当前位置: 首页>>代码示例>>Golang>>正文


Golang EC2.CreateNetworkACLEntry方法代码示例

本文整理汇总了Golang中github.com/aws/aws-sdk-go/service/ec2.EC2.CreateNetworkACLEntry方法的典型用法代码示例。如果您正苦于以下问题:Golang EC2.CreateNetworkACLEntry方法的具体用法?Golang EC2.CreateNetworkACLEntry怎么用?Golang EC2.CreateNetworkACLEntry使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在github.com/aws/aws-sdk-go/service/ec2.EC2的用法示例。


在下文中一共展示了EC2.CreateNetworkACLEntry方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。

示例1: updateNetworkAclEntries

func updateNetworkAclEntries(d *schema.ResourceData, entryType string, conn *ec2.EC2) error {

	o, n := d.GetChange(entryType)

	if o == nil {
		o = new(schema.Set)
	}
	if n == nil {
		n = new(schema.Set)
	}

	os := o.(*schema.Set)
	ns := n.(*schema.Set)

	toBeDeleted, err := expandNetworkAclEntries(os.Difference(ns).List(), entryType)
	if err != nil {
		return err
	}
	for _, remove := range toBeDeleted {

		// AWS includes default rules with all network ACLs that can be
		// neither modified nor destroyed. They have a custom rule
		// number that is out of bounds for any other rule. If we
		// encounter it, just continue. There's no work to be done.
		if *remove.RuleNumber == 32767 {
			continue
		}

		// Delete old Acl
		_, err := conn.DeleteNetworkACLEntry(&ec2.DeleteNetworkACLEntryInput{
			NetworkACLID: aws.String(d.Id()),
			RuleNumber:   remove.RuleNumber,
			Egress:       remove.Egress,
		})
		if err != nil {
			return fmt.Errorf("Error deleting %s entry: %s", entryType, err)
		}
	}

	toBeCreated, err := expandNetworkAclEntries(ns.Difference(os).List(), entryType)
	if err != nil {
		return err
	}
	for _, add := range toBeCreated {
		// Protocol -1 rules don't store ports in AWS. Thus, they'll always
		// hash differently when being read out of the API. Force the user
		// to set from_port and to_port to 0 for these rules, to keep the
		// hashing consistent.
		if *add.Protocol == "-1" {
			to := *add.PortRange.To
			from := *add.PortRange.From
			expected := &expectedPortPair{
				to_port:   0,
				from_port: 0,
			}
			if ok := validatePorts(to, from, *expected); !ok {
				return fmt.Errorf(
					"to_port (%d) and from_port (%d) must both be 0 to use the the 'all' \"-1\" protocol!",
					to, from)
			}
		}

		// AWS mutates the CIDR block into a network implied by the IP and
		// mask provided. This results in hashing inconsistencies between
		// the local config file and the state returned by the API. Error
		// if the user provides a CIDR block with an inappropriate mask
		if err := validateCIDRBlock(*add.CIDRBlock); err != nil {
			return err
		}

		// Add new Acl entry
		_, connErr := conn.CreateNetworkACLEntry(&ec2.CreateNetworkACLEntryInput{
			NetworkACLID: aws.String(d.Id()),
			CIDRBlock:    add.CIDRBlock,
			Egress:       add.Egress,
			PortRange:    add.PortRange,
			Protocol:     add.Protocol,
			RuleAction:   add.RuleAction,
			RuleNumber:   add.RuleNumber,
			ICMPTypeCode: add.ICMPTypeCode,
		})
		if connErr != nil {
			return fmt.Errorf("Error creating %s entry: %s", entryType, connErr)
		}
	}
	return nil
}
开发者ID:rgl,项目名称:terraform,代码行数:87,代码来源:resource_aws_network_acl.go


注:本文中的github.com/aws/aws-sdk-go/service/ec2.EC2.CreateNetworkACLEntry方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。