// resourceAwsLambdaEventSourceMappingUpdate maps to:
// UpdateEventSourceMapping in the API / SDK
func resourceAwsLambdaEventSourceMappingUpdate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).lambdaconn
log.Printf("[DEBUG] Updating Lambda event source mapping: %s", d.Id())
params := &lambda.UpdateEventSourceMappingInput{
UUID: aws.String(d.Id()),
BatchSize: aws.Int64(int64(d.Get("batch_size").(int))),
FunctionName: aws.String(d.Get("function_name").(string)),
Enabled: aws.Bool(d.Get("enabled").(bool)),
}
err := resource.Retry(1*time.Minute, func() *resource.RetryError {
_, err := conn.UpdateEventSourceMapping(params)
if err != nil {
if awserr, ok := err.(awserr.Error); ok {
if awserr.Code() == "InvalidParameterValueException" {
return resource.RetryableError(awserr)
}
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("Error updating Lambda event source mapping: %s", err)
}
return resourceAwsLambdaEventSourceMappingRead(d, meta)
}
func resourceAwsSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
log.Printf("[DEBUG] Security Group destroy: %v", d.Id())
return resource.Retry(5*time.Minute, func() *resource.RetryError {
_, err := conn.DeleteSecurityGroup(&ec2.DeleteSecurityGroupInput{
GroupId: aws.String(d.Id()),
})
if err != nil {
ec2err, ok := err.(awserr.Error)
if !ok {
return resource.RetryableError(err)
}
switch ec2err.Code() {
case "InvalidGroup.NotFound":
return nil
case "DependencyViolation":
// If it is a dependency violation, we want to retry
return resource.RetryableError(err)
default:
// Any other error, we want to quit the retry loop immediately
return resource.NonRetryableError(err)
}
}
return nil
})
}
func resourceVcdNetworkDelete(d *schema.ResourceData, meta interface{}) error {
vcdClient := meta.(*VCDClient)
vcdClient.Mutex.Lock()
defer vcdClient.Mutex.Unlock()
err := vcdClient.OrgVdc.Refresh()
if err != nil {
return fmt.Errorf("Error refreshing vdc: %#v", err)
}
network, err := vcdClient.OrgVdc.FindVDCNetwork(d.Id())
if err != nil {
return fmt.Errorf("Error finding network: %#v", err)
}
err = retryCall(vcdClient.MaxRetryTimeout, func() *resource.RetryError {
task, err := network.Delete()
if err != nil {
return resource.RetryableError(
fmt.Errorf("Error Deleting Network: %#v", err))
}
return resource.RetryableError(task.WaitTaskCompletion())
})
if err != nil {
return err
}
return nil
}
func resourceVcdSNATDelete(d *schema.ResourceData, meta interface{}) error {
vcdClient := meta.(*VCDClient)
// Multiple VCD components need to run operations on the Edge Gateway, as
// the edge gatway will throw back an error if it is already performing an
// operation we must wait until we can aquire a lock on the client
vcdClient.Mutex.Lock()
defer vcdClient.Mutex.Unlock()
edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err)
}
err = retryCall(vcdClient.MaxRetryTimeout, func() *resource.RetryError {
task, err := edgeGateway.RemoveNATMapping("SNAT", d.Get("internal_ip").(string),
d.Get("external_ip").(string),
"")
if err != nil {
return resource.RetryableError(fmt.Errorf("Error setting SNAT rules: %#v", err))
}
return resource.RetryableError(task.WaitTaskCompletion())
})
if err != nil {
return err
}
return nil
}
func resourceVcdSNATCreate(d *schema.ResourceData, meta interface{}) error {
vcdClient := meta.(*VCDClient)
// Multiple VCD components need to run operations on the Edge Gateway, as
// the edge gatway will throw back an error if it is already performing an
// operation we must wait until we can aquire a lock on the client
vcdClient.Mutex.Lock()
defer vcdClient.Mutex.Unlock()
// Creating a loop to offer further protection from the edge gateway erroring
