resource/aws_vpc: Set ipv6_association_id and ipv6_cidr_block attribu…

…tes as updated for assign_generated_ipv6_cidr_block updates Previously: ``` --- FAIL: TestAccAWSNetworkAclRule_ipv6VpcAssignGeneratedIpv6CidrBlockUpdate (36.59s) testing.go:538: Step 1 error: Error applying: 1 error occurred: * aws_network_acl_rule.test: aws_network_acl_rule.test: diffs didn't match during apply. This is a bug with Terraform and should be reported as a GitHub Issue. Please include the following information in your report: Terraform Version: 0.11.9 Resource ID: aws_network_acl_rule.test Mismatch reason: extra attributes: ipv6_cidr_block Diff One (usually from plan): *terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{"egress":*terraform.ResourceAttrDiff{Old:"", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "rule_number":*terraform.ResourceAttrDiff{Old:"", New:"150", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "protocol":*terraform.ResourceAttrDiff{Old:"", New:"tcp", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "rule_action":*terraform.ResourceAttrDiff{Old:"", New:"allow", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "from_port":*terraform.ResourceAttrDiff{Old:"", New:"22", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "to_port":*terraform.ResourceAttrDiff{Old:"", New:"22", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "network_acl_id":*terraform.ResourceAttrDiff{Old:"", New:"acl-0af5440f0c4b982b2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)} Diff Two (usually from apply): *terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{"from_port":*terraform.ResourceAttrDiff{Old:"", New:"22", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "rule_action":*terraform.ResourceAttrDiff{Old:"", New:"allow", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "ipv6_cidr_block":*terraform.ResourceAttrDiff{Old:"", New:"2600:1f14:3b0:c100::/56", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "rule_number":*terraform.ResourceAttrDiff{Old:"", New:"150", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "egress":*terraform.ResourceAttrDiff{Old:"", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "to_port":*terraform.ResourceAttrDiff{Old:"", New:"22", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "network_acl_id":*terraform.ResourceAttrDiff{Old:"", New:"acl-0af5440f0c4b982b2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "protocol":*terraform.ResourceAttrDiff{Old:"", New:"tcp", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)} Also include as much context as you can about your config, state, and the steps you performed to trigger this error. ``` Output from acceptance testing: ``` --- PASS: TestAccAWSNetworkAclRule_ipv6VpcAssignGeneratedIpv6CidrBlockUpdate (51.24s) --- PASS: TestAccAWSVpc_disappears (15.81s) --- PASS: TestAccAWSVpc_coreMismatchedDiffs (24.90s) --- PASS: TestAccAWSVpc_DisabledDnsSupport (30.17s) --- PASS: TestAccAWSVpc_basic (30.31s) --- PASS: TestAccAWSVpc_bothDnsOptionsSet (30.92s) --- PASS: TestAccAWSVpc_classiclinkDnsSupportOptionSet (31.88s) --- PASS: TestAccAWSVpc_classiclinkOptionSet (36.37s) --- PASS: TestAccAWSVpc_update (42.77s) --- PASS: TestAccAWSVpc_tags (48.91s) --- PASS: TestAccAWSVpc_AssignGeneratedIpv6CidrBlock (68.32s) --- PASS: TestAccAWSVpc_Tenancy (70.59s) ```
hashicorp · Apr 18, 2019 · 5e67876 · 5e67876
1 parent 6aefc74
commit 5e67876
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 8 deletions.
diff --git a/aws/resource_aws_network_acl_rule_test.go b/aws/resource_aws_network_acl_rule_test.go
@@ -87,6 +87,39 @@ func TestAccAWSNetworkAclRule_ipv6ICMP(t *testing.T) {
 	})
 }
 
+// Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/6710
+func TestAccAWSNetworkAclRule_ipv6VpcAssignGeneratedIpv6CidrBlockUpdate(t *testing.T) {
+	var networkAcl ec2.NetworkAcl
+	var vpc ec2.Vpc
+	vpcResourceName := "aws_vpc.test"
+	resourceName := "aws_network_acl_rule.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSNetworkAclRuleDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSNetworkAclRuleConfigIpv6VpcAssignGeneratedIpv6CidrBlockUpdate(false),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckVpcExists(vpcResourceName, &vpc),
+					resource.TestCheckResourceAttr(vpcResourceName, "assign_generated_ipv6_cidr_block", "false"),
+					resource.TestCheckResourceAttr(vpcResourceName, "ipv6_cidr_block", ""),
+				),
+			},
+			{
+				Config: testAccAWSNetworkAclRuleConfigIpv6VpcAssignGeneratedIpv6CidrBlockUpdate(true),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckVpcExists(vpcResourceName, &vpc),
+					resource.TestCheckResourceAttr(vpcResourceName, "assign_generated_ipv6_cidr_block", "true"),
+					resource.TestMatchResourceAttr(vpcResourceName, "ipv6_cidr_block", regexp.MustCompile(`/56$`)),
+					testAccCheckAWSNetworkAclRuleExists(resourceName, &networkAcl),
+				),
+			},
+		},
+	})
+}
+
 func TestAccAWSNetworkAclRule_allProtocol(t *testing.T) {
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -304,10 +337,6 @@ func testAccCheckAWSNetworkAclRuleDelete(n string) resource.TestCheckFunc {
 }
 
 const testAccAWSNetworkAclRuleBasicConfig = `
-provider "aws" {
-  region = "us-east-1"
-}
-
 resource "aws_vpc" "foo" {
 	cidr_block = "10.3.0.0/16"
 	tags = {
@@ -355,10 +384,6 @@ resource "aws_network_acl_rule" "wibble" {
 `
 
 const testAccAWSNetworkAclRuleMissingParam = `
-provider "aws" {
-  region = "us-east-1"
-}
-
 resource "aws_vpc" "foo" {
 	cidr_block = "10.3.0.0/16"
 	tags = {
@@ -540,3 +565,36 @@ resource "aws_network_acl_rule" "test" {
 }
 `, rName, rName)
 }
+
+func testAccAWSNetworkAclRuleConfigIpv6VpcAssignGeneratedIpv6CidrBlockUpdate(ipv6Enabled bool) string {
+	return fmt.Sprintf(`
+resource "aws_vpc" "test" {
+  assign_generated_ipv6_cidr_block = %[1]t
+  cidr_block                       = "10.3.0.0/16"
+
+  tags = {
+    Name = "tf-acc-test-network-acl-rule-ipv6-enabled"
+  }
+}
+
+resource "aws_network_acl" "test" {
+  vpc_id = "${aws_vpc.test.id}"
+
+  tags = {
+    Name = "tf-acc-test-network-acl-rule-ipv6-enabled"
+  }
+}
+
+resource "aws_network_acl_rule" "test" {
+  count = "${%[1]t ? 1 : 0}"
+
+  from_port       = 22
+  ipv6_cidr_block = "${aws_vpc.test.ipv6_cidr_block}"
+  network_acl_id  = "${aws_network_acl.test.id}"
+  protocol        = "tcp"
+  rule_action     = "allow"
+  rule_number     = 150
+  to_port         = 22
+}
+`, ipv6Enabled)
+}
diff --git a/aws/resource_aws_vpc.go b/aws/resource_aws_vpc.go
@@ -501,6 +501,14 @@ func resourceAwsVpcDelete(d *schema.ResourceData, meta interface{}) error {
 }
 
 func resourceAwsVpcCustomizeDiff(diff *schema.ResourceDiff, v interface{}) error {
+	if diff.HasChange("assign_generated_ipv6_cidr_block") {
+		if err := diff.SetNewComputed("ipv6_association_id"); err != nil {
+			return fmt.Errorf("error setting ipv6_association_id to computed: %s", err)
+		}
+		if err := diff.SetNewComputed("ipv6_cidr_block"); err != nil {
+			return fmt.Errorf("error setting ipv6_cidr_block to computed: %s", err)
+		}
+	}
 	if diff.HasChange("instance_tenancy") {
 		old, new := diff.GetChange("instance_tenancy")
 		if old.(string) != ec2.TenancyDedicated || new.(string) != ec2.TenancyDefault {