github.com/IBM-Cloud/terraform@v0.6.4-0.20170726051544-8872b87621df/builtin/providers/aws/resource_aws_alb_test.go (about) 1 package aws 2 3 import ( 4 "errors" 5 "fmt" 6 "regexp" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/service/elbv2" 11 "github.com/hashicorp/errwrap" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/terraform" 15 ) 16 17 func TestALBCloudwatchSuffixFromARN(t *testing.T) { 18 cases := []struct { 19 name string 20 arn *string 21 suffix string 22 }{ 23 { 24 name: "valid suffix", 25 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer/app/my-alb/abc123`), 26 suffix: `app/my-alb/abc123`, 27 }, 28 { 29 name: "no suffix", 30 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer`), 31 suffix: ``, 32 }, 33 { 34 name: "nil ARN", 35 arn: nil, 36 suffix: ``, 37 }, 38 } 39 40 for _, tc := range cases { 41 actual := albSuffixFromARN(tc.arn) 42 if actual != tc.suffix { 43 t.Fatalf("bad suffix: %q\nExpected: %s\n Got: %s", tc.name, tc.suffix, actual) 44 } 45 } 46 } 47 48 func TestAccAWSALB_basic(t *testing.T) { 49 var conf elbv2.LoadBalancer 50 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 51 52 resource.Test(t, resource.TestCase{ 53 PreCheck: func() { testAccPreCheck(t) }, 54 IDRefreshName: "aws_alb.alb_test", 55 Providers: testAccProviders, 56 CheckDestroy: testAccCheckAWSALBDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAWSALBConfig_basic(albName), 60 Check: resource.ComposeAggregateTestCheckFunc( 61 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 62 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 63 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 64 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 65 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 66 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 67 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 68 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 69 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 70 resource.TestCheckResourceAttr("aws_alb.alb_test", "ip_address_type", "ipv4"), 71 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 72 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 73 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 74 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 75 ), 76 }, 77 }, 78 }) 79 } 80 81 func TestAccAWSALB_generatedName(t *testing.T) { 82 var conf elbv2.LoadBalancer 83 84 resource.Test(t, resource.TestCase{ 85 PreCheck: func() { testAccPreCheck(t) }, 86 IDRefreshName: "aws_alb.alb_test", 87 Providers: testAccProviders, 88 CheckDestroy: testAccCheckAWSALBDestroy, 89 Steps: []resource.TestStep{ 90 { 91 Config: testAccAWSALBConfig_generatedName(), 92 Check: resource.ComposeAggregateTestCheckFunc( 93 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 94 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 95 ), 96 }, 97 }, 98 }) 99 } 100 101 func TestAccAWSALB_generatesNameForZeroValue(t *testing.T) { 102 var conf elbv2.LoadBalancer 103 104 resource.Test(t, resource.TestCase{ 105 PreCheck: func() { testAccPreCheck(t) }, 106 IDRefreshName: "aws_alb.alb_test", 107 Providers: testAccProviders, 108 CheckDestroy: testAccCheckAWSALBDestroy, 109 Steps: []resource.TestStep{ 110 { 111 Config: testAccAWSALBConfig_zeroValueName(), 112 Check: resource.ComposeAggregateTestCheckFunc( 113 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 114 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 115 ), 116 }, 117 }, 118 }) 119 } 120 121 func TestAccAWSALB_namePrefix(t *testing.T) { 122 var conf elbv2.LoadBalancer 123 124 resource.Test(t, resource.TestCase{ 125 PreCheck: func() { testAccPreCheck(t) }, 126 IDRefreshName: "aws_alb.alb_test", 127 Providers: testAccProviders, 128 CheckDestroy: testAccCheckAWSALBDestroy, 129 Steps: []resource.TestStep{ 130 { 131 Config: testAccAWSALBConfig_namePrefix(), 132 Check: resource.ComposeAggregateTestCheckFunc( 133 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 134 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 135 resource.TestMatchResourceAttr("aws_alb.alb_test", "name", 136 regexp.MustCompile("^tf-lb-")), 137 ), 138 }, 139 }, 140 }) 141 } 142 143 func TestAccAWSALB_tags(t *testing.T) { 144 var conf elbv2.LoadBalancer 145 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 146 147 resource.Test(t, resource.TestCase{ 148 PreCheck: