github.com/IBM-Cloud/terraform@v0.6.4-0.20170726051544-8872b87621df/builtin/providers/aws/resource_aws_elb_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "math/rand" 6 "reflect" 7 "regexp" 8 "sort" 9 "testing" 10 "time" 11 12 "github.com/aws/aws-sdk-go/aws" 13 "github.com/aws/aws-sdk-go/aws/awserr" 14 "github.com/aws/aws-sdk-go/service/elb" 15 "github.com/hashicorp/terraform/helper/acctest" 16 "github.com/hashicorp/terraform/helper/resource" 17 "github.com/hashicorp/terraform/terraform" 18 ) 19 20 func TestAccAWSELB_basic(t *testing.T) { 21 var conf elb.LoadBalancerDescription 22 23 resource.Test(t, resource.TestCase{ 24 PreCheck: func() { testAccPreCheck(t) }, 25 IDRefreshName: "aws_elb.bar", 26 Providers: testAccProviders, 27 CheckDestroy: testAccCheckAWSELBDestroy, 28 Steps: []resource.TestStep{ 29 { 30 Config: testAccAWSELBConfig, 31 Check: resource.ComposeTestCheckFunc( 32 testAccCheckAWSELBExists("aws_elb.bar", &conf), 33 testAccCheckAWSELBAttributes(&conf), 34 resource.TestCheckResourceAttr( 35 "aws_elb.bar", "availability_zones.#", "3"), 36 resource.TestCheckResourceAttr( 37 "aws_elb.bar", "availability_zones.2487133097", "us-west-2a"), 38 resource.TestCheckResourceAttr( 39 "aws_elb.bar", "availability_zones.221770259", "us-west-2b"), 40 resource.TestCheckResourceAttr( 41 "aws_elb.bar", "availability_zones.2050015877", "us-west-2c"), 42 resource.TestCheckResourceAttr( 43 "aws_elb.bar", "subnets.#", "3"), 44 // NOTE: Subnet IDs are different across AWS accounts and cannot be checked. 45 resource.TestCheckResourceAttr( 46 "aws_elb.bar", "listener.206423021.instance_port", "8000"), 47 resource.TestCheckResourceAttr( 48 "aws_elb.bar", "listener.206423021.instance_protocol", "http"), 49 resource.TestCheckResourceAttr( 50 "aws_elb.bar", "listener.206423021.lb_port", "80"), 51 resource.TestCheckResourceAttr( 52 "aws_elb.bar", "listener.206423021.lb_protocol", "http"), 53 resource.TestCheckResourceAttr( 54 "aws_elb.bar", "cross_zone_load_balancing", "true"), 55 ), 56 }, 57 }, 58 }) 59 } 60 61 func TestAccAWSELB_fullCharacterRange(t *testing.T) { 62 var conf elb.LoadBalancerDescription 63 64 lbName := fmt.Sprintf("Tf-%d", 65 rand.New(rand.NewSource(time.Now().UnixNano())).Int()) 66 67 resource.Test(t, resource.TestCase{ 68 PreCheck: func() { testAccPreCheck(t) }, 69 IDRefreshName: "aws_elb.foo", 70 Providers: testAccProviders, 71 CheckDestroy: testAccCheckAWSELBDestroy, 72 Steps: []resource.TestStep{ 73 { 74 Config: fmt.Sprintf(testAccAWSELBFullRangeOfCharacters, lbName), 75 Check: resource.ComposeTestCheckFunc( 76 testAccCheckAWSELBExists("aws_elb.foo", &conf), 77 resource.TestCheckResourceAttr( 78 "aws_elb.foo", "name", lbName), 79 ), 80 }, 81 }, 82 }) 83 } 84 85 func TestAccAWSELB_AccessLogs_enabled(t *testing.T) { 86 var conf elb.LoadBalancerDescription 87 88 rName := fmt.Sprintf("terraform-access-logs-bucket-%d", acctest.RandInt()) 89 90 resource.Test(t, resource.TestCase{ 91 PreCheck: func() { testAccPreCheck(t) }, 92 IDRefreshName: "aws_elb.foo", 93 Providers: testAccProviders, 94 CheckDestroy: testAccCheckAWSELBDestroy, 95 Steps: []resource.TestStep{ 96 { 97 Config: testAccAWSELBAccessLogs, 98 Check: resource.ComposeTestCheckFunc( 99 testAccCheckAWSELBExists("aws_elb.foo", &conf), 100 ), 101 }, 102 103 { 104 Config: testAccAWSELBAccessLogsOn(rName), 105 Check: resource.ComposeTestCheckFunc( 106 testAccCheckAWSELBExists("aws_elb.foo", &conf), 107 resource.TestCheckResourceAttr( 108 "aws_elb.foo", "access_logs.#", "1"), 109 resource.TestCheckResourceAttr( 110 "aws_elb.foo", "access_logs.0.bucket", rName), 111 resource.TestCheckResourceAttr( 112 "aws_elb.foo", "access_logs.0.interval", "5"), 113 resource.TestCheckResourceAttr( 114 "aws_elb.foo", "access_logs.0.enabled", "true"), 115 ), 116 }, 117 118 { 119 Config: testAccAWSELBAccessLogs, 120 Check: resource.ComposeTestCheckFunc( 121 testAccCheckAWSELBExists("aws_elb.foo", &conf), 122 resource.TestCheckResourceAttr( 123 "aws_elb.foo", "access_logs.#", "0"), 124 ), 125 }, 126 }, 127 }) 128 } 129 130 func TestAccAWSELB_AccessLogs_disabled(t *testing.T) { 131 var conf elb.LoadBalancerDescription 132 133 rName := fmt.Sprintf("terraform-access-logs-bucket-%d", acctest.RandInt()) 134 135 resource.Test(t, resource.TestCase{ 136 PreCheck: func() { testAccPreCheck(t) }, 137 IDRefreshName: "aws_elb.foo", 138 Providers: testAccProviders, 139 CheckDestroy: testAccCheckAWSELBDestroy, 140 Steps: []resource.TestStep{ 141 { 142 Config: testAccAWSELBAccessLogs, 143 Check: resource.ComposeTestCheckFunc( 144 testAccCheckAWSELBExists("aws_elb.foo", &conf), 145 ), 146 }, 147 148 { 149 Config: testAccAWSELBAccessLogsDisabled(rName), 150 Check: resource.ComposeTestCheckFunc( 151 testAccCheckAWSELBExists("aws_elb.foo", &conf), 152 resource.TestCheckResourceAttr( 153 "aws_elb.foo", "access_logs.#", "1"), 154 resource.TestCheckResourceAttr( 155 "aws_elb.foo", "access_logs.0.bucket", rName), 156 resource.TestCheckResourceAttr( 157 "aws_elb.foo", "access_logs.0.interval", "5"), 158 resource.TestCheckResourceAttr( 159 "aws_elb.foo", "access_logs.0.enabled", "false"), 160 ), 161 }, 162 163 { 164 Config: testAccAWSELBAccessLogs, 165 Check: resource.ComposeTestCheckFunc( 166 testAccCheckAWSELBExists("aws_elb.foo", &conf), 167 resource.TestCheckResourceAttr( 168 "aws_elb.foo", "access_logs.