func getDefaultNetworkAcl(vpc_id string, conn *ec2.EC2) (defaultAcl *ec2.NetworkACL, err error) {
	resp, err := conn.DescribeNetworkACLs(&ec2.DescribeNetworkACLsInput{
		Filters: []*ec2.Filter{
			&ec2.Filter{
				Name:   aws.String("default"),
				Values: []*string{aws.String("true")},
			},
			&ec2.Filter{
				Name:   aws.String("vpc-id"),
				Values: []*string{aws.String(vpc_id)},
			},
		},
	})

	if err != nil {
		return nil, err
	}
	return resp.NetworkACLs[0], nil
}
func findNetworkAclAssociation(subnetId string, conn *ec2.EC2) (networkAclAssociation *ec2.NetworkACLAssociation, err error) {
	resp, err := conn.DescribeNetworkACLs(&ec2.DescribeNetworkACLsInput{
		Filters: []*ec2.Filter{
			&ec2.Filter{
				Name:   aws.String("association.subnet-id"),
				Values: []*string{aws.String(subnetId)},
			},
		},
	})

	if err != nil {
		return nil, err
	}
	if resp.NetworkACLs != nil && len(resp.NetworkACLs) > 0 {
		for _, association := range resp.NetworkACLs[0].Associations {
			if *association.SubnetID == subnetId {
				return association, nil
			}
		}
	}
	return nil, fmt.Errorf("could not find association for subnet: %s ", subnetId)
}
Beispiel #3
0
func resourceAwsVpcSetDefaultNetworkAcl(conn *ec2.EC2, d *schema.ResourceData) error {
	filter1 := &ec2.Filter{
		Name:   aws.String("default"),
		Values: []*string{aws.String("true")},
	}
	filter2 := &ec2.Filter{
		Name:   aws.String("vpc-id"),
		Values: []*string{aws.String(d.Id())},
	}
	DescribeNetworkACLOpts := &ec2.DescribeNetworkACLsInput{
		Filters: []*ec2.Filter{filter1, filter2},
	}
	networkAclResp, err := conn.DescribeNetworkACLs(DescribeNetworkACLOpts)

	if err != nil {
		return err
	}
	if v := networkAclResp.NetworkACLs; len(v) > 0 {
		d.Set("default_network_acl_id", v[0].NetworkACLID)
	}

	return nil
}