func() { testAccPreCheck(t) }, 149 IDRefreshName: "aws_alb.alb_test", 150 Providers: testAccProviders, 151 CheckDestroy: testAccCheckAWSALBDestroy, 152 Steps: []resource.TestStep{ 153 { 154 Config: testAccAWSALBConfig_basic(albName), 155 Check: resource.ComposeAggregateTestCheckFunc( 156 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 157 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 158 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 159 ), 160 }, 161 { 162 Config: testAccAWSALBConfig_updatedTags(albName), 163 Check: resource.ComposeAggregateTestCheckFunc( 164 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 165 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "2"), 166 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Type", "Sample Type Tag"), 167 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Environment", "Production"), 168 ), 169 }, 170 }, 171 }) 172 } 173 174 func TestAccAWSALB_updatedSecurityGroups(t *testing.T) { 175 var pre, post elbv2.LoadBalancer 176 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 177 178 resource.Test(t, resource.TestCase{ 179 PreCheck: func() { testAccPreCheck(t) }, 180 IDRefreshName: "aws_alb.alb_test", 181 Providers: testAccProviders, 182 CheckDestroy: testAccCheckAWSALBDestroy, 183 Steps: []resource.TestStep{ 184 { 185 Config: testAccAWSALBConfig_basic(albName), 186 Check: resource.ComposeAggregateTestCheckFunc( 187 testAccCheckAWSALBExists("aws_alb.alb_test", &pre), 188 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 189 ), 190 }, 191 { 192 Config: testAccAWSALBConfig_updateSecurityGroups(albName), 193 Check: resource.ComposeAggregateTestCheckFunc( 194 testAccCheckAWSALBExists("aws_alb.alb_test", &post), 195 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "2"), 196 testAccCheckAWSAlbARNs(&pre, &post), 197 ), 198 }, 199 }, 200 }) 201 } 202 203 func TestAccAWSALB_updatedSubnets(t *testing.T) { 204 var pre, post elbv2.LoadBalancer 205 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 206 207 resource.Test(t, resource.TestCase{ 208 PreCheck: func() { testAccPreCheck(t) }, 209 IDRefreshName: "aws_alb.alb_test", 210 Providers: testAccProviders, 211 CheckDestroy: testAccCheckAWSALBDestroy, 212 Steps: []resource.TestStep{ 213 { 214 Config: testAccAWSALBConfig_basic(albName), 215 Check: resource.ComposeAggregateTestCheckFunc( 216 testAccCheckAWSALBExists("aws_alb.alb_test", &pre), 217 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 218 ), 219 }, 220 { 221 Config: testAccAWSALBConfig_updateSubnets(albName), 222 Check: resource.ComposeAggregateTestCheckFunc( 223 testAccCheckAWSALBExists("aws_alb.alb_test", &post), 224 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "3"), 225 testAccCheckAWSAlbARNs(&pre, &post), 226 ), 227 }, 228 }, 229 }) 230 } 231 232 func TestAccAWSALB_updatedIpAddressType(t *testing.T) { 233 var pre, post elbv2.LoadBalancer 234 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 235 236 resource.Test(t, resource.TestCase{ 237 PreCheck: func() { testAccPreCheck(t) }, 238 IDRefreshName: "aws_alb.alb_test", 239 Providers: testAccProviders, 240 CheckDestroy: testAccCheckAWSALBDestroy, 241 Steps: []resource.TestStep{ 242 { 243 Config: testAccAWSALBConfigWithIpAddressType(albName), 244 Check: resource.ComposeAggregateTestCheckFunc( 245 testAccCheckAWSALBExists("aws_alb.alb_test", &pre), 246 resource.TestCheckResourceAttr("aws_alb.alb_test", "ip_address_type", "ipv4"), 247 ), 248 }, 249 { 250 Config: testAccAWSALBConfigWithIpAddressTypeUpdated(albName), 251 Check: resource.ComposeAggregateTestCheckFunc( 252 testAccCheckAWSALBExists("aws_alb.alb_test", &post), 253 resource.TestCheckResourceAttr("aws_alb.alb_test", "ip_address_type", "dualstack"), 254 ), 255 }, 256 }, 257 }) 258 } 259 260 // TestAccAWSALB_noSecurityGroup regression tests the issue in #8264, 261 // where if an ALB is created without a security group, a default one 262 // is assigned. 