// due to being busy eg another person is using another client so wouldn't be
// constrained by out lock. If the edge gateway reurns with a busy error, wait
// 3 seconds and then try again. Continue until a non-busy error or success
edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil {
return fmt.Errorf("Unable to find edge gateway: %#v", err)
}
err = retryCall(vcdClient.MaxRetryTimeout, func() *resource.RetryError {
task, err := edgeGateway.AddNATMapping("SNAT", d.Get("internal_ip").(string),
d.Get("external_ip").(string),
"any")
if err != nil {
return resource.RetryableError(fmt.Errorf("Error setting SNAT rules: %#v", err))
}
return resource.RetryableError(task.WaitTaskCompletion())
})
if err != nil {
return err
}
d.SetId(d.Get("internal_ip").(string))
return nil
}
func resourceAwsElasticacheSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).elasticacheconn
log.Printf("[DEBUG] Cache security group delete: %s", d.Id())
return resource.Retry(5*time.Minute, func() *resource.RetryError {
_, err := conn.DeleteCacheSecurityGroup(&elasticache.DeleteCacheSecurityGroupInput{
CacheSecurityGroupName: aws.String(d.Id()),
})
if err != nil {
apierr, ok := err.(awserr.Error)
if !ok {
return resource.RetryableError(err)
}
log.Printf("[DEBUG] APIError.Code: %v", apierr.Code())
switch apierr.Code() {
case "InvalidCacheSecurityGroupState":
return resource.RetryableError(err)
case "DependencyViolation":
// If it is a dependency violation, we want to retry
return resource.RetryableError(err)
default:
return resource.NonRetryableError(err)
}
}
return nil
})
}
func resourceAwsVpnGatewayDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
// Detach if it is attached
if err := resourceAwsVpnGatewayDetach(d, meta); err != nil {
return err
}
log.Printf("[INFO] Deleting VPN gateway: %s", d.Id())
return resource.Retry(5*time.Minute, func() *resource.RetryError {
_, err := conn.DeleteVpnGateway(&ec2.DeleteVpnGatewayInput{
VpnGatewayId: aws.String(d.Id()),
})
if err == nil {
return nil
}
ec2err, ok := err.(awserr.Error)
if !ok {
return resource.RetryableError(err)
}
switch ec2err.Code() {
case "InvalidVpnGatewayID.NotFound":
return nil
case "IncorrectState":
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
})
}
func resourceAwsAutoscalingGroupDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).autoscalingconn
// Read the autoscaling group first. If it doesn't exist, we're done.
// We need the group in order to check if there are instances attached.
// If so, we need to remove those first.
g, err := getAwsAutoscalingGroup(d.Id(), conn)
if err != nil {
return err
}
if g == nil {
log.Printf("[INFO] Autoscaling Group %q not found", d.Id())
d.SetId("")
return nil
}
if len(g.Instances) > 0 || *g.DesiredCapacity > 0 {
if err := resourceAwsAutoscalingGroupDrain(d, meta); err != nil {
return err
}
}
log.Printf("[DEBUG] AutoScaling Group destroy: %v", d.Id())
deleteopts := autoscaling.DeleteAutoScalingGroupInput{
AutoScalingGroupName: aws.String(d.Id()),
ForceDelete: aws.Bool(d.Get("force_delete").(bool)),
}
// We retry the delete operation to handle InUse/InProgress errors coming
// from scaling operations. We should be able to sneak in a delete in between
// scaling operations within 5m.
err = resource.Retry(5*time.Minute, func() *resource.RetryError {
if _, err := conn.DeleteAutoScalingGroup(&deleteopts); err != nil {
if awserr, ok := err.(awserr.Error); ok {
switch awserr.Code() {
case "InvalidGroup.NotFound":
// Already gone? Sure!
return nil
case "ResourceInUse", "ScalingActivityInProgress":
// These are retryable
return resource.RetryableError(awserr)
}
}
// Didn't recognize the error, so shouldn't retry.