#", "0"), 169 ), 170 }, 171 }, 172 }) 173 } 174 175 func TestAccAWSELB_namePrefix(t *testing.T) { 176 var conf elb.LoadBalancerDescription 177 nameRegex := regexp.MustCompile("^test-") 178 179 resource.Test(t, resource.TestCase{ 180 PreCheck: func() { testAccPreCheck(t) }, 181 IDRefreshName: "aws_elb.test", 182 Providers: testAccProviders, 183 CheckDestroy: testAccCheckAWSELBDestroy, 184 Steps: []resource.TestStep{ 185 resource.TestStep{ 186 Config: testAccAWSELB_namePrefix, 187 Check: resource.ComposeTestCheckFunc( 188 testAccCheckAWSELBExists("aws_elb.test", &conf), 189 resource.TestMatchResourceAttr( 190 "aws_elb.test", "name", nameRegex), 191 ), 192 }, 193 }, 194 }) 195 } 196 197 func TestAccAWSELB_generatedName(t *testing.T) { 198 var conf elb.LoadBalancerDescription 199 generatedNameRegexp := regexp.MustCompile("^tf-lb-") 200 201 resource.Test(t, resource.TestCase{ 202 PreCheck: func() { testAccPreCheck(t) }, 203 IDRefreshName: "aws_elb.foo", 204 Providers: testAccProviders, 205 CheckDestroy: testAccCheckAWSELBDestroy, 206 Steps: []resource.TestStep{ 207 { 208 Config: testAccAWSELBGeneratedName, 209 Check: resource.ComposeTestCheckFunc( 210 testAccCheckAWSELBExists("aws_elb.foo", &conf), 211 resource.TestMatchResourceAttr( 212 "aws_elb.foo", "name", generatedNameRegexp), 213 ), 214 }, 215 }, 216 }) 217 } 218 219 func TestAccAWSELB_generatesNameForZeroValue(t *testing.T) { 220 var conf elb.LoadBalancerDescription 221 generatedNameRegexp := regexp.MustCompile("^tf-lb-") 222 223 resource.Test(t, resource.TestCase{ 224 PreCheck: func() { testAccPreCheck(t) }, 225 IDRefreshName: "aws_elb.foo", 226 Providers: testAccProviders, 227 CheckDestroy: testAccCheckAWSELBDestroy, 228 Steps: []resource.TestStep{ 229 { 230 Config: testAccAWSELB_zeroValueName, 231 Check: resource.ComposeTestCheckFunc( 232 testAccCheckAWSELBExists("aws_elb.foo", &conf), 233 resource.TestMatchResourceAttr( 234 "aws_elb.foo", "name", generatedNameRegexp), 235 ), 236 }, 237 }, 238 }) 239 } 240 241 func TestAccAWSELB_availabilityZones(t *testing.T) { 242 var conf elb.LoadBalancerDescription 243 244 resource.Test(t, resource.TestCase{ 245 PreCheck: func() { testAccPreCheck(t) }, 246 IDRefreshName: "aws_elb.bar", 247 Providers: testAccProviders, 248 CheckDestroy: testAccCheckAWSELBDestroy, 249 Steps: []resource.TestStep{ 250 { 251 Config: testAccAWSELBConfig, 252 Check: resource.ComposeTestCheckFunc( 253 testAccCheckAWSELBExists("aws_elb.bar", &conf), 254 resource.TestCheckResourceAttr( 255 "aws_elb.bar", "availability_zones.#", "3"), 256 resource.TestCheckResourceAttr( 257 "aws_elb.bar", "availability_zones.2487133097", "us-west-2a"), 258 resource.TestCheckResourceAttr( 259 "aws_elb.bar", "availability_zones.221770259", "us-west-2b"), 260 resource.TestCheckResourceAttr( 261 "aws_elb.bar", "availability_zones.2050015877", "us-west-2c"), 262 ), 263 }, 264 265 { 266 Config: testAccAWSELBConfig_AvailabilityZonesUpdate, 267 Check: resource.ComposeTestCheckFunc( 268 testAccCheckAWSELBExists("aws_elb.bar", &conf), 269 resource.TestCheckResourceAttr( 270 "aws_elb.bar", "availability_zones.#", "2"), 271 resource.TestCheckResourceAttr( 272 "aws_elb.bar", "availability_zones.2487133097", "us-west-2a"), 273 resource.TestCheckResourceAttr( 274 "aws_elb.bar", "availability_zones.221770259", "us-west-2b"), 275 ), 276 }, 277 }, 278 }) 279 } 280 281 func TestAccAWSELB_tags(t *testing.T) { 282 var conf elb.LoadBalancerDescription 283 var td elb.TagDescription 284 285 resource.Test(t, resource.TestCase{ 286 PreCheck: func() { testAccPreCheck(t) }, 287 IDRefreshName: "aws_elb.bar", 288 Providers: testAccProviders, 289 CheckDestroy: testAccCheckAWSELBDestroy, 290 Steps: []resource.TestStep{ 291 { 292 Config: testAccAWSELBConfig, 293 Check: resource.ComposeTestCheckFunc( 294 testAccCheckAWSELBExists("aws_elb.bar", &conf), 295 testAccCheckAWSELBAttributes(&conf), 296 testAccLoadTags(&conf, &td), 297 testAccCheckELBTags(&td.Tags, "bar", "baz"), 298 ), 299 }, 300 301 { 302 Config: testAccAWSELBConfig_TagUpdate, 303 Check: resource.ComposeTestCheckFunc( 304 testAccCheckAWSELBExists("aws_elb.bar", &conf), 305 testAccCheckAWSELBAttributes(&conf), 306 testAccLoadTags(&conf, &td), 307 testAccCheckELBTags(&td.Tags, "foo", "bar"), 308 testAccCheckELBTags(&td.Tags, "new", "type"), 309 ), 310 }, 311 }, 312 }) 313 } 314 315 func TestAccAWSELB_iam_server_cert(t *testing.T) { 316 var conf elb.LoadBalancerDescription 317 // var td elb.TagDescription 318 testCheck := func(*terraform.State) error { 319 if len(conf.ListenerDescriptions) != 1 { 320 return fmt.Errorf( 321 "TestAccAWSELB_iam_server_cert expected 1 listener, got %d", 322 len(conf.ListenerDescriptions)) 323 } 324 return nil 325 } 326 resource.Test(t, resource.TestCase{ 327 PreCheck: func() { testAccPreCheck(t) }, 328 IDRefreshName: "aws_elb.bar", 329 Providers: testAccProviders, 330 CheckDestroy: testAccCheckAWSELBDestroy, 331 Steps: []resource.TestStep{ 332 { 333 Config: testAccELBIAMServerCertConfig( 334 fmt.Sprintf("tf-acctest-%s", acctest.RandString(10))), 335 Check: resource.ComposeTestCheckFunc( 336 testAccCheckAWSELBExists("aws_elb.bar", &conf), 337 testCheck, 338 ), 339 }, 340 }, 341 }) 342 } 343 344 func TestAccAWSELB_swap_subnets(t *testing.T) { 345 var conf elb.LoadBalancerDescription 346 347 resource.Test(t, resource.TestCase{ 348 PreCheck: func() { testAccPreCheck(t) }, 349 IDRefreshName: "aws_elb.ourapp", 350 Providers: testAccProviders, 351 CheckDestroy: testAccCheckAWSELBDestroy, 352 Steps: []resource.TestStep{ 353 { 354 Config: testAccAWSELBConfig_subnets, 355 Check: resource.ComposeTestCheckFunc( 356 testAccCheckAWSELBExists("aws_elb.ourapp", &conf), 357 resource.TestCheckResourceAttr( 358 "aws_elb.ourapp", "subnets.