func getDefaultNetworkAcl(vpc_id string, conn *ec2.EC2) (defaultAcl *ec2.NetworkAcl, err error) {
resp, err := conn.DescribeNetworkAcls(&ec2.DescribeNetworkAclsInput{
Filters: []*ec2.Filter{
&ec2.Filter{
Name: aws.String("default"),
Values: []*string{aws.String("true")},
},
&ec2.Filter{
Name: aws.String("vpc-id"),
Values: []*string{aws.String(vpc_id)},
},
},
})
if err != nil {
return nil, err
}
return resp.NetworkAcls[0], nil
}
func findNetworkAclAssociation(subnetId string, conn *ec2.EC2) (networkAclAssociation *ec2.NetworkAclAssociation, err error) {
resp, err := conn.DescribeNetworkAcls(&ec2.DescribeNetworkAclsInput{
Filters: []*ec2.Filter{
&ec2.Filter{
Name: aws.String("association.subnet-id"),
Values: []*string{aws.String(subnetId)},
},
},
})
if err != nil {
return nil, err
}
if resp.NetworkAcls != nil && len(resp.NetworkAcls) > 0 {
for _, association := range resp.NetworkAcls[0].Associations {
if *association.SubnetId == subnetId {
return association, nil
}
}
}
return nil, fmt.Errorf("could not find association for subnet: %s ", subnetId)
}
func resourceAwsVpcSetDefaultNetworkAcl(conn *ec2.EC2, d *schema.ResourceData) error {
filter1 := &ec2.Filter{
Name: aws.String("default"),
Values: []*string{aws.String("true")},
}
filter2 := &ec2.Filter{
Name: aws.String("vpc-id"),
Values: []*string{aws.String(d.Id())},
}
DescribeNetworkACLOpts := &ec2.DescribeNetworkAclsInput{
Filters: []*ec2.Filter{filter1, filter2},
}
networkAclResp, err := conn.DescribeNetworkAcls(DescribeNetworkACLOpts)
if err != nil {
return err
}
if v := networkAclResp.NetworkAcls; len(v) > 0 {
d.Set("default_network_acl_id", v[0].NetworkAclId)
}
return nil
}