return resource.NonRetryableError(err)
}
// Successful delete
return nil
})
if err != nil {
return err
}
return resource.Retry(5*time.Minute, func() *resource.RetryError {
if g, _ = getAwsAutoscalingGroup(d.Id(), conn); g != nil {
return resource.RetryableError(
fmt.Errorf("Auto Scaling Group still exists"))
}
return nil
})
}
func resourceVcdVAppDelete(d *schema.ResourceData, meta interface{}) error {
vcdClient := meta.(*VCDClient)
vapp, err := vcdClient.OrgVdc.FindVAppByName(d.Id())
if err != nil {
return fmt.Errorf("error finding vapp: %s", err)
}
if err != nil {
return fmt.Errorf("Error getting VApp status: %#v", err)
}
_ = retryCall(vcdClient.MaxRetryTimeout, func() *resource.RetryError {
task, err := vapp.Undeploy()
if err != nil {
return resource.RetryableError(fmt.Errorf("Error undeploying: %#v", err))
}
return resource.RetryableError(task.WaitTaskCompletion())
})
err = retryCall(vcdClient.MaxRetryTimeout, func() *resource.RetryError {
task, err := vapp.Delete()
if err != nil {
return resource.RetryableError(fmt.Errorf("Error deleting: %#v", err))
}
return resource.RetryableError(task.WaitTaskCompletion())
})
return err
}
// deleteRunningServer terminates the server and waits until it is removed.
func deleteRunningServer(scaleway *api.ScalewayAPI, server *api.ScalewayServer) error {
err := scaleway.PostServerAction(server.Identifier, "terminate")
if err != nil {
if serr, ok := err.(api.ScalewayAPIError); ok {
if serr.StatusCode == 404 {
return nil
}
}
return err
}
return resource.Retry(20*time.Minute, func() *resource.RetryError {
_, err := scaleway.GetServer(server.Identifier)
if err == nil {
return resource.RetryableError(fmt.Errorf("Waiting for server %q to be deleted", server.Identifier))
}
if serr, ok := err.(api.ScalewayAPIError); ok {
if serr.StatusCode == 404 {
return nil
}
}
return resource.RetryableError(err)
})
}
func resourceVcdFirewallRulesCreate(d *schema.ResourceData, meta interface{}) error {
vcdClient := meta.(*VCDClient)
vcdClient.Mutex.Lock()
defer vcdClient.Mutex.Unlock()
edgeGateway, err := vcdClient.OrgVdc.FindEdgeGateway(d.Get("edge_gateway").(string))
if err != nil {
return fmt.Errorf("Unable to find edge gateway: %s", err)
}
err = retryCall(vcdClient.MaxRetryTimeout, func() *resource.RetryError {
edgeGateway.Refresh()
firewallRules, _ := expandFirewallRules(d, edgeGateway.EdgeGateway)
task, err := edgeGateway.CreateFirewallRules(d.Get("default_action").(string), firewallRules)
if err != nil {
log.Printf("[INFO] Error setting firewall rules: %s", err)
return resource.RetryableError(
fmt.Errorf("Error setting firewall rules: %#v", err))
}
return resource.RetryableError(task.WaitTaskCompletion())
})
if err != nil {
return fmt.Errorf("Error completing tasks: %#v", err)
}
d.SetId(d.Get("edge_gateway").(string))
return resourceFirewallRulesRead(d, meta)
}
func subscribeToSNSTopic(d *schema.ResourceData, snsconn *sns.SNS) (output *sns.SubscribeOutput, err error) {
protocol := d.Get("protocol").(string)
endpoint := d.Get("endpoint").(string)
topic_arn := d.Get("topic_arn").(string)
endpoint_auto_confirms := d.Get("endpoint_auto_confirms").(bool)
confirmation_timeout_in_minutes := d.Get("confirmation_timeout_in_minutes").(int)
if strings.Contains(protocol, "http") && !endpoint_auto_confirms {
return nil, fmt.Errorf("Protocol http/https is only supported for endpoints which auto confirms!")