#", "2"), 359 ), 360 }, 361 362 { 363 Config: testAccAWSELBConfig_subnet_swap, 364 Check: resource.ComposeTestCheckFunc( 365 testAccCheckAWSELBExists("aws_elb.ourapp", &conf), 366 resource.TestCheckResourceAttr( 367 "aws_elb.ourapp", "subnets.#", "2"), 368 ), 369 }, 370 }, 371 }) 372 } 373 374 func testAccLoadTags(conf *elb.LoadBalancerDescription, td *elb.TagDescription) resource.TestCheckFunc { 375 return func(s *terraform.State) error { 376 conn := testAccProvider.Meta().(*AWSClient).elbconn 377 378 describe, err := conn.DescribeTags(&elb.DescribeTagsInput{ 379 LoadBalancerNames: []*string{conf.LoadBalancerName}, 380 }) 381 382 if err != nil { 383 return err 384 } 385 if len(describe.TagDescriptions) > 0 { 386 *td = *describe.TagDescriptions[0] 387 } 388 return nil 389 } 390 } 391 392 func TestAccAWSELB_InstanceAttaching(t *testing.T) { 393 var conf elb.LoadBalancerDescription 394 395 testCheckInstanceAttached := func(count int) resource.TestCheckFunc { 396 return func(*terraform.State) error { 397 if len(conf.Instances) != count { 398 return fmt.Errorf("instance count does not match") 399 } 400 return nil 401 } 402 } 403 404 resource.Test(t, resource.TestCase{ 405 PreCheck: func() { testAccPreCheck(t) }, 406 IDRefreshName: "aws_elb.bar", 407 Providers: testAccProviders, 408 CheckDestroy: testAccCheckAWSELBDestroy, 409 Steps: []resource.TestStep{ 410 { 411 Config: testAccAWSELBConfig, 412 Check: resource.ComposeTestCheckFunc( 413 testAccCheckAWSELBExists("aws_elb.bar", &conf), 414 testAccCheckAWSELBAttributes(&conf), 415 ), 416 }, 417 418 { 419 Config: testAccAWSELBConfigNewInstance, 420 Check: resource.ComposeTestCheckFunc( 421 testAccCheckAWSELBExists("aws_elb.bar", &conf), 422 testCheckInstanceAttached(1), 423 ), 424 }, 425 }, 426 }) 427 } 428 429 func TestAccAWSELBUpdate_Listener(t *testing.T) { 430 var conf elb.LoadBalancerDescription 431 432 resource.Test(t, resource.TestCase{ 433 PreCheck: func() { testAccPreCheck(t) }, 434 IDRefreshName: "aws_elb.bar", 435 Providers: testAccProviders, 436 CheckDestroy: testAccCheckAWSELBDestroy, 437 Steps: []resource.TestStep{ 438 { 439 Config: testAccAWSELBConfig, 440 Check: resource.ComposeTestCheckFunc( 441 testAccCheckAWSELBExists("aws_elb.bar", &conf), 442 testAccCheckAWSELBAttributes(&conf), 443 resource.TestCheckResourceAttr( 444 "aws_elb.bar", "listener.206423021.instance_port", "8000"), 445 ), 446 }, 447 448 { 449 Config: testAccAWSELBConfigListener_update, 450 Check: resource.ComposeTestCheckFunc( 451 testAccCheckAWSELBExists("aws_elb.bar", &conf), 452 resource.TestCheckResourceAttr( 453 "aws_elb.bar", "listener.3931999347.instance_port", "8080"), 454 ), 455 }, 456 }, 457 }) 458 } 459 460 func TestAccAWSELB_HealthCheck(t *testing.T) { 461 var conf elb.LoadBalancerDescription 462 463 resource.Test(t, resource.TestCase{ 464 PreCheck: func() { testAccPreCheck(t) }, 465 IDRefreshName: "aws_elb.bar", 466 Providers: testAccProviders, 467 CheckDestroy: testAccCheckAWSELBDestroy, 468 Steps: []resource.TestStep{ 469 { 470 Config: testAccAWSELBConfigHealthCheck, 471 Check: resource.ComposeTestCheckFunc( 472 testAccCheckAWSELBExists("aws_elb.bar", &conf), 473 testAccCheckAWSELBAttributesHealthCheck(&conf), 474 resource.TestCheckResourceAttr( 475 "aws_elb.bar", "health_check.0.healthy_threshold", "5"), 476 resource.TestCheckResourceAttr( 477 "aws_elb.bar", "health_check.0.unhealthy_threshold", "5"), 478 resource.TestCheckResourceAttr( 479 "aws_elb.bar", "health_check.0.target", "HTTP:8000/"), 480 resource.TestCheckResourceAttr( 481 "aws_elb.bar", "health_check.0.timeout", "30"), 482 resource.TestCheckResourceAttr( 483 "aws_elb.bar", "health_check.0.interval", "60"), 484 ), 485 }, 486 }, 487 }) 488 } 489 490 func TestAccAWSELBUpdate_HealthCheck(t *testing.T) { 491 resource.Test(t, resource.TestCase{ 492 PreCheck: func() { testAccPreCheck(t) }, 493 IDRefreshName: "aws_elb.bar", 494 Providers: testAccProviders, 495 CheckDestroy: testAccCheckAWSELBDestroy, 496 Steps: []resource.TestStep{ 497 { 498 Config: testAccAWSELBConfigHealthCheck, 499 Check: resource.ComposeTestCheckFunc( 500 resource.TestCheckResourceAttr( 501 "aws_elb.bar", "health_check.0.healthy_threshold", "5"), 502 ), 503 }, 504 { 505 Config: testAccAWSELBConfigHealthCheck_update, 506 Check: resource.ComposeTestCheckFunc( 507 resource.TestCheckResourceAttr( 508 "aws_elb.bar", "health_check.0.healthy_threshold", "10"), 509 ), 510 }, 511 }, 512 }) 513 } 514 515 func TestAccAWSELB_Timeout(t *testing.T) { 516 var conf elb.LoadBalancerDescription 517 518 resource.Test(t, resource.TestCase{ 519 PreCheck: func() { testAccPreCheck(t) }, 520 IDRefreshName: "aws_elb.bar", 521 Providers: testAccProviders, 522 CheckDestroy: testAccCheckAWSELBDestroy, 523 Steps: []resource.TestStep{ 524 { 525 Config: testAccAWSELBConfigIdleTimeout, 526 Check: resource.ComposeTestCheckFunc( 527 testAccCheckAWSELBExists("aws_elb.bar", &conf), 528 resource.TestCheckResourceAttr( 529 "aws_elb.bar", "idle_timeout", "200", 530 ), 531 ), 532 }, 533 }, 534 }) 535 } 536 537 func TestAccAWSELBUpdate_Timeout(t *testing.T) { 538 resource.Test(t, resource.TestCase{ 539 PreCheck: func() { testAccPreCheck(t) }, 540 IDRefreshName: "aws_elb.bar", 541 Providers: testAccProviders, 542 CheckDestroy: testAccCheckAWSELBDestroy, 543 Steps: []resource.TestStep{ 544 { 545 Config: testAccAWSELBConfigIdleTimeout, 546 Check: resource.ComposeTestCheckFunc( 547 resource.TestCheckResourceAttr( 548 "aws_elb.bar", "idle_timeout", "200", 549 ), 550 ), 551 }, 552 { 553 Config: testAccAWSELBConfigIdleTimeout_update, 554 Check: resource.ComposeTestCheckFunc( 555 resource.TestCheckResourceAttr( 556 "aws_elb.bar", "idle_timeout", "400", 557 ), 558 ), 559 }, 560 }, 561 }) 562 } 563 564 func TestAccAWSELB_ConnectionDraining(t *testing.T) { 565 resource.Test(t, resource.TestCase{ 566 PreCheck: func() { testAccPreCheck(t) }, 567 IDRefreshName: "aws_elb.bar", 568 Providers: testAccProviders, 569 CheckDestroy: testAccCheckAWSELBDestroy, 570 Steps: []resource.TestStep{ 571 { 572 Config: testAccAWSELBConfigConnectionDraining, 573 Check: resource.ComposeTestCheckFunc( 574 resource.TestCheckResourceAttr( 575 "aws_elb.bar", "connection_draining", "true", 576 ), 577 resource.TestCheckResourceAttr( 578 "aws_elb.bar", "connection_draining_timeout", "400", 579 ), 580 ), 581 }, 582 }, 583 }) 584 } 585 586 func TestAccAWSELBUpdate_ConnectionDraining(t *testing.T) { 587 resource.Test(t, resource.TestCase{ 588 PreCheck: func() { testAccPreCheck(t) }, 589 IDRefreshName: "aws_elb.bar", 590 Providers: testAccProviders, 591 CheckDestroy: testAccCheckAWSELBDestroy, 592 Steps: []resource.TestStep{ 593 { 594 Config: testAccAWSELBConfigConnectionDraining, 595 Check: resource.ComposeTestCheckFunc( 596 resource.TestCheckResourceAttr( 597 "aws_elb.bar", "connection_draining", "true", 598 ), 599 resource.TestCheckResourceAttr( 600 "aws_elb.bar", "connection_draining_timeout", "400", 601 ), 602 ), 603 }, 604 { 605 Config: testAccAWSELBConfigConnectionDraining_update_timeout, 606 Check: resource.ComposeTestCheckFunc( 607 resource.TestCheckResourceAttr( 608 "aws_elb.bar", "connection_draining", "true", 609 ), 610 resource.TestCheckResourceAttr( 611 "aws_elb.bar", "connection_draining_timeout", "600", 612 ), 613 ), 614 }, 615 { 616 Config: testAccAWSELBConfigConnectionDraining_update_disable, 617 Check: resource.ComposeTestCheckFunc( 618 resource.TestCheckResourceAttr( 619 "aws_elb.bar", "connection_draining", "false", 620 ), 621 ), 622 }, 623 }, 624 }) 625 } 626 627 func TestAccAWSELB_SecurityGroups(t *testing.T) { 628 resource.Test(t, resource.TestCase{ 629 PreCheck: func() { testAccPreCheck(t) }, 630 IDRefreshName: "aws_elb.bar", 631 Providers: testAccProviders, 632 CheckDestroy: testAccCheckAWSELBDestroy, 633 Steps: []resource.TestStep{ 634 { 635 Config: testAccAWSELBConfig, 636 Check: resource.ComposeTestCheckFunc( 637 // ELBs get a default security group 638 resource.TestCheckResourceAttr( 639 "aws_elb.bar", "security_groups.#", "1", 640 ), 641 ), 642 }, 643 { 644 Config: testAccAWSELBConfigSecurityGroups, 645 Check: resource.ComposeTestCheckFunc( 646 // Count should still be one as we swap in a custom security group 647 resource.TestCheckResourceAttr( 648 "aws_elb.bar", "security_groups.#", "1", 649 ), 650 ), 651 }, 652 }, 653 }) 654 } 655 656 // Unit test for listeners hash 657 func TestResourceAwsElbListenerHash(t *testing.T) { 658 cases := map[string]struct { 659 Left map[string]interface{} 660 Right map[string]interface{} 661 Match bool 662 }{ 663 "protocols are case insensitive": { 664 map[string]interface{}{ 665 "instance_port": 80, 666 "instance_protocol": "TCP", 667 "lb_port": 80, 668 "lb_protocol": "TCP", 669 }, 670 map[string]interface{}{ 671 "instance_port": 80, 672 "instance_protocol": "Tcp", 673 "lb_port": 80, 674 "lb_protocol": "tcP", 675 }, 676 true, 677 }, 678 } 679 680 for tn, tc := range cases { 681 leftHash := resourceAwsElbListenerHash(tc.Left) 682 rightHash := resourceAwsElbListenerHash(tc.Right) 683 if leftHash == rightHash != tc.Match { 684 t.Fatalf("%s: expected match: %t, but did not get it", tn, tc.Match) 685 } 686 } 687 } 688 689 func TestResourceAWSELB_validateElbNameCannotBeginWithHyphen(t *testing.T) { 690 var elbName = "-Testing123" 691 _, errors := validateElbName(elbName, "SampleKey") 692 693 if len(errors) != 1 { 694 t.Fatalf("Expected the ELB Name to trigger a validation error") 695 } 696 } 697 698 func TestResourceAWSELB_validateElbNameCanBeAnEmptyString(t *testing.T) { 699 var elbName = "" 700 _, errors := validateElbName(elbName, "SampleKey") 701 702 if len(errors) != 0 { 703 t.Fatalf("Expected the ELB Name to pass validation") 704 } 705 } 706 707 func TestResourceAWSELB_validateElbNameCannotBeLongerThan32Characters(t *testing.T) { 708 var elbName = "Testing123dddddddddddddddddddvvvv" 709 _, errors := validateElbName(elbName, "SampleKey") 710 711 if len(errors) != 1 { 712 t.Fatalf("Expected the ELB Name to trigger a validation error") 713 } 714 } 715 716 func TestResourceAWSELB_validateElbNameCannotHaveSpecialCharacters(t *testing.T) { 717 var elbName = "Testing123%%" 718 _, errors := validateElbName(elbName, "SampleKey") 719 720 if len(errors) != 1 { 721 t.Fatalf("Expected the ELB Name to trigger a validation error") 722 } 723 } 724 725 func TestResourceAWSELB_validateElbNameCannotEndWithHyphen(t *testing.T) { 726 var elbName = "Testing123-" 727 _, errors := validateElbName(elbName, "SampleKey") 728 729 if len(errors) != 1 { 730 t.Fatalf("Expected the ELB Name to trigger a validation error") 731 } 732 } 733 734 func TestResourceAWSELB_validateAccessLogsInterval(t *testing.T) { 735 type testCases struct { 736 Value int 737 ErrCount int 738 } 739 740 invalidCases := []testCases{ 741 { 742 Value: 0, 743 ErrCount: 1, 744 }, 745 { 746 Value: 10, 747 ErrCount: 1, 748 }, 749 { 750 Value: -1, 751 ErrCount: 1, 752 }, 753 } 754 755 for _, tc := range invalidCases { 756 _, errors := validateAccessLogsInterval(tc.Value, "interval") 757 if len(errors) != tc.ErrCount { 758 t.Fatalf("Expected %q to trigger a validation error.", tc.Value) 759 } 760 } 761 762 } 763 764 