terraform.State) error {
return nil
}
}
const testAccAwsVPCPeeringConnectionAccepterConfig = `
`

4
website/source/docs/providers/aws/r/vpc_peering.html.markdown
View File

@ -3,12 +3,12 @@ layout: "aws"
page_title: "AWS: aws_vpc_peering_connection"
sidebar_current: "docs-aws-resource-vpc-peering"
description: |-
Provides an VPC Peering Connection resource.
Provides a VPC Peering Connection resource.
---
# aws\_vpc\_peering\_connection
Provides an VPC Peering Connection resource.
Provides a VPC Peering Connection resource.
## Example Usage

96
website/source/docs/providers/aws/r/vpc_peering_accepter.html.markdown Normal file
View File

@ -0,0 +1,96 @@
---
layout: "aws"
page_title: "AWS: aws_vpc_peering_connection_accepter"
sidebar_current: "docs-aws-resource-vpc-peering-accepter"
description: |-
Manage the accepter's side of a cross-account VPC peering connection.
---
# aws\_vpc\_peering\_connection\_accepter
Provides a resource to manage the accepter's side of a cross-account VPC peering connection.
When a cross-account (requester's AWS account differs from the accepter's) VPC peering connection is created,
a VPC peering connection resource is automatically created in the accepter's account. The requester can use
the `aws_vpc_peering_connection` resource to manage its side of the connection and the accepter can use the
`aws_vpc_peering_connection_accepter` resource to "adopt" its side of the connection into management.
## Example Usage
```
provider "aws" {
// Requester's credentials.
}
provider "aws" {
alias = "peer"
// Accepter's credentials.
}
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
}
resource "aws_vpc" "peer" {
provider = "aws.peer"
cidr_block = "10.1.0.0/16"
}
data "aws_caller_identity" "peer" {
provider = "aws.peer"
}
// Requester's side of the connection.
resource "aws_vpc_peering_connection" "peer" {
vpc_id = "${aws_vpc.main.id}"
peer_vpc_id = "${aws_vpc.peer.id}"
peer_owner_id = "${data.aws_caller_identity.peer.account_id}"
auto_accept = false
tags {
Side = "Requester"
}
}
// Accepter's side of the connection.
resource "aws_vpc_peering_connection_accepter" "peer" {
provider = "aws.peer"
vpc_peering_connection_id = "${aws_vpc_peering_connection.peer.id}"
auto_accept = true
tags {
Side = "Accepter"
}
}
```
## Argument Reference
The following arguments are supported:
* `vpc_peering_connection_id` - (Required) The VPC Peering Connection ID to manage.
* `auto_accept` - (Optional) Whether or not to accept the peering request. Defaults to `false`.
* `tags` - (Optional) A mapping of tags to assign to the resource.
## Attributes Reference
All of the argument attributes except `auto_accept` are also exported as result attributes.
* `id` - The ID of the VPC Peering Connection.
* `accept_status` - The status of the VPC Peering Connection request.
* `vpc_id` - The ID of the accepter VPC.
* `peer_vpc_id` - The ID of the requester VPC.
* `peer_owner_id` - The AWS account ID of the owner of the requester VPC.
* `accepter` - A configuration block that describes [VPC Peering Connection]
(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options set for the accepter VPC.
* `requester` - A configuration block that describes [VPC Peering Connection]
(http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide) options set for the requester VPC.
#### Accepter and Requester Attributes Reference
* `allow_remote_vpc_dns_resolution` - Indicates whether a local VPC can resolve public DNS hostnames to
private IP addresses when queried from instances in a peer VPC.
* `allow_classic_link_to_remote_vpc` - Indicates whether a local ClassicLink connection can communicate
with the peer VPC over the VPC peering connection.
* `allow_vpc_to_remote_classic_link` - Indicates whether a local VPC can communicate with a ClassicLink
connection in the peer VPC over the VPC peering connection.

4
website/source/layouts/aws.erb
View File

@ -1172,6 +1172,10 @@
<a href="/docs/providers/aws/r/vpc_peering.html">aws_vpc_peering_connection</a>
</li>
<li<%= sidebar_current("docs-aws-resource-vpc-peering-accepter") %>>
<a href="/docs/providers/aws/r/vpc_peering_accepter.html">aws_vpc_peering_connection_accepter</a>
</li>
<li<%= sidebar_current("docs-aws-resource-vpn-connection") %>>
<a href="/docs/providers/aws/r/vpn_connection.html">aws_vpn_connection</a>
</li>