}
log.Printf("[DEBUG] SNS create topic subscription: %s (%s) @ '%s'", endpoint, protocol, topic_arn)
req := &sns.SubscribeInput{
Protocol: aws.String(protocol),
Endpoint: aws.String(endpoint),
TopicArn: aws.String(topic_arn),
}
output, err = snsconn.Subscribe(req)
if err != nil {
return nil, fmt.Errorf("Error creating SNS topic: %s", err)
}
log.Printf("[DEBUG] Finished subscribing to topic %s with subscription arn %s", topic_arn, *output.SubscriptionArn)
if strings.Contains(protocol, "http") && subscriptionHasPendingConfirmation(output.SubscriptionArn) {
log.Printf("[DEBUG] SNS create topic subscription is pending so fetching the subscription list for topic : %s (%s) @ '%s'", endpoint, protocol, topic_arn)
err = resource.Retry(time.Duration(confirmation_timeout_in_minutes)*time.Minute, func() *resource.RetryError {
subscription, err := findSubscriptionByNonID(d, snsconn)
if subscription != nil {
output.SubscriptionArn = subscription.SubscriptionArn
return nil
}
if err != nil {
return resource.RetryableError(
fmt.Errorf("Error fetching subscriptions for SNS topic %s: %s", topic_arn, err))
}
return resource.RetryableError(
fmt.Errorf("Endpoint (%s) did not autoconfirm the subscription for topic %s", endpoint, topic_arn))
})
if err != nil {
return nil, err
}
}
log.Printf("[DEBUG] Created new subscription! %s", *output.SubscriptionArn)
return output, nil
}
func testAccCheckAWSS3BucketLambdaFunctionConfiguration(n, i, t string, events []string, filters *s3.KeyFilter) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, _ := s.RootModule().Resources[n]
funcArn := s.RootModule().Resources[t].Primary.Attributes["arn"]
conn := testAccProvider.Meta().(*AWSClient).s3conn
err := resource.Retry(1*time.Minute, func() *resource.RetryError {
out, err := conn.GetBucketNotificationConfiguration(&s3.GetBucketNotificationConfigurationRequest{
Bucket: aws.String(rs.Primary.ID),
})
if err != nil {
return resource.NonRetryableError(fmt.Errorf("GetBucketNotification error: %v", err))
}
eventSlice := sort.StringSlice(events)
eventSlice.Sort()
outputFunctions := out.LambdaFunctionConfigurations
matched := false
for _, outputFunc := range outputFunctions {
if *outputFunc.Id == i {
matched = true
if *outputFunc.LambdaFunctionArn != funcArn {
return resource.RetryableError(fmt.Errorf("bad lambda function arn, expected: %s, got %#v", funcArn, *outputFunc.LambdaFunctionArn))
}
if filters != nil {
if !reflect.DeepEqual(filters, outputFunc.Filter.Key) {
return resource.RetryableError(fmt.Errorf("bad notification filters, expected: %#v, got %#v", filters, outputFunc.Filter.Key))
}
} else {
if outputFunc.Filter != nil {
return resource.RetryableError(fmt.Errorf("bad notification filters, expected: nil, got %#v", outputFunc.Filter))
}
}
outputEventSlice := sort.StringSlice(aws.StringValueSlice(outputFunc.Events))
outputEventSlice.Sort()
if !reflect.DeepEqual(eventSlice, outputEventSlice) {
return resource.RetryableError(fmt.Errorf("bad notification events, expected: %#v, got %#v", events, outputEventSlice))
}
}
}
if !matched {
return resource.RetryableError(fmt.Errorf("No match lambda function configurations: %#v", out))
}
return nil
})
return err
}
}
func testAccAWSVpnGatewayDisappears(gateway *ec2.VpnGateway) resource.TestCheckFunc {
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).ec2conn
_, err := conn.DetachVpnGateway(&ec2.DetachVpnGatewayInput{
VpnGatewayId: gateway.VpnGatewayId,
VpcId: gateway.VpcAttachments[0].VpcId,
})
if err != nil {
ec2err, ok := err.(awserr.Error)
if ok {
if ec2err.Code() == "InvalidVpnGatewayID.NotFound" {
return nil
} else if ec2err.Code() == "InvalidVpnGatewayAttachment.NotFound" {
return nil
}
}
if err != nil {
return err
}
}
opts := &ec2.DeleteVpnGatewayInput{
VpnGatewayId: gateway.VpnGatewayId,
}
if _, err := conn.DeleteVpnGateway(opts); err != nil {