263 func TestAccAWSALB_noSecurityGroup(t *testing.T) { 264 var conf elbv2.LoadBalancer 265 albName := fmt.Sprintf("testaccawsalb-nosg-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 266 267 resource.Test(t, resource.TestCase{ 268 PreCheck: func() { testAccPreCheck(t) }, 269 IDRefreshName: "aws_alb.alb_test", 270 Providers: testAccProviders, 271 CheckDestroy: testAccCheckAWSALBDestroy, 272 Steps: []resource.TestStep{ 273 { 274 Config: testAccAWSALBConfig_nosg(albName), 275 Check: resource.ComposeAggregateTestCheckFunc( 276 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 277 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 278 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 279 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 280 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 281 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 282 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 283 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 284 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 285 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 286 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 287 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 288 ), 289 }, 290 }, 291 }) 292 } 293 294 func TestAccAWSALB_accesslogs(t *testing.T) { 295 var conf elbv2.LoadBalancer 296 bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)) 297 albName := fmt.Sprintf("testaccawsalbaccesslog-%s", acctest.RandStringFromCharSet(4, acctest.CharSetAlpha)) 298 299 resource.Test(t, resource.TestCase{ 300 PreCheck: func() { testAccPreCheck(t) }, 301 IDRefreshName: "aws_alb.alb_test", 302 Providers: testAccProviders, 303 CheckDestroy: testAccCheckAWSALBDestroy, 304 Steps: []resource.TestStep{ 305 { 306 Config: testAccAWSALBConfig_basic(albName), 307 Check: resource.ComposeAggregateTestCheckFunc( 308 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 309 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 310 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 311 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 312 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 313 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 314 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 315 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 316 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 317 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 318 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 319 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 320 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 321 ), 322 }, 323 { 324 Config: testAccAWSALBConfig_accessLogs(true, albName, bucketName), 325 Check: resource.ComposeAggregateTestCheckFunc( 326 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 327 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 328 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 329 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 330 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 331 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 332 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 333 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 334 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 335 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 336 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 337 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 338 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 339 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.bucket", bucketName), 340 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.prefix", "testAccAWSALBConfig_accessLogs"), 341 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "true"), 342 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 343 ), 344 }, 345 { 346 Config: testAccAWSALBConfig_accessLogs(false, albName, bucketName), 347 Check: resource.ComposeAggregateTestCheckFunc( 348 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 349 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 350 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 351 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 352 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 353 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 354 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 355 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 356 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 357 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 358 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 359 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 360 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 361 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "false"), 