From d932d996798d1856906213a84bab82f67ac505e5 Mon Sep 17 00:00:00 2001
From: stack72 <public@paulstack.co.uk>
Date: Fri, 18 Dec 2015 17:21:11 +0000
Subject: [PATCH] Adds documentation for the AWS Network ACL Rule resource

---
 .../aws/resource_aws_network_acl_rule.go      |  2 +-
 .../aws/resource_aws_network_acl_rule_test.go |  4 +-
 .../aws/r/network_acl_rule.html.markdown      | 53 +++++++++++++++++++
 website/source/layouts/aws.erb                |  4 ++
 4 files changed, 60 insertions(+), 3 deletions(-)
 create mode 100644 website/source/docs/providers/aws/r/network_acl_rule.html.markdown

diff --git a/builtin/providers/aws/resource_aws_network_acl_rule.go b/builtin/providers/aws/resource_aws_network_acl_rule.go
index 363ef0912a19..ec6e15317865 100644
--- a/builtin/providers/aws/resource_aws_network_acl_rule.go
+++ b/builtin/providers/aws/resource_aws_network_acl_rule.go
@@ -112,7 +112,7 @@ func resourceAwsNetworkAclRuleCreate(d *schema.ResourceData, meta interface{}) e
 		}
 	}
 
-	log.Printf("[INFO] Creating Network Acl Rule: %d (%s)", d.Get("rule_number").(int), d.Get("egress").(bool))
+	log.Printf("[INFO] Creating Network Acl Rule: %d (%t)", d.Get("rule_number").(int), d.Get("egress").(bool))
 	_, err := conn.CreateNetworkAclEntry(params)
 	if err != nil {
 		return fmt.Errorf("Error Creating Network Acl Rule: %s", err.Error())
diff --git a/builtin/providers/aws/resource_aws_network_acl_rule_test.go b/builtin/providers/aws/resource_aws_network_acl_rule_test.go
index 10add5d3cba2..98767cb573db 100644
--- a/builtin/providers/aws/resource_aws_network_acl_rule_test.go
+++ b/builtin/providers/aws/resource_aws_network_acl_rule_test.go
@@ -30,9 +30,9 @@ func TestAccAWSNetworkAclRule_basic(t *testing.T) {
 }
 
 func testAccCheckAWSNetworkAclRuleDestroy(s *terraform.State) error {
-	conn := testAccProvider.Meta().(*AWSClient).ec2conn
 
 	for _, rs := range s.RootModule().Resources {
+		conn := testAccProvider.Meta().(*AWSClient).ec2conn
 		if rs.Type != "aws_network_acl_rule" {
 			continue
 		}
@@ -63,9 +63,9 @@ func testAccCheckAWSNetworkAclRuleDestroy(s *terraform.State) error {
 }
 
 func testAccCheckAWSNetworkAclRuleExists(n string, networkAcl *ec2.NetworkAcl) resource.TestCheckFunc {
-	conn := testAccProvider.Meta().(*AWSClient).ec2conn
 
 	return func(s *terraform.State) error {
+		conn := testAccProvider.Meta().(*AWSClient).ec2conn
 		rs, ok := s.RootModule().Resources[n]
 		if !ok {
 			return fmt.Errorf("Not found: %s", n)
diff --git a/website/source/docs/providers/aws/r/network_acl_rule.html.markdown b/website/source/docs/providers/aws/r/network_acl_rule.html.markdown
new file mode 100644
index 000000000000..e5766756fe15
--- /dev/null
+++ b/website/source/docs/providers/aws/r/network_acl_rule.html.markdown
@@ -0,0 +1,53 @@
+---
+layout: "aws"
+page_title: "AWS: aws_network_acl_rule"
+sidebar_current: "docs-aws-resource-network-acl-rule"
+description: |-
+  Provides an network ACL Rule resource.
+---
+
+# aws\_network\_acl\_rule
+
+Creates an entry (a rule) in a network ACL with the specified rule number.
+
+## Example Usage
+
+```
+resource "aws_network_acl" "bar" {
+	vpc_id = "${aws_vpc.foo.id}"
+}
+resource "aws_network_acl_rule" "bar" {
+	network_acl_id = "${aws_network_acl.bar.id}"
+	rule_number = 200
+	egress = false
+	protocol = "tcp"
+	rule_action = "allow"
+	cidr_block = "0.0.0.0/0"
+	from_port = 22
+	to_port = 22
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `network_acl_id` - (Required) The ID of the network ACL.
+* `rule_number` - (Required) The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.
+* `egress` - (Optional, bool) Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default `false`.
+* `protocol` - (Required) The protocol. A value of -1 means all protocols.
+* `rule_action` - (Required) Indicates whether to allow or deny the traffic that matches the rule. Accepted values: `allow` | `deny`
+* `cidr_block` - (Required) The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).
+* `from_port` - (Optional) The from port to match.
+* `to_port` - (Optional) The to port to match.
+* `icmp_type` - (Optional) ICMP protocol: The ICMP type. Required if specifying ICMP for the protocol. e.g. -1
+* `icmp_code` - (Optional) ICMP protocol: The ICMP code. Required if specifying ICMP for the protocol. e.g. -1
+
+~> Note: For more information on ICMP types and codes, see here: http://www.nthelp.com/icmp.html
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `id` - The ID of the network ACL Rule
+
diff --git a/website/source/layouts/aws.erb b/website/source/layouts/aws.erb
index 56feb497097f..5a12b432ee33 100644
--- a/website/source/layouts/aws.erb
+++ b/website/source/layouts/aws.erb
@@ -538,6 +538,10 @@
                             <a href="/docs/providers/aws/r/network_acl.html">aws_network_acl</a>
                         </li>
 
+                        <li<%= sidebar_current("docs-aws-resource-network-acl-rule") %>>
+                          <a href="/docs/providers/aws/r/network_acl_rule.html">aws_network_acl_rule</a>
+                        </li>
+
                         <li<%= sidebar_current("docs-aws-resource-network-interface") %>>
                             <a href="/docs/providers/aws/r/network_interface.html">aws_network_interface</a>
                         </li>