return err
}
return resource.Retry(40*time.Minute, func() *resource.RetryError {
opts := &ec2.DescribeVpnGatewaysInput{
VpnGatewayIds: []*string{gateway.VpnGatewayId},
}
resp, err := conn.DescribeVpnGateways(opts)
if err != nil {
cgw, ok := err.(awserr.Error)
if ok && cgw.Code() == "InvalidVpnGatewayID.NotFound" {
return nil
}
if ok && cgw.Code() == "IncorrectState" {
return resource.RetryableError(fmt.Errorf(
"Waiting for VPN Gateway to be in the correct state: %v", gateway.VpnGatewayId))
}
return resource.NonRetryableError(
fmt.Errorf("Error retrieving VPN Gateway: %s", err))
}
if *resp.VpnGateways[0].State == "deleted" {
return nil
}
return resource.RetryableError(fmt.Errorf(
"Waiting for VPN Gateway: %v", gateway.VpnGatewayId))
})
}
}
func resourceAwsCustomerGatewayDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
_, err := conn.DeleteCustomerGateway(&ec2.DeleteCustomerGatewayInput{
CustomerGatewayId: aws.String(d.Id()),
})
if err != nil {
if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidCustomerGatewayID.NotFound" {
d.SetId("")
return nil
} else {
log.Printf("[ERROR] Error deleting CustomerGateway: %s", err)
return err
}
}
gatewayFilter := &ec2.Filter{
Name: aws.String("customer-gateway-id"),
Values: []*string{aws.String(d.Id())},
}
err = resource.Retry(5*time.Minute, func() *resource.RetryError {
resp, err := conn.DescribeCustomerGateways(&ec2.DescribeCustomerGatewaysInput{
Filters: []*ec2.Filter{gatewayFilter},
})
if err != nil {
if awserr, ok := err.(awserr.Error); ok && awserr.Code() == "InvalidCustomerGatewayID.NotFound" {
return nil
}
return resource.NonRetryableError(err)
}
if len(resp.CustomerGateways) != 1 {
return resource.RetryableError(fmt.Errorf("[ERROR] Error finding CustomerGateway for delete: %s", d.Id()))
}
switch *resp.CustomerGateways[0].State {
case "pending", "available", "deleting":
return resource.RetryableError(fmt.Errorf("[DEBUG] Gateway (%s) in state (%s), retrying", d.Id(), *resp.CustomerGateways[0].State))
case "deleted":
return nil
default:
return resource.RetryableError(fmt.Errorf("[DEBUG] Unrecognized state (%s) for Customer Gateway delete on (%s)", *resp.CustomerGateways[0].State, d.Id()))
}
})
if err != nil {
return err
}
return nil
}
// setTags is a helper to set the tags for a resource. It expects the
// tags field to be named "tags"
func setTags(conn *ec2.EC2, d *schema.ResourceData) error {
if d.HasChange("tags") {
oraw, nraw := d.GetChange("tags")
o := oraw.(map[string]interface{})
n := nraw.(map[string]interface{})
create, remove := diffTags(tagsFromMap(o), tagsFromMap(n))
// Set tags
if len(remove) > 0 {
err := resource.Retry(2*time.Minute, func() *resource.RetryError {
log.Printf("[DEBUG] Removing tags: %#v from %s", remove, d.Id())
_, err := conn.DeleteTags(&ec2.DeleteTagsInput{
Resources: []*string{aws.String(d.Id())},
Tags: remove,
})
if err != nil {
ec2err, ok := err.(awserr.Error)
if ok && strings.Contains(ec2err.Code(), ".NotFound") {
return resource.RetryableError(err) // retry
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return err
}
}
if len(create) > 0 {
err := resource.Retry(2*time.Minute, func() *resource.RetryError {
log.Printf("[DEBUG] Creating tags: %s for %s", create, d.Id())
_, err := conn.CreateTags(&ec2.CreateTagsInput{
Resources: []*string{aws.String(d.Id())},
Tags: create,
})
if err != nil {
ec2err, ok := err.(awserr.Error)
if ok && strings.Contains(ec2err.Code(), ".NotFound") {
return resource.RetryableError(err) // retry
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return err
}
}
}
return nil
}
func resourceAwsApiGatewayBasePathMappingCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
err := resource.Retry(30*time.Second, func() *resource.RetryError {
_, err := conn.CreateBasePathMapping(&apigateway.CreateBasePathMappingInput{