func TestResourceAWSELB_validateListenerProtocol(t *testing.T) { 765 type testCases struct { 766 Value string 767 ErrCount int 768 } 769 770 invalidCases := []testCases{ 771 { 772 Value: "", 773 ErrCount: 1, 774 }, 775 { 776 Value: "incorrect", 777 ErrCount: 1, 778 }, 779 { 780 Value: "HTTP:", 781 ErrCount: 1, 782 }, 783 } 784 785 for _, tc := range invalidCases { 786 _, errors := validateListenerProtocol(tc.Value, "protocol") 787 if len(errors) != tc.ErrCount { 788 t.Fatalf("Expected %q to trigger a validation error.", tc.Value) 789 } 790 } 791 792 validCases := []testCases{ 793 { 794 Value: "TCP", 795 ErrCount: 0, 796 }, 797 { 798 Value: "ssl", 799 ErrCount: 0, 800 }, 801 { 802 Value: "HTTP", 803 ErrCount: 0, 804 }, 805 } 806 807 for _, tc := range validCases { 808 _, errors := validateListenerProtocol(tc.Value, "protocol") 809 if len(errors) != tc.ErrCount { 810 t.Fatalf("Expected %q not to trigger a validation error.", tc.Value) 811 } 812 } 813 } 814 815 func TestResourceAWSELB_validateHealthCheckTarget(t *testing.T) { 816 type testCase struct { 817 Value string 818 ErrCount int 819 } 820 821 randomRunes := func(n int) string { 822 rand.Seed(time.Now().UTC().UnixNano()) 823 824 // A complete set of modern Katakana characters. 825 runes := []rune("アイウエオ" + 826 "カキクケコガギグゲゴサシスセソザジズゼゾ" + 827 "タチツテトダヂヅデドナニヌネノハヒフヘホ" + 828 "バビブベボパピプペポマミムメモヤユヨラリ" + 829 "ルレロワヰヱヲン") 830 831 s := make([]rune, n) 832 for i := range s { 833 s[i] = runes[rand.Intn(len(runes))] 834 } 835 return string(s) 836 } 837 838 validCases := []testCase{ 839 { 840 Value: "TCP:1234", 841 ErrCount: 0, 842 }, 843 { 844 Value: "http:80/test", 845 ErrCount: 0, 846 }, 847 { 848 Value: fmt.Sprintf("HTTP:8080/%s", randomRunes(5)), 849 ErrCount: 0, 850 }, 851 { 852 Value: "SSL:8080", 853 ErrCount: 0, 854 }, 855 } 856 857 for _, tc := range validCases { 858 _, errors := validateHeathCheckTarget(tc.Value, "target") 859 if len(errors) != tc.ErrCount { 860 t.Fatalf("Expected %q not to trigger a validation error.", tc.Value) 861 } 862 } 863 864 invalidCases := []testCase{ 865 { 866 Value: "", 867 ErrCount: 1, 868 }, 869 { 870 Value: "TCP:", 871 ErrCount: 1, 872 }, 873 { 874 Value: "TCP:1234/", 875 ErrCount: 1, 876 }, 877 { 878 Value: "SSL:8080/", 879 ErrCount: 1, 880 }, 881 { 882 Value: "HTTP:8080", 883 ErrCount: 1, 884 }, 885 { 886 Value: "incorrect-value", 887 ErrCount: 1, 888 }, 889 { 890 Value: "TCP:123456", 891 ErrCount: 1, 892 }, 893 { 894 Value: "incorrect:80/", 895 ErrCount: 1, 896 }, 897 { 898 Value: fmt.Sprintf("HTTP:8080/%s%s", randomString(512), randomRunes(512)), 899 ErrCount: 1, 900 }, 901 } 902 903 for _, tc := range invalidCases { 904 _, errors := validateHeathCheckTarget(tc.Value, "target") 905 if len(errors) != tc.ErrCount { 906 t.Fatalf("Expected %q to trigger a validation error.", tc.Value) 907 } 908 } 909 } 910 911 func testAccCheckAWSELBDestroy(s *terraform.State) error { 912 conn := testAccProvider.Meta().(*AWSClient).elbconn 913 914 for _, rs := range s.RootModule().Resources { 915 if rs.Type != "aws_elb" { 916 continue 917 } 918 919 describe, err := conn.DescribeLoadBalancers(&elb.DescribeLoadBalancersInput{ 920 LoadBalancerNames: []*string{aws.String(rs.Primary.ID)}, 921 }) 922 923 if err == nil { 924 if len(describe.LoadBalancerDescriptions) != 0 && 925 *describe.LoadBalancerDescriptions[0].LoadBalancerName == rs.Primary.ID { 926 return fmt.Errorf("ELB still exists") 927 } 928 } 929 930 // Verify the error 931 providerErr, ok := err.(awserr.Error) 932 if !ok { 933 return err 934 } 935 936 if providerErr.Code() != "LoadBalancerNotFound" { 937 return fmt.Errorf("Unexpected error: %s", err) 938 } 939 } 940 941 return nil 942 } 943 944 func testAccCheckAWSELBAttributes(conf *elb.LoadBalancerDescription) resource.TestCheckFunc { 945 return func(s *terraform.State) error { 946 zones := []string{"us-west-2a", "us-west-2b", "us-west-2c"} 947 azs := make([]string, 0, len(conf.AvailabilityZones)) 948 for _, x := range conf.AvailabilityZones { 949 azs = append(azs, *x) 950 } 951 sort.StringSlice(azs).Sort() 952 if !reflect.DeepEqual(azs, zones) { 953 return fmt.Errorf("bad availability_zones") 954 } 955 956 l := elb.Listener{ 957 InstancePort: aws.Int64(int64(8000)), 958 InstanceProtocol: aws.String("HTTP"), 959 LoadBalancerPort: aws.Int64(int64(80)), 960 Protocol: aws.String("HTTP"), 961 } 962 963 if !reflect.DeepEqual(conf.ListenerDescriptions[0].Listener, &l) { 964 return fmt.Errorf( 965 "Got:\n\n%#v\n\nExpected:\n\n%#v\n", 966 conf.ListenerDescriptions[0].Listener, 967 l) 968 } 969 970 if *conf.DNSName == "" { 971 return fmt.Errorf("empty dns_name") 972 } 973 974 return nil 975 } 976 } 977 978 func testAccCheckAWSELBAttributesHealthCheck(conf *elb.LoadBalancerDescription) resource.TestCheckFunc { 979 return func(s *terraform.State) error { 980 zones := []string{"us-west-2a", "us-west-2b", "us-west-2c"} 981 azs := make([]string, 0, len(conf.AvailabilityZones)) 982 for _, x := range conf.AvailabilityZones { 983 azs = append(azs, *x) 984 } 985 sort.StringSlice(azs).Sort() 986 if !reflect.DeepEqual(azs, zones) { 987 return fmt.Errorf("bad availability_zones") 988 } 989 990 check := &elb.HealthCheck{ 991 Timeout: aws.Int64(int64(30)), 992 UnhealthyThreshold: aws.Int64(int64(5)), 993 HealthyThreshold: aws.Int64(int64(5)), 994 Interval: aws.Int64(int64(60)), 995 Target: aws.String("HTTP:8000/"), 996 } 997 998 if !reflect.DeepEqual(conf.HealthCheck, check) { 999 return fmt.Errorf( 1000 "Got:\n\n%#v\n\nExpected:\n\n%#v\n", 1001 conf.HealthCheck, 1002 check) 1003 } 1004 1005 if *conf.DNSName == "" { 1006 return fmt.Errorf("empty dns_name") 1007 } 1008 1009 return nil 1010 } 1011 } 1012 1013 func testAccCheckAWSELBExists(n string, res *elb.LoadBalancerDescription) resource.TestCheckFunc { 1014 return func(s *terraform.State) error { 1015 rs, ok := s.RootModule().Resources[n] 1016 if !ok { 1017 return fmt.Errorf("Not found: %s", n) 1018 } 1019 1020 if rs.Primary.ID == "" { 1021 return fmt.Errorf("No ELB ID is set") 1022 } 1023 1024 conn := testAccProvider.Meta().