362 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 363 ), 364 }, 365 }, 366 }) 367 } 368 369 func testAccCheckAWSAlbARNs(pre, post *elbv2.LoadBalancer) resource.TestCheckFunc { 370 return func(s *terraform.State) error { 371 if *pre.LoadBalancerArn != *post.LoadBalancerArn { 372 return errors.New("ALB has been recreated. ARNs are different") 373 } 374 375 return nil 376 } 377 } 378 379 func testAccCheckAWSALBExists(n string, res *elbv2.LoadBalancer) resource.TestCheckFunc { 380 return func(s *terraform.State) error { 381 rs, ok := s.RootModule().Resources[n] 382 if !ok { 383 return fmt.Errorf("Not found: %s", n) 384 } 385 386 if rs.Primary.ID == "" { 387 return errors.New("No ALB ID is set") 388 } 389 390 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 391 392 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 393 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 394 }) 395 396 if err != nil { 397 return err 398 } 399 400 if len(describe.LoadBalancers) != 1 || 401 *describe.LoadBalancers[0].LoadBalancerArn != rs.Primary.ID { 402 return errors.New("ALB not found") 403 } 404 405 *res = *describe.LoadBalancers[0] 406 return nil 407 } 408 } 409 410 func testAccCheckAWSALBDestroy(s *terraform.State) error { 411 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 412 413 for _, rs := range s.RootModule().Resources { 414 if rs.Type != "aws_alb" { 415 continue 416 } 417 418 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 419 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 420 }) 421 422 if err == nil { 423 if len(describe.LoadBalancers) != 0 && 424 *describe.LoadBalancers[0].LoadBalancerArn == rs.Primary.ID { 425 return fmt.Errorf("ALB %q still exists", rs.Primary.ID) 426 } 427 } 428 429 // Verify the error 430 if isLoadBalancerNotFound(err) { 431 return nil 432 } else { 433 return errwrap.Wrapf("Unexpected error checking ALB destroyed: {{err}}", err) 434 } 435 } 436 437 return nil 438 } 439 440 func testAccAWSALBConfigWithIpAddressTypeUpdated(albName string) string { 441 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 442 name = "%s" 443 security_groups = ["${aws_security_group.alb_test.id}"] 444 subnets = ["${aws_subnet.alb_test_1.id}", "${aws_subnet.alb_test_2.id}"] 445 446 ip_address_type = "dualstack" 447 448 idle_timeout = 30 449 enable_deletion_protection = false 450 451 tags { 452 TestName = "TestAccAWSALB_basic" 453 } 454 } 455 456 resource "aws_alb_listener" "test" { 457 load_balancer_arn = "${aws_alb.alb_test.id}" 458 protocol = "HTTP" 459 port = "80" 460 461 default_action { 462 target_group_arn = "${aws_alb_target_group.test.id}" 463 type = "forward" 464 } 465 } 466 467 resource "aws_alb_target_group" "test" { 468 name = "%s" 469 port = 80 470 protocol = "HTTP" 471 vpc_id = "${aws_vpc.alb_test.id}" 472 473 deregistration_delay = 200 474 475 stickiness { 476 type = "lb_cookie" 477 cookie_duration = 10000 478 } 479 480 health_check { 481 path = "/health2" 482 interval = 30 483 port = 8082 484 protocol = "HTTPS" 485 timeout = 4 486 healthy_threshold = 4 487 unhealthy_threshold = 4 488 matcher = "200" 489 } 490 } 491 492 resource "aws_egress_only_internet_gateway" "igw" { 493 vpc_id = "${aws_vpc.alb_test.id}" 494 } 495 496 resource "aws_vpc" "alb_test" { 497 cidr_block = "10.0.0.0/16" 498 assign_generated_ipv6_cidr_block = true 499 500 tags { 501 TestName = "TestAccAWSALB_basic" 502 } 503 } 504 505 resource "aws_internet_gateway" "foo" { 506 vpc_id = "${aws_vpc.alb_test.id}" 507 } 508 509 resource "aws_subnet" "alb_test_1" { 510 vpc_id = "${aws_vpc.alb_test.id}" 511 cidr_block = "10.0.1.0/24" 512 map_public_ip_on_launch = true 513 availability_zone = "us-west-2a" 514 ipv6_cidr_block = "${cidrsubnet(aws_vpc.alb_test.ipv6_cidr_block, 8, 1)}" 515 516 tags { 517 TestName = "TestAccAWSALB_basic" 518 } 519 } 520 521 resource "aws_subnet" "alb_test_2" { 522 vpc_id = "${aws_vpc.alb_test.id}" 523 cidr_block = "10.0.2.0/24" 524 map_public_ip_on_launch = true 525 availability_zone = "us-west-2b" 526 ipv6_cidr_block = "${cidrsubnet(aws_vpc.alb_test.ipv6_cidr_block, 8, 2)}" 527 528 tags { 529 TestName = "TestAccAWSALB_basic" 530 } 531 } 532 533 resource "aws_security_group" "alb_test" { 534 name = "allow_all_alb_test" 535 description = "Used for ALB Testing" 536 vpc_id = "${aws_vpc.alb_test.id}" 537 538 ingress { 539 from_port = 0 540 to_port = 0 541 protocol = "-1" 542 cidr_blocks = ["0.0.0.0/0"] 543 } 544 545 tags { 546 TestName = "TestAccAWSALB_basic" 547 } 548 }`, albName, albName) 549 } 550 551 func testAccAWSALBConfigWithIpAddressType(albName string) string { 552 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 553 name = "%s" 554 security_groups = ["${aws_security_group.alb_test.id}"] 555 subnets = ["${aws_subnet.alb_test_1.id}", "${aws_subnet.alb_test_2.id}"] 556 557 ip_address_type = "ipv4" 558 559 idle_timeout = 30 560 enable_deletion_protection = false 561 562 tags { 563 TestName = "TestAccAWSALB_basic" 564 } 565 } 566 567 resource "aws_alb_listener" "test" { 568 load_balancer_arn = "${aws_alb.alb_test.id}" 569 protocol = "HTTP" 570 port = "80" 571 572 default_action { 573 target_group_arn = "${aws_alb_target_group.test.id}" 574 type = "forward" 575 } 576 } 577 578 resource "aws_alb_target_group" "test" { 579 name = "%s" 580 port = 80 581 protocol = "HTTP" 582 vpc_id = "${aws_vpc.alb_test.id}" 583 584 deregistration_delay = 200 585 586 stickiness { 587 type = "lb_cookie" 588 cookie_duration = 10000 589 } 590 591 health_check { 592 path = "/health2" 593 interval = 30 594 port = 8082 595 protocol = "HTTPS" 596 timeout = 4 597 healthy_threshold = 4 598 unhealthy_threshold = 4 599 matcher = "200" 600 } 601 } 602 603 resource "aws_egress_only_internet_gateway" "igw" { 604 vpc_id = "${aws_vpc.alb_test.id}" 605 } 606 607 resource "aws_vpc" "alb_test" { 608 cidr_block = "10.0.0.0/16" 609 assign_generated_ipv6_cidr_block = true 610 611 tags { 612 TestName = "TestAccAWSALB_basic" 613 } 614 } 615 616 resource "aws_internet_gateway" "foo" { 617 vpc_id = "${aws_vpc.alb_test.id}" 618 } 619 620 resource "aws_subnet" "alb_test_1" { 621 vpc_id = "${aws_vpc.alb_test.id}" 622 cidr_block = "10.0.1.0/24" 623 map_public_ip_on_launch = true 624 availability_zone = "us-west-2a" 625 ipv6_cidr_block = "${cidrsubnet(aws_vpc.alb_test.ipv6_cidr_block, 8, 1)}" 626 627 tags { 628 TestName = "TestAccAWSALB_basic" 629 } 630 } 631 632 resource "aws_subnet" "alb_test_2" { 633 vpc_id = "${aws_vpc.alb_test.id}" 634 cidr_block = "10.0.2.0/24" 635 map_public_ip_on_launch = true 636 availability_zone = "us-west-2b" 637 ipv6_cidr_block = "${cidrsubnet(aws_vpc.alb_test.ipv6_cidr_block, 8, 2)}" 638 639 tags { 640 TestName = "TestAccAWSALB_basic" 641 } 642 } 643 644 resource "aws_security_group" "alb_test" { 645 name = "allow_all_alb_test" 646 description = "Used for ALB Testing" 647 vpc_id = "${aws_vpc.alb_test.id}" 648 649 ingress { 650 from_port = 0 651 to_port = 0 652 protocol = "-1" 653 cidr_blocks = ["0.0.0.0/0"] 654 } 655 656 tags { 657 TestName = "TestAccAWSALB_basic" 658 } 659 }`, albName, albName) 660 } 661 662 func testAccAWSALBConfig_basic(albName string) string { 663 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 664 name = "%s" 665 internal = true 666 security_groups = ["${aws_security_group.alb_test.id}"] 667 subnets = ["${aws_subnet.alb_test.*.id}"] 668 669 idle_timeout = 30 670 enable_deletion_protection = false 671 672 tags { 673 TestName = "TestAccAWSALB_basic" 674 } 675 } 676 677 variable "subnets" { 678 default = ["10.0.1.0/24", "10.0.2.0/24"] 679 type = "list" 680 } 681 682 data "aws_availability_zones" "available" {} 683 684 resource "aws_vpc" "alb_test" { 685 cidr_block = "10.0.0.0/16" 686 687 tags { 688 TestName = "TestAccAWSALB_basic" 689 } 690 } 691 692 resource "aws_subnet" "alb_test" { 693 count = 2 694 vpc_id = "${aws_vpc.alb_test.id}" 695 cidr_block = "${element(var.subnets, count.index)}" 696 map_public_ip_on_launch = true 697 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 698 699 tags { 700 TestName = "TestAccAWSALB_basic" 701 } 702 } 703 704 resource "aws_security_group" "alb_test" { 705 name = "allow_all_alb_test" 706 description = "Used for ALB Testing" 707 vpc_id = "${aws_vpc.alb_test.id}" 708 709 ingress { 710 from_port = 0 711 to_port = 0 712 protocol = "-1" 713 cidr_blocks = ["0.0.0.0/0"] 714 } 715 716 egress { 717 from_port = 0 718 to_port = 0 719 protocol = "-1" 720 cidr_blocks = ["0.0.0.0/0"] 721 } 722 723 tags { 724 TestName = "TestAccAWSALB_basic" 725 } 726 }`, albName) 727 } 728 729 func testAccAWSALBConfig_updateSubnets(albName string) string { 730 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 731 name = "%s" 732 internal = true 733 security_groups = ["${aws_security_group.alb_test.id}"] 734 subnets = ["${aws_subnet.alb_test.