RestApiId: aws.String(d.Get("api_id").(string)),
DomainName: aws.String(d.Get("domain_name").(string)),
BasePath: aws.String(d.Get("base_path").(string)),
Stage: aws.String(d.Get("stage_name").(string)),
})
if err != nil {
if err, ok := err.(awserr.Error); ok && err.Code() != "BadRequestException" {
return resource.NonRetryableError(err)
}
return resource.RetryableError(
fmt.Errorf("Error creating Gateway base path mapping: %s", err),
)
}
return nil
})
if err != nil {
return fmt.Errorf("Error creating Gateway base path mapping: %s", err)
}
id := fmt.Sprintf("%s/%s", d.Get("domain_name").(string), d.Get("base_path").(string))
d.SetId(id)
return resourceAwsApiGatewayBasePathMappingRead(d, meta)
}
func resourceAwsS3BucketPolicyPut(d *schema.ResourceData, meta interface{}) error {
s3conn := meta.(*AWSClient).s3conn
bucket := d.Get("bucket").(string)
policy := d.Get("policy").(string)
d.SetId(bucket)
log.Printf("[DEBUG] S3 bucket: %s, put policy: %s", bucket, policy)
params := &s3.PutBucketPolicyInput{
Bucket: aws.String(bucket),
Policy: aws.String(policy),
}
err := resource.Retry(1*time.Minute, func() *resource.RetryError {
if _, err := s3conn.PutBucketPolicy(params); err != nil {
if awserr, ok := err.(awserr.Error); ok {
if awserr.Code() == "MalformedPolicy" {
return resource.RetryableError(awserr)
}
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("Error putting S3 policy: %s", err)
}
return nil
}
func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.UniqueId()
}
request := &iam.CreateRoleInput{
Path: aws.String(d.Get("path").(string)),
RoleName: aws.String(name),
AssumeRolePolicyDocument: aws.String(d.Get("assume_role_policy").(string)),
}
var createResp *iam.CreateRoleOutput
err := resource.Retry(30*time.Second, func() *resource.RetryError {
var err error
createResp, err = iamconn.CreateRole(request)
// IAM users (referenced in Principal field of assume policy)
// can take ~30 seconds to propagate in AWS
if isAWSErr(err, "MalformedPolicyDocument", "Invalid principal in policy") {
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
})
if err != nil {
return fmt.Errorf("Error creating IAM Role %s: %s", name, err)
}
return resourceAwsIamRoleReadResult(d, createResp.Role)
}
func resourceAwsVpcDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
vpcID := d.Id()
DeleteVpcOpts := &ec2.DeleteVpcInput{
VpcId: &vpcID,
}
log.Printf("[INFO] Deleting VPC: %s", d.Id())
return resource.Retry(5*time.Minute, func() *resource.RetryError {
_, err := conn.DeleteVpc(DeleteVpcOpts)
if err == nil {
return nil
}
ec2err, ok := err.(awserr.Error)
if !ok {
return resource.NonRetryableError(err)
}
switch ec2err.Code() {
case "InvalidVpcID.NotFound":
return nil
case "DependencyViolation":
return resource.RetryableError(err)
}
return resource.NonRetryableError(fmt.Errorf("Error deleting VPC: %s", err))
})
}
func clearServerList(client *brightbox.Client, initial_server_group *brightbox.ServerGroup) error {
serverID := initial_server_group.Id
server_list := initial_server_group.Servers
serverIds := serverIdList(server_list)
log.Printf("[INFO] Removing servers %#v from server group %s", serverIds, serverID)
_, err := client.RemoveServersFromServerGroup(serverID, serverIds)
if err != nil {
return fmt.Errorf("Error removing servers from server group %s", serverID)
}
// Wait for group to empty
return resource.Retry(
1*time.Minute,
func() *resource.RetryError {
server_group, err := client.ServerGroup(serverID)
if err != nil {
return resource.NonRetryableError(
fmt.Errorf("Error retrieving Server Group details: %s", err),
)
}
if len(server_group.Servers) > 0 {
return resource.RetryableError(
fmt.Errorf("Error: servers %#v still in server group %s", serverIdList(server_group.Servers), server_group.Id),
)
}
return nil
},
)
}
