Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

provider/aws: Fix SG update on instance with multiple network interfaces #14299

Merged
merged 1 commit into from
May 11, 2017
Merged

provider/aws: Fix SG update on instance with multiple network interfaces #14299

merged 1 commit into from
May 11, 2017

Conversation

grubernaut
Copy link
Contributor

@grubernaut grubernaut commented May 8, 2017
edited
Loading

With an EC2 instance that only had a single network interface, the primary interface, the Update function would call ModifyInstanceAttribute() on the target instance. This would only work if there was a single network interface attached to the EC2 instance. If, however, a secondary network interface was attached to the instance, the ModifyInstanceAttribute() API call would fail with the following error message:

There are multiple interfaces attached to instance 'i-XXXXX'. Please specify an interface ID for the operation instead.

After this changeset, modifying instance security groups now makes the correct call to ModifyNetworkInterfaceAttribute() in order to modify the list of security groups on the primary network interface, as initially configured during the instances creation.

This change is also safe from an instance that has a non-default primary network interface, as the instance attribute vpc_security_group_ids conflicts with the new network_interface attribute.

Test Output:

$ make testacc TEST=./builtin/providers/aws TESTARGS="-run=TestAccAWSInstance_addSecurityGroupNetworkInterface"
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/08 17:52:42 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstance_addSecurityGroupNetworkInterface -timeout 120m
=== RUN   TestAccAWSInstance_addSecurityGroupNetworkInterface
--- PASS: TestAccAWSInstance_addSecurityGroupNetworkInterface (327.75s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    327.756s

Fixes: #3205, #7635
Related to: #7711

@grubernaut
provider/aws: Fix attach of SG to instance with multiple network inte…
0d6891d 
…rfaces

With an EC2 instance that only had a single network interface, the primary interface, the Update function would call `ModifyInstanceAttribute()` on the target instance. This would only work if there was a single network interface attached to the EC2 instance. If, however, a secondary network interface was attached to the instance, the `ModifyInstanceAttribute()` API call would fail with the following error message:

 > There are multiple interfaces attached to instance 'i-XXXXX'. Please specify an interface ID for the operation instead.

 After this changeset, modifying instance security groups now makes the correct call to `ModifyNetworkInterfaceAttribute()` in order to modify the list of security groups on the primary network interface, as initially configured during the instances creation.

 This change is also safe from an instance that has a non-default primary network interface, as the instance attribute `vpc_security_group_ids` conflicts with the new `network_interface` attribute.

 Test Output:

 ```
 $ make testacc TEST=./builtin/providers/aws TESTARGS="-run=TestAccAWSInstance_addSecurityGroupNetworkInterface"
 ==> Checking that code complies with gofmt requirements...
 go generate $(go list ./... | grep -v /terraform/vendor/)
 2017/05/08 17:52:42 Generated command/internal_plugin_list.go
 TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstance_addSecurityGroupNetworkInterface -timeout 120m
 === RUN   TestAccAWSInstance_addSecurityGroupNetworkInterface
 --- PASS: TestAccAWSInstance_addSecurityGroupNetworkInterface (327.75s)
 PASS
 ok      github.com/hashicorp/terraform/builtin/providers/aws    327.756s
```
@grubernaut grubernaut changed the title provider/aws: Fix attach of SG to instance with multiple network inte… provider/aws: Fix SG update on instance with multiple network interfaces May 8, 2017
@grubernaut grubernaut requested review from catsby and stack72 May 10, 2017 13:43
catsby
catsby approved these changes May 10, 2017
View reviewed changes
Copy link
Contributor

@catsby catsby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@grubernaut grubernaut merged commit 570651b into master May 11, 2017
@grubernaut grubernaut deleted the f-sg-add-issue-3205 branch May 11, 2017 00:14
This was referenced May 11, 2017
Closed
Closed
@ghost
Copy link

ghost commented Apr 12, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 12, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@catsby catsby catsby approved these changes

@stack72 stack72 Awaiting requested review from stack72

Assignees
No one assigned
Labels
bug provider/aws
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AWS: attach new security group to eth0 in an existing instance with 2 interfaces.
2 participants
@grubernaut @catsby