(*AWSClient).elbconn 1025 1026 describe, err := conn.DescribeLoadBalancers(&elb.DescribeLoadBalancersInput{ 1027 LoadBalancerNames: []*string{aws.String(rs.Primary.ID)}, 1028 }) 1029 1030 if err != nil { 1031 return err 1032 } 1033 1034 if len(describe.LoadBalancerDescriptions) != 1 || 1035 *describe.LoadBalancerDescriptions[0].LoadBalancerName != rs.Primary.ID { 1036 return fmt.Errorf("ELB not found") 1037 } 1038 1039 *res = *describe.LoadBalancerDescriptions[0] 1040 1041 // Confirm source_security_group_id for ELBs in a VPC 1042 // See https://github.com/hashicorp/terraform/pull/3780 1043 if res.VPCId != nil { 1044 sgid := rs.Primary.Attributes["source_security_group_id"] 1045 if sgid == "" { 1046 return fmt.Errorf("Expected to find source_security_group_id for ELB, but was empty") 1047 } 1048 } 1049 1050 return nil 1051 } 1052 } 1053 1054 const testAccAWSELBConfig = ` 1055 resource "aws_elb" "bar" { 1056 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1057 1058 listener { 1059 instance_port = 8000 1060 instance_protocol = "http" 1061 lb_port = 80 1062 // Protocol should be case insensitive 1063 lb_protocol = "HttP" 1064 } 1065 1066 tags { 1067 bar = "baz" 1068 } 1069 1070 cross_zone_load_balancing = true 1071 } 1072 ` 1073 1074 const testAccAWSELBFullRangeOfCharacters = ` 1075 resource "aws_elb" "foo" { 1076 name = "%s" 1077 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1078 1079 listener { 1080 instance_port = 8000 1081 instance_protocol = "http" 1082 lb_port = 80 1083 lb_protocol = "http" 1084 } 1085 } 1086 ` 1087 1088 const testAccAWSELBAccessLogs = ` 1089 resource "aws_elb" "foo" { 1090 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1091 1092 listener { 1093 instance_port = 8000 1094 instance_protocol = "http" 1095 lb_port = 80 1096 lb_protocol = "http" 1097 } 1098 } 1099 ` 1100 1101 func testAccAWSELBAccessLogsOn(r string) string { 1102 return fmt.Sprintf(` 1103 # an S3 bucket configured for Access logs 1104 # The 797873946194 is the AWS ID for us-west-2, so this test 1105 # must be ran in us-west-2 1106 resource "aws_s3_bucket" "acceslogs_bucket" { 1107 bucket = "%s" 1108 acl = "private" 1109 force_destroy = true 1110 policy = <<EOF 1111 { 1112 "Id": "Policy1446577137248", 1113 "Statement": [ 1114 { 1115 "Action": "s3:PutObject", 1116 "Effect": "Allow", 1117 "Principal": { 1118 "AWS": "arn:aws:iam::797873946194:root" 1119 }, 1120 "Resource": "arn:aws:s3:::%s/*", 1121 "Sid": "Stmt1446575236270" 1122 } 1123 ], 1124 "Version": "2012-10-17" 1125 } 1126 EOF 1127 } 1128 1129 resource "aws_elb" "foo" { 1130 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1131 1132 listener { 1133 instance_port = 8000 1134 instance_protocol = "http" 1135 lb_port = 80 1136 lb_protocol = "http" 1137 } 1138 1139 access_logs { 1140 interval = 5 1141 bucket = "${aws_s3_bucket.acceslogs_bucket.bucket}" 1142 } 1143 } 1144 `, r, r) 1145 } 1146 1147 func testAccAWSELBAccessLogsDisabled(r string) string { 1148 return fmt.Sprintf(` 1149 # an S3 bucket configured for Access logs 1150 # The 797873946194 is the AWS ID for us-west-2, so this test 1151 # must be ran in us-west-2 1152 resource "aws_s3_bucket" "acceslogs_bucket" { 1153 bucket = "%s" 1154 acl = "private" 1155 force_destroy = true 1156 policy = <<EOF 1157 { 1158 "Id": "Policy1446577137248", 1159 "Statement": [ 1160 { 1161 "Action": "s3:PutObject", 1162 "Effect": "Allow", 1163 "Principal": { 1164 "AWS": "arn:aws:iam::797873946194:root" 1165 }, 1166 "Resource": "arn:aws:s3:::%s/*", 1167 "Sid": "Stmt1446575236270" 1168 } 1169 ], 1170 "Version": "2012-10-17" 1171 } 1172 EOF 1173 } 1174 1175 resource "aws_elb" "foo" { 1176 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1177 1178 listener { 1179 instance_port = 8000 1180 instance_protocol = "http" 1181 lb_port = 80 1182 lb_protocol = "http" 1183 } 1184 1185 access_logs { 1186 interval = 5 1187 bucket = "${aws_s3_bucket.acceslogs_bucket.bucket}" 1188 enabled = false 1189 } 1190 } 1191 `, r, r) 1192 } 1193 1194 const testAccAWSELB_namePrefix = ` 1195 resource "aws_elb" "test" { 1196 name_prefix = "test-" 1197 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1198 1199 listener { 1200 instance_port = 8000 1201 instance_protocol = "http" 1202 lb_port = 80 1203 lb_protocol = "http" 1204 } 1205 } 1206 ` 1207 1208 const testAccAWSELBGeneratedName = ` 1209 resource "aws_elb" "foo" { 1210 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1211 1212 listener { 1213 instance_port = 8000 1214 instance_protocol = "http" 1215 lb_port = 80 1216 lb_protocol = "http" 1217 } 1218 } 1219 ` 1220 1221 const testAccAWSELB_zeroValueName = ` 1222 resource "aws_elb" "foo" { 1223 name = "" 1224 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1225 1226 listener { 1227 instance_port = 8000 1228 instance_protocol = "http" 1229 lb_port = 80 1230 lb_protocol = "http" 1231 } 1232 } 1233 ` 1234 1235 const testAccAWSELBConfig_AvailabilityZonesUpdate = ` 1236 resource "aws_elb" "bar" { 1237 availability_zones = ["us-west-2a", "us-west-2b"] 1238 1239 listener { 1240 