From ed31588b8428f83f352a88f5d2e0f68d4a7ad20f Mon Sep 17 00:00:00 2001
From: Guillaume Giamarchi <guillaume.giamarchi@gmail.com>
Date: Wed, 18 Feb 2015 01:01:46 +0100
Subject: [PATCH] Unassociate firewall rule from policy before delete

---
 .../openstack/resource_openstack_fw_rule_v2.go     | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/builtin/providers/openstack/resource_openstack_fw_rule_v2.go b/builtin/providers/openstack/resource_openstack_fw_rule_v2.go
index f3aacf510..4a50303e1 100644
--- a/builtin/providers/openstack/resource_openstack_fw_rule_v2.go
+++ b/builtin/providers/openstack/resource_openstack_fw_rule_v2.go
@@ -6,6 +6,7 @@ import (
 
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/rackspace/gophercloud"
+	"github.com/rackspace/gophercloud/openstack/networking/v2/extensions/fwaas/policies"
 	"github.com/rackspace/gophercloud/openstack/networking/v2/extensions/fwaas/rules"
 )
 
@@ -208,5 +209,18 @@ func resourceFirewallRuleDelete(d *schema.ResourceData, meta interface{}) error
 	if err != nil {
 		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
 	}
+
+	rule, err := rules.Get(networkingClient, d.Id()).Extract()
+	if err != nil {
+		return err
+	}
+
+	if rule.PolicyID != "" {
+		err := policies.RemoveRule(networkingClient, rule.PolicyID, rule.ID)
+		if err != nil {
+			return err
+		}
+	}
+
 	return rules.Delete(networkingClient, d.Id()).Err
 }