func resourceAwsAutoscalingLifecycleHookPut(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).autoscalingconn
params := getAwsAutoscalingPutLifecycleHookInput(d)
log.Printf("[DEBUG] AutoScaling PutLifecyleHook: %s", params)
err := resource.Retry(5*time.Minute, func() *resource.RetryError {
_, err := conn.PutLifecycleHook(¶ms)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if strings.Contains(awsErr.Message(), "Unable to publish test message to notification target") {
return resource.RetryableError(fmt.Errorf("[DEBUG] Retrying AWS AutoScaling Lifecycle Hook: %s", params))
}
}
return resource.NonRetryableError(fmt.Errorf("Error putting lifecycle hook: %s", err))
}
return nil
})
if err != nil {
return err
}
d.SetId(d.Get("name").(string))
return resourceAwsAutoscalingLifecycleHookRead(d, meta)
}
func testAccAWSDBClusterParameterGroupDisappears(v *rds.DBClusterParameterGroup) resource.TestCheckFunc {
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).rdsconn
opts := &rds.DeleteDBClusterParameterGroupInput{
DBClusterParameterGroupName: v.DBClusterParameterGroupName,
}
if _, err := conn.DeleteDBClusterParameterGroup(opts); err != nil {
return err
}
return resource.Retry(40*time.Minute, func() *resource.RetryError {
opts := &rds.DescribeDBClusterParameterGroupsInput{
DBClusterParameterGroupName: v.DBClusterParameterGroupName,
}
_, err := conn.DescribeDBClusterParameterGroups(opts)
if err != nil {
dbparamgrouperr, ok := err.(awserr.Error)
if ok && dbparamgrouperr.Code() == "DBParameterGroupNotFound" {
return nil
}
return resource.NonRetryableError(
fmt.Errorf("Error retrieving DB Cluster Parameter Groups: %s", err))
}
return resource.RetryableError(fmt.Errorf(
"Waiting for cluster parameter group to be deleted: %v", v.DBClusterParameterGroupName))
})
}
}
func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
var name string
if v, ok := d.GetOk("name"); ok {
name = v.(string)
} else if v, ok := d.GetOk("name_prefix"); ok {
name = resource.PrefixedUniqueId(v.(string))
} else {
name = resource.UniqueId()
}
request := &iam.CreateRoleInput{
Path: aws.String(d.Get("path").(string)),
RoleName: aws.String(name),
AssumeRolePolicyDocument: aws.String(d.Get("assume_role_policy").(string)),
}
var createResp *iam.CreateRoleOutput
err := resource.Retry(10*time.Second, func() *resource.RetryError {
var err error
createResp, err = iamconn.CreateRole(request)
// IAM roles can take ~10 seconds to propagate in AWS:
// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console
if isAWSErr(err, "MalformedPolicyDocument", "Invalid principal in policy") {
return resource.RetryableError(err)
}
return resource.NonRetryableError(err)
})
if err != nil {
return fmt.Errorf("Error creating IAM Role %s: %s", name, err)
}
return resourceAwsIamRoleReadResult(d, createResp.Role)
}
func resourceCLCLoadBalancerCreate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*clc.Client)
dc := d.Get("data_center").(string)
name := d.Get("name").(string)
desc := d.Get("description").(string)
status := d.Get("status").(string)
r1 := lb.LoadBalancer{
Name: name,
Description: desc,
Status: status,
}
l, err := client.LB.Create(dc, r1)
if err != nil {
return fmt.Errorf("Failed creating load balancer under %v/%v: %v", dc, name, err)
}
d.SetId(l.ID)
return resource.Retry(1*time.Minute, func() *resource.RetryError {
_, err := client.LB.Get(dc, l.ID)
if err != nil {
return resource.RetryableError(err)
}
err = resourceCLCLoadBalancerRead(d, meta)
if err != nil {
return resource.NonRetryableError(err)
}
return nil
})
}
func resourceAwsCloudWatchEventRuleCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).cloudwatcheventsconn
input := buildPutRuleInputStruct(d)
log.Printf("[DEBUG] Creating CloudWatch Event Rule: %s", input)
// IAM Roles take some time to propagate
var out *events.PutRuleOutput
err := resource.Retry(30*time.Second, func() *resource.RetryError {
