From 1fa0b3365e3880410a2c635aa4d230e4f44dd59a Mon Sep 17 00:00:00 2001 From: Mohan Krishnan Date: Mon, 10 Feb 2014 11:42:15 +0700 Subject: [PATCH] Allow explict setting of vpc_security_groups to allow modification of security groups of RDS instances within a VPC --- cloud/rds | 40 +++++++++++++++++++++++++++------------- 1 file changed, 27 insertions(+), 13 deletions(-) diff --git a/cloud/rds b/cloud/rds index 246a53690ba..2b83900e48f 100644 --- a/cloud/rds +++ b/cloud/rds @@ -119,7 +119,13 @@ options: aliases: [] security_groups: description: - - Comma separated list of one or more security groups. Used only when command=create or command=modify. If a subnet is specified then this is treated as a list of VPC security groups. + - Comma separated list of one or more security groups. Used only when command=create or command=modify. + required: false + default: null + aliases: [] + vpc_security_groups: + description: + - Comma separated list of one or more vpc security groups. Used only when command=create or command=modify. required: false default: null aliases: [] @@ -294,6 +300,7 @@ def main(): multi_zone = dict(type='bool', default=False), iops = dict(required=False), security_groups = dict(required=False), + vpc_security_groups = dict(required=False), port = dict(required=False), upgrade = dict(type='bool', default=False), option_group = dict(required=False), @@ -328,6 +335,7 @@ def main(): multi_zone = module.params.get('multi_zone') iops = module.params.get('iops') security_groups = module.params.get('security_groups') + vpc_security_groups = module.params.get('vpc_security_groups') port = module.params.get('port') upgrade = module.params.get('upgrade') option_group = module.params.get('option_group') @@ -355,40 +363,46 @@ def main(): except boto.exception.BotoServerError, e: module.fail_json(msg = e.error_message) + def invalid_security_group_type(subnet): + if subnet: + return 'security_groups' + else: + return 'vpc_security_groups' + # Validate parameters for each command if command == 'create': required_vars = [ 'instance_name', 'db_engine', 'size', 'instance_type', 'username', 'password' ] - invalid_vars = [ 'source_instance', 'snapshot', 'apply_immediately', 'new_instance_name' ] + invalid_vars = [ 'source_instance', 'snapshot', 'apply_immediately', 'new_instance_name' ] + [invalid_security_group_type(subnet)] elif command == 'replicate': required_vars = [ 'instance_name', 'source_instance' ] - invalid_vars = [ 'db_engine', 'size', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'security_groups', 'option_group', 'maint_window', 'backup_window', 'backup_retention', 'subnet', 'snapshot', 'apply_immediately', 'new_instance_name' ] + invalid_vars = [ 'db_engine', 'size', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'vpc_security_groups', 'security_groups', 'option_group', 'maint_window', 'backup_window', 'backup_retention', 'subnet', 'snapshot', 'apply_immediately', 'new_instance_name' ] elif command == 'delete': required_vars = [ 'instance_name' ] - invalid_vars = [ 'db_engine', 'size', 'instance_type', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'security_groups', 'option_group', 'maint_window', 'backup_window', 'backup_retention', 'port', 'upgrade', 'subnet', 'zone' , 'source_instance', 'apply_immediately', 'new_instance_name' ] + invalid_vars = [ 'db_engine', 'size', 'instance_type', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'vpc_security_groups' ,'security_groups', 'option_group', 'maint_window', 'backup_window', 'backup_retention', 'port', 'upgrade', 'subnet', 'zone' , 'source_instance', 'apply_immediately', 'new_instance_name' ] elif command == 'facts': required_vars = [ 'instance_name' ] - invalid_vars = [ 'db_engine', 'size', 'instance_type', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'security_groups', 'option_group', 'maint_window', 'backup_window', 'backup_retention', 'port', 'upgrade', 'subnet', 'zone', 'wait', 'source_instance' 'apply_immediately', 'new_instance_name' ] + invalid_vars = [ 'db_engine', 'size', 'instance_type', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'vpc_security_groups', 'security_groups', 'option_group', 'maint_window', 'backup_window', 'backup_retention', 'port', 'upgrade', 'subnet', 'zone', 'wait', 'source_instance' 'apply_immediately', 'new_instance_name' ] elif command == 'modify': required_vars = [ 'instance_name' ] if password: params["master_password"] = password - invalid_vars = [ 'db_engine', 'username', 'db_name', 'engine_version', 'license_model', 'option_group', 'port', 'upgrade', 'subnet', 'zone', 'source_instance' ] + invalid_vars = [ 'db_engine', 'username', 'db_name', 'engine_version', 'license_model', 'option_group', 'port', 'upgrade', 'subnet', 'zone', 'source_instance'] elif command == 'promote': required_vars = [ 'instance_name' ] - invalid_vars = [ 'db_engine', 'size', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'security_groups', 'option_group', 'maint_window', 'subnet', 'source_instance', 'snapshot', 'apply_immediately', 'new_instance_name' ] + invalid_vars = [ 'db_engine', 'size', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'vpc_security_groups', 'security_groups', 'option_group', 'maint_window', 'subnet', 'source_instance', 'snapshot', 'apply_immediately', 'new_instance_name' ] elif command == 'snapshot': required_vars = [ 'instance_name', 'snapshot'] - invalid_vars = [ 'db_engine', 'size', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'security_groups', 'option_group', 'maint_window', 'subnet', 'source_instance', 'apply_immediately', 'new_instance_name' ] + invalid_vars = [ 'db_engine', 'size', 'username', 'password', 'db_name', 'engine_version', 'parameter_group', 'license_model', 'multi_zone', 'iops', 'vpc_security_groups', 'security_groups', 'option_group', 'maint_window', 'subnet', 'source_instance', 'apply_immediately', 'new_instance_name' ] elif command == 'restore': required_vars = [ 'instance_name', 'snapshot', 'instance_type' ] - invalid_vars = [ 'db_engine', 'db_name', 'usernmae', 'password', 'engine_version', 'option_group', 'source_instance', 'apply_immediately', 'new_instance_name' ] + invalid_vars = [ 'db_engine', 'db_name', 'username', 'password', 'engine_version', 'option_group', 'source_instance', 'apply_immediately', 'new_instance_name', 'vpc_security_groups', 'security_groups' ] for v in required_vars: if not module.params.get(v): @@ -447,10 +461,10 @@ def main(): params["iops"] = iops if security_groups: - if subnet: - params["vpc_security_groups"] = security_groups.split(',') - else: - params["security_groups"] = security_groups.split(',') + params["security_groups"] = security_groups.split(',') + + if vpc_security_groups: + params["vpc_security_groups"] = vpc_security_groups.split(',') if new_instance_name: params["new_instance_id"] = new_instance_name