// Authorizes the ingress rule on the db security group
func resourceAwsDbSecurityGroupAuthorizeRule(ingress interface{}, dbSecurityGroupName string, conn *rds.RDS) error {
ing := ingress.(map[string]interface{})
opts := rds.AuthorizeDBSecurityGroupIngressMessage{
DBSecurityGroupName: aws.String(dbSecurityGroupName),
}
if attr, ok := ing["cidr"]; ok && attr != "" {
opts.CIDRIP = aws.String(attr.(string))
}
if attr, ok := ing["security_group_name"]; ok && attr != "" {
opts.EC2SecurityGroupName = aws.String(attr.(string))
}
if attr, ok := ing["security_group_id"]; ok && attr != "" {
opts.EC2SecurityGroupID = aws.String(attr.(string))
}
if attr, ok := ing["security_group_owner_id"]; ok && attr != "" {
opts.EC2SecurityGroupOwnerID = aws.String(attr.(string))
}
log.Printf("[DEBUG] Authorize ingress rule configuration: %#v", opts)
_, err := conn.AuthorizeDBSecurityGroupIngress(&opts)
if err != nil {
return fmt.Errorf("Error authorizing security group ingress: %s", err)
}
return nil
}
// setTags is a helper to set the tags for a resource. It expects the
// tags field to be named "tags"
func setTagsRDS(conn *rds.RDS, d *schema.ResourceData, arn string) error {
if d.HasChange("tags") {
oraw, nraw := d.GetChange("tags")
o := oraw.(map[string]interface{})
n := nraw.(map[string]interface{})
create, remove := diffTagsRDS(tagsFromMapRDS(o), tagsFromMapRDS(n))
// Set tags
if len(remove) > 0 {
log.Printf("[DEBUG] Removing tags: %#v", remove)
k := make([]string, len(remove), len(remove))
for i, t := range remove {
k[i] = *t.Key
}
err := conn.RemoveTagsFromResource(&rds.RemoveTagsFromResourceMessage{
ResourceName: aws.String(arn),
TagKeys: k,
})
if err != nil {
return err
}
}
if len(create) > 0 {
log.Printf("[DEBUG] Creating tags: %#v", create)
err := conn.AddTagsToResource(&rds.AddTagsToResourceMessage{
ResourceName: aws.String(arn),
Tags: create,
})
if err != nil {
return err
}
}
}
return nil
}