func getDefaultNetworkAcl(vpc_id string, conn *ec2.EC2) (defaultAcl *ec2.NetworkACL, err error) {
resp, err := conn.DescribeNetworkACLs(&ec2.DescribeNetworkACLsInput{
Filters: []*ec2.Filter{
&ec2.Filter{
Name: aws.String("default"),
Values: []*string{aws.String("true")},
},
&ec2.Filter{
Name: aws.String("vpc-id"),
Values: []*string{aws.String(vpc_id)},
},
},
})
if err != nil {
return nil, err
}
return resp.NetworkACLs[0], nil
}
func findNetworkAclAssociation(subnetId string, conn *ec2.EC2) (networkAclAssociation *ec2.NetworkACLAssociation, err error) {
resp, err := conn.DescribeNetworkACLs(&ec2.DescribeNetworkACLsInput{
Filters: []*ec2.Filter{
&ec2.Filter{
Name: aws.String("association.subnet-id"),
Values: []*string{aws.String(subnetId)},
},
},
})
if err != nil {
return nil, err
}
if resp.NetworkACLs != nil && len(resp.NetworkACLs) > 0 {
for _, association := range resp.NetworkACLs[0].Associations {
if *association.SubnetID == subnetId {
return association, nil
}
}
}
return nil, fmt.Errorf("could not find association for subnet: %s ", subnetId)
}
func resourceAwsVpcSetDefaultNetworkAcl(conn *ec2.EC2, d *schema.ResourceData) error {
filter1 := &ec2.Filter{
Name: aws.String("default"),
Values: []*string{aws.String("true")},
}
filter2 := &ec2.Filter{
Name: aws.String("vpc-id"),
Values: []*string{aws.String(d.Id())},
}
DescribeNetworkACLOpts := &ec2.DescribeNetworkACLsInput{
Filters: []*ec2.Filter{filter1, filter2},
}
networkAclResp, err := conn.DescribeNetworkACLs(DescribeNetworkACLOpts)
if err != nil {
return err
}
if v := networkAclResp.NetworkACLs; len(v) > 0 {
d.Set("default_network_acl_id", v[0].NetworkACLID)
}
return nil
}