var err error
out, err = conn.PutRule(input)
pattern := regexp.MustCompile("cannot be assumed by principal '[a-z]+\\.amazonaws\\.com'\\.$")
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == "ValidationException" && pattern.MatchString(awsErr.Message()) {
log.Printf("[DEBUG] Retrying creation of CloudWatch Event Rule %q", *input.Name)
return resource.RetryableError(err)
}
}
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("Creating CloudWatch Event Rule failed: %s", err)
}
d.Set("arn", out.RuleArn)
d.SetId(d.Get("name").(string))
log.Printf("[INFO] CloudWatch Event Rule %q created", *out.RuleArn)
return resourceAwsCloudWatchEventRuleUpdate(d, meta)
}
func testAccAWSClusterInstanceDisappears(v *rds.DBInstance) resource.TestCheckFunc {
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).rdsconn
opts := &rds.DeleteDBInstanceInput{
DBInstanceIdentifier: v.DBInstanceIdentifier,
}
if _, err := conn.DeleteDBInstance(opts); err != nil {
return err
}
return resource.Retry(40*time.Minute, func() *resource.RetryError {
opts := &rds.DescribeDBInstancesInput{
DBInstanceIdentifier: v.DBInstanceIdentifier,
}
_, err := conn.DescribeDBInstances(opts)
if err != nil {
dbinstanceerr, ok := err.(awserr.Error)
if ok && dbinstanceerr.Code() == "DBInstanceNotFound" {
return nil
}
return resource.NonRetryableError(
fmt.Errorf("Error retrieving DB Instances: %s", err))
}
return resource.RetryableError(fmt.Errorf(
"Waiting for instance to be deleted: %v", v.DBInstanceIdentifier))
})
}
}
func resourceAwsDbOptionGroupDelete(d *schema.ResourceData, meta interface{}) error {
rdsconn := meta.(*AWSClient).rdsconn
deleteOpts := &rds.DeleteOptionGroupInput{
OptionGroupName: aws.String(d.Id()),
}
log.Printf("[DEBUG] Delete DB Option Group: %#v", deleteOpts)
ret := resource.Retry(1*time.Minute, func() *resource.RetryError {
_, err := rdsconn.DeleteOptionGroup(deleteOpts)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == "InvalidOptionGroupStateFault" {
log.Printf("[DEBUG] AWS believes the RDS Option Group is still in use, retrying")
return resource.RetryableError(awsErr)
}
}
return resource.NonRetryableError(err)
}
return nil
})
if ret != nil {
return fmt.Errorf("Error Deleting DB Option Group: %s", ret)
}
return nil
}
func testAccCheckAWSLambdaEventSourceMappingDisappears(conf *lambda.EventSourceMappingConfiguration) resource.TestCheckFunc {
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).lambdaconn
params := &lambda.DeleteEventSourceMappingInput{
UUID: conf.UUID,
}
_, err := conn.DeleteEventSourceMapping(params)
if err != nil {
if err != nil {
return err
}
}
return resource.Retry(10*time.Minute, func() *resource.RetryError {
params := &lambda.GetEventSourceMappingInput{
UUID: conf.UUID,
}
_, err := conn.GetEventSourceMapping(params)
if err != nil {
cgw, ok := err.(awserr.Error)
if ok && cgw.Code() == "ResourceNotFoundException" {
return nil
}
return resource.NonRetryableError(
fmt.Errorf("Error retrieving Lambda Event Source Mapping: %s", err))
}
return resource.RetryableError(fmt.Errorf(
"Waiting for Lambda Event Source Mapping: %v", conf.UUID))
})
}
}
func resourceLibratoAlertDelete(d *schema.ResourceData, meta interface{}) error {
client := meta.(*librato.Client)
id, err := strconv.ParseUint(d.Id(), 10, 0)
if err != nil {
return err
}
log.Printf("[INFO] Deleting Alert: %d", id)
_, err = client.Alerts.Delete(uint(id))
if err != nil {
return fmt.Errorf("Error deleting Alert: %s", err)
}
resource.Retry(1*time.Minute, func() *resource.RetryError {
_, _, err := client.Alerts.Get(uint(id))
if err != nil {
if errResp, ok := err.(*librato.ErrorResponse); ok && errResp.Response.StatusCode == 404 {
return nil
}
return resource.NonRetryableError(err)
}
return resource.RetryableError(fmt.Errorf("alert still exists"))
})
d.SetId("")
return nil
}