*.id}"] 735 736 idle_timeout = 30 737 enable_deletion_protection = false 738 739 tags { 740 TestName = "TestAccAWSALB_basic" 741 } 742 } 743 744 variable "subnets" { 745 default = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] 746 type = "list" 747 } 748 749 data "aws_availability_zones" "available" {} 750 751 resource "aws_vpc" "alb_test" { 752 cidr_block = "10.0.0.0/16" 753 754 tags { 755 TestName = "TestAccAWSALB_basic" 756 } 757 } 758 759 resource "aws_subnet" "alb_test" { 760 count = 3 761 vpc_id = "${aws_vpc.alb_test.id}" 762 cidr_block = "${element(var.subnets, count.index)}" 763 map_public_ip_on_launch = true 764 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 765 766 tags { 767 TestName = "TestAccAWSALB_basic" 768 } 769 } 770 771 resource "aws_security_group" "alb_test" { 772 name = "allow_all_alb_test" 773 description = "Used for ALB Testing" 774 vpc_id = "${aws_vpc.alb_test.id}" 775 776 ingress { 777 from_port = 0 778 to_port = 0 779 protocol = "-1" 780 cidr_blocks = ["0.0.0.0/0"] 781 } 782 783 egress { 784 from_port = 0 785 to_port = 0 786 protocol = "-1" 787 cidr_blocks = ["0.0.0.0/0"] 788 } 789 790 tags { 791 TestName = "TestAccAWSALB_basic" 792 } 793 }`, albName) 794 } 795 796 func testAccAWSALBConfig_generatedName() string { 797 return fmt.Sprintf(` 798 resource "aws_alb" "alb_test" { 799 internal = true 800 security_groups = ["${aws_security_group.alb_test.id}"] 801 subnets = ["${aws_subnet.alb_test.*.id}"] 802 803 idle_timeout = 30 804 enable_deletion_protection = false 805 806 tags { 807 TestName = "TestAccAWSALB_basic" 808 } 809 } 810 811 variable "subnets" { 812 default = ["10.0.1.0/24", "10.0.2.0/24"] 813 type = "list" 814 } 815 816 data "aws_availability_zones" "available" {} 817 818 resource "aws_vpc" "alb_test" { 819 cidr_block = "10.0.0.0/16" 820 821 tags { 822 TestName = "TestAccAWSALB_basic" 823 } 824 } 825 826 resource "aws_internet_gateway" "gw" { 827 vpc_id = "${aws_vpc.alb_test.id}" 828 829 tags { 830 Name = "TestAccAWSALB_basic" 831 } 832 } 833 834 resource "aws_subnet" "alb_test" { 835 count = 2 836 vpc_id = "${aws_vpc.alb_test.id}" 837 cidr_block = "${element(var.subnets, count.index)}" 838 map_public_ip_on_launch = true 839 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 840 841 tags { 842 TestName = "TestAccAWSALB_basic" 843 } 844 } 845 846 resource "aws_security_group" "alb_test" { 847 name = "allow_all_alb_test" 848 description = "Used for ALB Testing" 849 vpc_id = "${aws_vpc.alb_test.id}" 850 851 ingress { 852 from_port = 0 853 to_port = 0 854 protocol = "-1" 855 cidr_blocks = ["0.0.0.0/0"] 856 } 857 858 egress { 859 from_port = 0 860 to_port = 0 861 protocol = "-1" 862 cidr_blocks = ["0.0.0.0/0"] 863 } 864 865 tags { 866 TestName = "TestAccAWSALB_basic" 867 } 868 }`) 869 } 870 871 func testAccAWSALBConfig_zeroValueName() string { 872 return fmt.Sprintf(` 873 resource "aws_alb" "alb_test" { 874 name = "" 875 internal = true 876 security_groups = ["${aws_security_group.alb_test.id}"] 877 subnets = ["${aws_subnet.alb_test.*.id}"] 878 879 idle_timeout = 30 880 enable_deletion_protection = false 881 882 tags { 883 TestName = "TestAccAWSALB_basic" 884 } 885 } 886 887 variable "subnets" { 888 default = ["10.0.1.0/24", "10.0.2.0/24"] 889 type = "list" 890 } 891 892 data "aws_availability_zones" "available" {} 893 894 resource "aws_vpc" "alb_test" { 895 cidr_block = "10.0.0.0/16" 896 897 tags { 898 TestName = "TestAccAWSALB_basic" 899 } 900 } 901 902 resource "aws_internet_gateway" "gw" { 903 vpc_id = "${aws_vpc.alb_test.id}" 904 905 tags { 906 Name = "TestAccAWSALB_basic" 907 } 908 } 909 910 resource "aws_subnet" "alb_test" { 911 count = 2 912 vpc_id = "${aws_vpc.alb_test.id}" 913 cidr_block = "${element(var.subnets, count.index)}" 914 map_public_ip_on_launch = true 915 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 916 917 tags { 918 TestName = "TestAccAWSALB_basic" 919 } 920 } 921 922 resource "aws_security_group" "alb_test" { 923 name = "allow_all_alb_test" 924 description = "Used for ALB Testing" 925 vpc_id = "${aws_vpc.alb_test.id}" 926 927 ingress { 928 from_port = 0 929 to_port = 0 930 protocol = "-1" 931 cidr_blocks = ["0.0.0.0/0"] 932 } 933 934 egress { 935 from_port = 0 936 to_port = 0 937 protocol = "-1" 938 cidr_blocks = ["0.0.0.0/0"] 939 } 940 941 tags { 942 TestName = "TestAccAWSALB_basic" 943 } 944 }`) 945 } 946 947 func testAccAWSALBConfig_namePrefix() string { 948 return fmt.Sprintf(` 949 resource "aws_alb" "alb_test" { 950 name_prefix = "tf-lb-" 951 internal = true 952 security_groups = ["${aws_security_group.alb_test.id}"] 953 subnets = ["${aws_subnet.alb_test.