instance_port = 8000 1241 instance_protocol = "http" 1242 lb_port = 80 1243 lb_protocol = "http" 1244 } 1245 } 1246 ` 1247 1248 const testAccAWSELBConfig_TagUpdate = ` 1249 resource "aws_elb" "bar" { 1250 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1251 1252 listener { 1253 instance_port = 8000 1254 instance_protocol = "http" 1255 lb_port = 80 1256 lb_protocol = "http" 1257 } 1258 1259 tags { 1260 foo = "bar" 1261 new = "type" 1262 } 1263 1264 cross_zone_load_balancing = true 1265 } 1266 ` 1267 1268 const testAccAWSELBConfigNewInstance = ` 1269 resource "aws_elb" "bar" { 1270 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1271 1272 listener { 1273 instance_port = 8000 1274 instance_protocol = "http" 1275 lb_port = 80 1276 lb_protocol = "http" 1277 } 1278 1279 instances = ["${aws_instance.foo.id}"] 1280 } 1281 1282 resource "aws_instance" "foo" { 1283 # us-west-2 1284 ami = "ami-043a5034" 1285 instance_type = "t1.micro" 1286 } 1287 ` 1288 1289 const testAccAWSELBConfigListenerSSLCertificateId = ` 1290 resource "aws_elb" "bar" { 1291 availability_zones = ["us-west-2a"] 1292 1293 listener { 1294 instance_port = 8000 1295 instance_protocol = "http" 1296 ssl_certificate_id = "%s" 1297 lb_port = 443 1298 lb_protocol = "https" 1299 } 1300 } 1301 ` 1302 1303 const testAccAWSELBConfigHealthCheck = ` 1304 resource "aws_elb" "bar" { 1305 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1306 1307 listener { 1308 instance_port = 8000 1309 instance_protocol = "http" 1310 lb_port = 80 1311 lb_protocol = "http" 1312 } 1313 1314 health_check { 1315 healthy_threshold = 5 1316 unhealthy_threshold = 5 1317 target = "HTTP:8000/" 1318 interval = 60 1319 timeout = 30 1320 } 1321 } 1322 ` 1323 1324 const testAccAWSELBConfigHealthCheck_update = ` 1325 resource "aws_elb" "bar" { 1326 availability_zones = ["us-west-2a"] 1327 1328 listener { 1329 instance_port = 8000 1330 instance_protocol = "http" 1331 lb_port = 80 1332 lb_protocol = "http" 1333 } 1334 1335 health_check { 1336 healthy_threshold = 10 1337 unhealthy_threshold = 5 1338 target = "HTTP:8000/" 1339 interval = 60 1340 timeout = 30 1341 } 1342 } 1343 ` 1344 1345 const testAccAWSELBConfigListener_update = ` 1346 resource "aws_elb" "bar" { 1347 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1348 1349 listener { 1350 instance_port = 8080 1351 instance_protocol = "http" 1352 lb_port = 80 1353 lb_protocol = "http" 1354 } 1355 } 1356 ` 1357 1358 const testAccAWSELBConfigIdleTimeout = ` 1359 resource "aws_elb" "bar" { 1360 availability_zones = ["us-west-2a"] 1361 1362 listener { 1363 instance_port = 8000 1364 instance_protocol = "http" 1365 lb_port = 80 1366 lb_protocol = "http" 1367 } 1368 1369 idle_timeout = 200 1370 } 1371 ` 1372 1373 const testAccAWSELBConfigIdleTimeout_update = ` 1374 resource "aws_elb" "bar" { 1375 availability_zones = ["us-west-2a"] 1376 1377 listener { 1378 instance_port = 8000 1379 instance_protocol = "http" 1380 lb_port = 80 1381 lb_protocol = "http" 1382 } 1383 1384 idle_timeout = 400 1385 } 1386 ` 1387 1388 const testAccAWSELBConfigConnectionDraining = ` 1389 resource "aws_elb" "bar" { 1390 availability_zones = ["us-west-2a"] 1391 1392 listener { 1393 instance_port = 8000 1394 instance_protocol = "http" 1395 lb_port = 80 1396 lb_protocol = "http" 1397 } 1398 1399 connection_draining = true 1400 connection_draining_timeout = 400 1401 } 1402 ` 1403 1404 const testAccAWSELBConfigConnectionDraining_update_timeout = ` 1405 resource "aws_elb" "bar" { 1406 availability_zones = ["us-west-2a"] 1407 1408 listener { 1409 instance_port = 8000 1410 instance_protocol = "http" 1411 lb_port = 80 1412 lb_protocol = "http" 1413 } 1414 1415 connection_draining = true 1416 connection_draining_timeout = 600 1417 } 1418 ` 1419 1420 const testAccAWSELBConfigConnectionDraining_update_disable = ` 1421 resource "aws_elb" "bar" { 1422 availability_zones = ["us-west-2a"] 1423 1424 listener { 1425 instance_port = 8000 1426 instance_protocol = "http" 1427 lb_port = 80 1428 lb_protocol = "http" 1429 } 1430 1431 connection_draining = false 1432 } 1433 ` 1434 1435 const testAccAWSELBConfigSecurityGroups = ` 1436 resource "aws_elb" "bar" { 1437 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1438 1439 listener { 1440 instance_port = 8000 1441 instance_protocol = "http" 1442 lb_port = 80 1443 lb_protocol = "http" 1444 } 1445 1446 security_groups = ["${aws_security_group.bar.id}"] 1447 } 1448 1449 resource "aws_security_group" "bar" { 1450 ingress { 1451 protocol = "tcp" 1452 from_port = 80 1453 to_port = 80 1454 cidr_blocks = ["0.0.0.0/0"] 1455 } 1456 1457 tags { 1458 Name = "tf_elb_sg_test" 1459 } 1460 } 1461 ` 1462 1463 // This IAM Server config is lifted from 1464 // builtin/providers/aws/resource_aws_iam_server_certificate_test.go 1465 func testAccELBIAMServerCertConfig(certName string) string { 1466 return fmt.Sprintf(` 1467 resource "aws_iam_server_certificate" "test_cert" { 1468 name = "%s" 1469 certificate_body = <<EOF 1470 -----BEGIN CERTIFICATE----- 1471 MIIDBjCCAe4CCQCGWwBmOiHQdTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB 1472 VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0 1473 cyBQdHkgTHRkMB4XDTE2MDYyMTE2MzM0MVoXDTE3MDYyMTE2MzM0MVowRTELMAkG 1474 A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0 1475 IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB 1476 AL+LFlsCJG5txZp4yuu+lQnuUrgBXRG+irQqcTXlV91Bp5hpmRIyhnGCtWxxDBUL 1477 xrh4WN3VV/0jDzKT976oLgOy3hj56Cdqf+JlZ1qgMN5bHB3mm3aVWnrnsLbBsfwZ 1478 SEbk3Kht/cE1nK2toNVW+rznS3m+eoV3Zn/DUNwGlZr42hGNs6ETn2jURY78ETqR 