*.id}"] 954 955 idle_timeout = 30 956 enable_deletion_protection = false 957 958 tags { 959 TestName = "TestAccAWSALB_basic" 960 } 961 } 962 963 variable "subnets" { 964 default = ["10.0.1.0/24", "10.0.2.0/24"] 965 type = "list" 966 } 967 968 data "aws_availability_zones" "available" {} 969 970 resource "aws_vpc" "alb_test" { 971 cidr_block = "10.0.0.0/16" 972 973 tags { 974 TestName = "TestAccAWSALB_basic" 975 } 976 } 977 978 resource "aws_subnet" "alb_test" { 979 count = 2 980 vpc_id = "${aws_vpc.alb_test.id}" 981 cidr_block = "${element(var.subnets, count.index)}" 982 map_public_ip_on_launch = true 983 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 984 985 tags { 986 TestName = "TestAccAWSALB_basic" 987 } 988 } 989 990 resource "aws_security_group" "alb_test" { 991 name = "allow_all_alb_test" 992 description = "Used for ALB Testing" 993 vpc_id = "${aws_vpc.alb_test.id}" 994 995 ingress { 996 from_port = 0 997 to_port = 0 998 protocol = "-1" 999 cidr_blocks = ["0.0.0.0/0"] 1000 } 1001 1002 egress { 1003 from_port = 0 1004 to_port = 0 1005 protocol = "-1" 1006 cidr_blocks = ["0.0.0.0/0"] 1007 } 1008 1009 tags { 1010 TestName = "TestAccAWSALB_basic" 1011 } 1012 }`) 1013 } 1014 func testAccAWSALBConfig_updatedTags(albName string) string { 1015 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 1016 name = "%s" 1017 internal = true 1018 security_groups = ["${aws_security_group.alb_test.id}"] 1019 subnets = ["${aws_subnet.alb_test.*.id}"] 1020 1021 idle_timeout = 30 1022 enable_deletion_protection = false 1023 1024 tags { 1025 Environment = "Production" 1026 Type = "Sample Type Tag" 1027 } 1028 } 1029 1030 variable "subnets" { 1031 default = ["10.0.1.0/24", "10.0.2.0/24"] 1032 type = "list" 1033 } 1034 1035 data "aws_availability_zones" "available" {} 1036 1037 resource "aws_vpc" "alb_test" { 1038 cidr_block = "10.0.0.0/16" 1039 1040 tags { 1041 TestName = "TestAccAWSALB_basic" 1042 } 1043 } 1044 1045 resource "aws_subnet" "alb_test" { 1046 count = 2 1047 vpc_id = "${aws_vpc.alb_test.id}" 1048 cidr_block = "${element(var.subnets, count.index)}" 1049 map_public_ip_on_launch = true 1050 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 1051 1052 tags { 1053 TestName = "TestAccAWSALB_basic" 1054 } 1055 } 1056 1057 resource "aws_security_group" "alb_test" { 1058 name = "allow_all_alb_test" 1059 description = "Used for ALB Testing" 1060 vpc_id = "${aws_vpc.alb_test.id}" 1061 1062 ingress { 1063 from_port = 0 1064 to_port = 0 1065 protocol = "-1" 1066 cidr_blocks = ["0.0.0.0/0"] 1067 } 1068 1069 egress { 1070 from_port = 0 1071 to_port = 0 1072 protocol = "-1" 1073 cidr_blocks = ["0.0.0.0/0"] 1074 } 1075 1076 tags { 1077 TestName = "TestAccAWSALB_basic" 1078 } 1079 }`, albName) 1080 } 1081 1082 func testAccAWSALBConfig_accessLogs(enabled bool, albName, bucketName string) string { 1083 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 1084 name = "%s" 1085 internal = true 1086 security_groups = ["${aws_security_group.alb_test.id}"] 1087 subnets = ["${aws_subnet.alb_test.*.id}"] 1088 1089 idle_timeout = 50 1090 enable_deletion_protection = false 1091 1092 access_logs { 1093 bucket = "${aws_s3_bucket.logs.bucket}" 1094 prefix = "${var.bucket_prefix}" 1095 enabled = "%t" 1096 } 1097 1098 tags { 1099 TestName = "TestAccAWSALB_basic1" 1100 } 1101 } 1102 1103 variable "bucket_name" { 1104 type = "string" 1105 default = "%s" 1106 } 1107 1108 variable "bucket_prefix" { 1109 type = "string" 1110 default = "testAccAWSALBConfig_accessLogs" 1111 } 1112 1113 resource "aws_s3_bucket" "logs" { 1114 bucket = "${var.bucket_name}" 1115 policy = "${data.aws_iam_policy_document.logs_bucket.json}" 1116 # dangerous, only here for the test... 1117 force_destroy = true 1118 1119 tags { 1120 Name = "ALB Logs Bucket Test" 1121 } 1122 } 1123 1124 data "aws_caller_identity" "current" {} 1125 1126 data "aws_elb_service_account" "current" {} 1127 1128 data "aws_iam_policy_document" "logs_bucket" { 1129 statement { 1130 actions = ["s3:PutObject"] 