1479 mW47xvjf86eIo7vULHJaY6xyarPqkL8DZazOmvY06hUGvGwGBny7gugfXqDG+I8n 1480 cPBsGJGSAmHmVV8o0RCB9UjY+TvSMQRpEDoVlvyrGuglsD8to/4+7UcsuDGlRYN6 1481 jmIOC37mOi/jwRfWL1YUa4MCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAPDxTH0oQ 1482 JjKXoJgkmQxurB81RfnK/NrswJVzWbOv6ejcbhwh+/ZgJTMc15BrYcxU6vUW1V/i 1483 Z7APU0qJ0icECACML+a2fRI7YdLCTiPIOmY66HY8MZHAn3dGjU5TeiUflC0n0zkP 1484 mxKJe43kcYLNDItbfvUDo/GoxTXrC3EFVZyU0RhFzoVJdODlTHXMVFCzcbQEBrBJ 1485 xKdShCEc8nFMneZcGFeEU488ntZoWzzms8/QpYrKa5S0Sd7umEU2Kwu4HTkvUFg/ 1486 CqDUFjhydXxYRsxXBBrEiLOE5BdtJR1sH/QHxIJe23C9iHI2nS1NbLziNEApLwC4 1487 GnSud83VUo9G9w== 1488 -----END CERTIFICATE----- 1489 EOF 1490 1491 private_key = <<EOF 1492 -----BEGIN RSA PRIVATE KEY----- 1493 MIIEowIBAAKCAQEAv4sWWwIkbm3FmnjK676VCe5SuAFdEb6KtCpxNeVX3UGnmGmZ 1494 EjKGcYK1bHEMFQvGuHhY3dVX/SMPMpP3vqguA7LeGPnoJ2p/4mVnWqAw3lscHeab 1495 dpVaeuewtsGx/BlIRuTcqG39wTWcra2g1Vb6vOdLeb56hXdmf8NQ3AaVmvjaEY2z 1496 oROfaNRFjvwROpGZbjvG+N/zp4iju9QsclpjrHJqs+qQvwNlrM6a9jTqFQa8bAYG 1497 fLuC6B9eoMb4jydw8GwYkZICYeZVXyjREIH1SNj5O9IxBGkQOhWW/Ksa6CWwPy2j 1498 /j7tRyy4MaVFg3qOYg4LfuY6L+PBF9YvVhRrgwIDAQABAoIBAFqJ4h1Om+3e0WK8 1499 6h4YzdYN4ue7LUTv7hxPW4gASlH5cMDoWURywX3yLNN/dBiWom4b5NWmvJqY8dwU 1500 eSyTznxNFhJ0PjozaxOWnw4FXlQceOPhV2bsHgKudadNU1Y4lSN9lpe+tg2Xy+GE 1501 ituM66RTKCf502w3DioiJpx6OEkxuhrnsQAWNcGB0MnTukm2f+629V+04R5MT5V1 1502 nY+5Phx2BpHgYzWBKh6Px1puu7xFv5SMQda1ndlPIKb4cNp0yYn+1lHNjbOE7QL/ 1503 oEpWgrauS5Zk/APK33v/p3wVYHrKocIFHlPiCW0uIJJLsOZDY8pQXpTlc+/xGLLy 1504 WBu4boECgYEA6xO+1UNh6ndJ3xGuNippH+ucTi/uq1+0tG1bd63v+75tn5l4LyY2 1505 CWHRaWVlVn+WnDslkQTJzFD68X+9M7Cc4oP6WnhTyPamG7HlGv5JxfFHTC9GOKmz 1506 sSc624BDmqYJ7Xzyhe5kc3iHzqG/L72ZF1aijZdrodQMSY1634UX6aECgYEA0Jdr 1507 cBPSN+mgmEY6ogN5h7sO5uNV3TQQtW2IslfWZn6JhSRF4Rf7IReng48CMy9ZhFBy 1508 Q7H2I1pDGjEC9gQHhgVfm+FyMSVqXfCHEW/97pvvu9ougHA0MhPep1twzTGrqg+K 1509 f3PLW8hVkGyCrTfWgbDlPsHgsocA/wTaQOheaqMCgYBat5z+WemQfQZh8kXDm2xE 1510 KD2Cota9BcsLkeQpdFNXWC6f167cqydRSZFx1fJchhJOKjkeFLX3hgzBY6VVLEPu 1511 2jWj8imLNTv3Fhiu6RD5NVppWRkFRuAUbmo1SPNN2+Oa5YwGCXB0a0Alip/oQYex 1512 zPogIB4mLlmrjNCtL4SB4QKBgCEHKMrZSJrz0irqS9RlanPUaZqjenAJE3A2xMNA 1513 Z0FZXdsIEEyA6JGn1i1dkoKaR7lMp5sSbZ/RZfiatBZSMwLEjQv4mYUwoHP5Ztma 1514 +wEyDbaX6G8L1Sfsv3+OWgETkVPfHBXsNtH0mZ/BnrtgsQVeBh52wmZiPAUlNo26 1515 fWCzAoGBAJOjqovLelLWzyQGqPFx/MwuI56UFXd1CmFlCIvF2WxCFmk3tlExoCN1 1516 HqSpt92vsgYgV7+lAb4U7Uy/v012gwiU1LK+vyAE9geo3pTjG73BNzG4H547xtbY 1517 dg+Sd4Wjm89UQoUUoiIcstY7FPbqfBtYKfh4RYHAHV2BwDFqzZCM 1518 -----END RSA PRIVATE KEY----- 1519 EOF 1520 } 1521 1522 resource "aws_elb" "bar" { 1523 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1524 1525 listener { 1526 instance_port = 8000 1527 instance_protocol = "https" 1528 lb_port = 80 1529 // Protocol should be case insensitive 1530 lb_protocol = "HttPs" 1531 ssl_certificate_id = "${aws_iam_server_certificate.test_cert.arn}" 1532 } 1533 1534 tags { 1535 bar = "baz" 1536 } 1537 1538 cross_zone_load_balancing = true 1539 } 1540 `, certName) 1541 } 1542 1543 const testAccAWSELBConfig_subnets = ` 1544 provider "aws" { 1545 region = "us-west-2" 1546 } 1547 1548 resource "aws_vpc" "azelb" { 1549 cidr_block = "10.1.0.0/16" 1550 enable_dns_hostnames = true 1551 1552 tags { 1553 Name = "subnet-vpc" 1554 } 1555 } 1556 1557 resource "aws_subnet" "public_a_one" { 1558 vpc_id = "${aws_vpc.azelb.id}" 1559 1560 cidr_block = "10.1.1.0/24" 1561 availability_zone = "us-west-2a" 1562 } 1563 1564 resource "aws_subnet" "public_b_one" { 1565 vpc_id = "${aws_vpc.azelb.id}" 1566 1567 cidr_block = "10.1.7.0/24" 1568 availability_zone = "us-west-2b" 1569 } 1570 1571 resource "aws_subnet" "public_a_two" { 1572 vpc_id = "${aws_vpc.azelb.id}" 1573 1574 cidr_block = "10.1.2.0/24" 1575 availability_zone = "us-west-2a" 1576 } 1577 1578 resource "aws_elb" "ourapp" { 1579 name = "terraform-asg-deployment-example" 1580 1581 subnets = [ 1582 "${aws_subnet.public_a_one.id}", 1583 "${aws_subnet.public_b_one.id}", 1584 ] 1585 1586 listener { 1587 instance_port = 80 1588 instance_protocol = "http" 1589 lb_port = 80 1590 lb_protocol = "http" 1591 } 1592 1593 depends_on = ["aws_internet_gateway.gw"] 1594 } 1595 1596 resource "aws_internet_gateway" "gw" { 1597 vpc_id = "${aws_vpc.azelb.id}" 1598 1599 tags { 1600 Name = "main" 1601 } 1602 } 1603 ` 1604 1605 const testAccAWSELBConfig_subnet_swap = ` 1606 provider "aws" { 1607 region = "us-west-2" 1608 } 1609 1610 resource "aws_vpc" "azelb" { 1611 cidr_block = "10.1.0.0/16" 1612 enable_dns_hostnames = true 1613 1614 tags { 1615 Name = "subnet-vpc" 1616 } 1617 } 1618 1619 resource "aws_subnet" "public_a_one" { 1620 vpc_id = "${aws_vpc.azelb.id}" 1621 1622 cidr_block = "10.1.1.0/24" 1623 availability_zone = "us-west-2a" 1624 } 1625 1626 resource "aws_subnet" "public_b_one" { 1627 vpc_id = "${aws_vpc.azelb.id}" 1628 1629 cidr_block = "10.1.7.0/24" 1630 availability_zone = "us-west-2b" 1631 } 1632 1633 resource "aws_subnet" "public_a_two" { 1634 vpc_id = "${aws_vpc.azelb.id}" 1635 1636 cidr_block = "10.1.2.0/24" 1637 availability_zone = "us-west-2a" 1638 } 1639 1640 resource "aws_elb" "ourapp" { 1641 name = "terraform-asg-deployment-example" 1642 1643 subnets = [ 1644 "${aws_subnet.public_a_two.id}", 1645 "${aws_subnet.public_b_one.id}", 1646 ] 1647 1648 listener { 1649 instance_port = 80 1650 instance_protocol = "http" 1651 lb_port = 80 1652 lb_protocol = "http" 1653 } 1654 1655 depends_on = ["aws_internet_gateway.gw"] 1656 } 1657 1658 resource "aws_internet_gateway" "gw" { 1659 vpc_id = "${aws_vpc.azelb.id}" 1660 1661 tags { 1662 Name = "main" 1663 } 1664 } 1665 `