1131 effect = "Allow" 1132 resources = ["arn:aws:s3:::${var.bucket_name}/${var.bucket_prefix}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"] 1133 1134 principals = { 1135 type = "AWS" 1136 identifiers = ["arn:aws:iam::${data.aws_elb_service_account.current.id}:root"] 1137 } 1138 } 1139 } 1140 1141 variable "subnets" { 1142 default = ["10.0.1.0/24", "10.0.2.0/24"] 1143 type = "list" 1144 } 1145 1146 data "aws_availability_zones" "available" {} 1147 1148 resource "aws_vpc" "alb_test" { 1149 cidr_block = "10.0.0.0/16" 1150 1151 tags { 1152 TestName = "TestAccAWSALB_basic" 1153 } 1154 } 1155 1156 resource "aws_subnet" "alb_test" { 1157 count = 2 1158 vpc_id = "${aws_vpc.alb_test.id}" 1159 cidr_block = "${element(var.subnets, count.index)}" 1160 map_public_ip_on_launch = true 1161 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 1162 1163 tags { 1164 TestName = "TestAccAWSALB_basic" 1165 } 1166 } 1167 1168 resource "aws_security_group" "alb_test" { 1169 name = "allow_all_alb_test" 1170 description = "Used for ALB Testing" 1171 vpc_id = "${aws_vpc.alb_test.id}" 1172 1173 ingress { 1174 from_port = 0 1175 to_port = 0 1176 protocol = "-1" 1177 cidr_blocks = ["0.0.0.0/0"] 1178 } 1179 1180 egress { 1181 from_port = 0 1182 to_port = 0 1183 protocol = "-1" 1184 cidr_blocks = ["0.0.0.0/0"] 1185 } 1186 1187 tags { 1188 TestName = "TestAccAWSALB_basic" 1189 } 1190 }`, albName, enabled, bucketName) 1191 } 1192 1193 func testAccAWSALBConfig_nosg(albName string) string { 1194 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 1195 name = "%s" 1196 internal = true 1197 subnets = ["${aws_subnet.alb_test.*.id}"] 1198 1199 idle_timeout = 30 1200 enable_deletion_protection = false 1201 1202 tags { 1203 TestName = "TestAccAWSALB_basic" 1204 } 1205 } 1206 1207 variable "subnets" { 1208 default = ["10.0.1.0/24", "10.0.2.0/24"] 1209 type = "list" 1210 } 1211 1212 data "aws_availability_zones" "available" {} 1213 1214 resource "aws_vpc" "alb_test" { 1215 cidr_block = "10.0.0.0/16" 1216 1217 tags { 1218 TestName = "TestAccAWSALB_basic" 1219 } 1220 } 1221 1222 resource "aws_subnet" "alb_test" { 1223 count = 2 1224 vpc_id = "${aws_vpc.alb_test.id}" 1225 cidr_block = "${element(var.subnets, count.index)}" 1226 map_public_ip_on_launch = true 1227 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 1228 1229 tags { 1230 TestName = "TestAccAWSALB_basic" 1231 } 1232 }`, albName) 1233 } 1234 1235 func testAccAWSALBConfig_updateSecurityGroups(albName string) string { 1236 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 1237 name = "%s" 1238 internal = true 1239 security_groups = ["${aws_security_group.alb_test.id}", "${aws_security_group.alb_test_2.id}"] 1240 subnets = ["${aws_subnet.alb_test.*.id}"] 1241 1242 idle_timeout = 30 1243 enable_deletion_protection = false 1244 1245 tags { 1246 TestName = "TestAccAWSALB_basic" 1247 } 1248 } 1249 1250 variable "subnets" { 1251 default = ["10.0.1.0/24", "10.0.2.0/24"] 1252 type = "list" 1253 } 1254 1255 data "aws_availability_zones" "available" {} 1256 1257 resource "aws_vpc" "alb_test" { 1258 cidr_block = "10.0.0.0/16" 1259 1260 tags { 1261 TestName = "TestAccAWSALB_basic" 1262 } 1263 } 1264 1265 resource "aws_subnet" "alb_test" { 1266 count = 2 1267 vpc_id = "${aws_vpc.alb_test.id}" 1268 cidr_block = "${element(var.subnets, count.index)}" 1269 map_public_ip_on_launch = true 1270 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 1271 1272 tags { 1273 TestName = "TestAccAWSALB_basic" 1274 } 1275 } 1276 1277 resource "aws_security_group" "alb_test_2" { 1278 name = "allow_all_alb_test_2" 1279 description = "Used for ALB Testing" 1280 vpc_id = "${aws_vpc.alb_test.id}" 1281 1282 ingress { 1283 from_port = 80 1284 to_port = 80 1285 protocol = "TCP" 1286 cidr_blocks = ["0.0.0.0/0"] 1287 } 1288 1289 tags { 1290 TestName = "TestAccAWSALB_basic_2" 1291 } 1292 } 1293 1294 resource "aws_security_group" "alb_test" { 1295 name = "allow_all_alb_test" 1296 description = "Used for ALB Testing" 1297 vpc_id = "${aws_vpc.alb_test.id}" 1298 1299 ingress { 1300 from_port = 0 1301 to_port = 0 1302 protocol = "-1" 1303 cidr_blocks = ["0.0.0.0/0"] 1304 } 1305 1306 egress { 1307 from_port = 0 1308 to_port = 0 1309 protocol = "-1" 1310 cidr_blocks = ["0.0.0.0/0"] 1311 } 1312 1313 tags { 1314 TestName = "TestAccAWSALB_basic" 1315 } 1316 }`, albName) 1317 }