github.com/IBM-Cloud/terraform@v0.6.4-0.20170726051544-8872b87621df/builtin/providers/aws/resource_aws_instance_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "reflect" 6 "regexp" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awserr" 11 "github.com/aws/aws-sdk-go/service/ec2" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/helper/schema" 15 "github.com/hashicorp/terraform/terraform" 16 ) 17 18 func TestAccAWSInstance_basic(t *testing.T) { 19 var v ec2.Instance 20 var vol *ec2.Volume 21 22 testCheck := func(*terraform.State) error { 23 if *v.Placement.AvailabilityZone != "us-west-2a" { 24 return fmt.Errorf("bad availability zone: %#v", *v.Placement.AvailabilityZone) 25 } 26 27 if len(v.SecurityGroups) == 0 { 28 return fmt.Errorf("no security groups: %#v", v.SecurityGroups) 29 } 30 if *v.SecurityGroups[0].GroupName != "tf_test_foo" { 31 return fmt.Errorf("no security groups: %#v", v.SecurityGroups) 32 } 33 34 return nil 35 } 36 37 resource.Test(t, resource.TestCase{ 38 PreCheck: func() { testAccPreCheck(t) }, 39 40 // We ignore security groups because even with EC2 classic 41 // we'll import as VPC security groups, which is fine. We verify 42 // VPC security group import in other tests 43 IDRefreshName: "aws_instance.foo", 44 IDRefreshIgnore: []string{"security_groups", "vpc_security_group_ids"}, 45 46 Providers: testAccProviders, 47 CheckDestroy: testAccCheckInstanceDestroy, 48 Steps: []resource.TestStep{ 49 // Create a volume to cover #1249 50 { 51 // Need a resource in this config so the provisioner will be available 52 Config: testAccInstanceConfig_pre, 53 Check: func(*terraform.State) error { 54 conn := testAccProvider.Meta().(*AWSClient).ec2conn 55 var err error 56 vol, err = conn.CreateVolume(&ec2.CreateVolumeInput{ 57 AvailabilityZone: aws.String("us-west-2a"), 58 Size: aws.Int64(int64(5)), 59 }) 60 return err 61 }, 62 }, 63 64 { 65 Config: testAccInstanceConfig, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckInstanceExists( 68 "aws_instance.foo", &v), 69 testCheck, 70 resource.TestCheckResourceAttr( 71 "aws_instance.foo", 72 "user_data", 73 "3dc39dda39be1205215e776bad998da361a5955d"), 74 resource.TestCheckResourceAttr( 75 "aws_instance.foo", "ebs_block_device.#", "0"), 76 ), 77 }, 78 79 // We repeat the exact same test so that we can be sure 80 // that the user data hash stuff is working without generating 81 // an incorrect diff. 82 { 83 Config: testAccInstanceConfig, 84 Check: resource.ComposeTestCheckFunc( 85 testAccCheckInstanceExists( 86 "aws_instance.foo", &v), 87 testCheck, 88 resource.TestCheckResourceAttr( 89 "aws_instance.foo", 90 "user_data", 91 "3dc39dda39be1205215e776bad998da361a5955d"), 92 resource.TestCheckResourceAttr( 93 "aws_instance.foo", "ebs_block_device.#", "0"), 94 ), 95 }, 96 97 // Clean up volume created above 98 { 99 Config: testAccInstanceConfig, 100 Check: func(*terraform.State) error { 101 conn := testAccProvider.Meta().(*AWSClient).ec2conn 102 _, err := conn.DeleteVolume(&ec2.DeleteVolumeInput{VolumeId: vol.VolumeId}) 103 return err 104 }, 105 }, 106 }, 107 }) 108 } 109 110 func TestAccAWSInstance_GP2IopsDevice(t *testing.T) { 111 var v ec2.Instance 112 113 testCheck := func() resource.TestCheckFunc { 114 return func(*terraform.State) error { 115 116 // Map out the block devices by name, which should be unique. 117 blockDevices := make(map[string]*ec2.InstanceBlockDeviceMapping) 118 for _, blockDevice := range v.BlockDeviceMappings { 119 blockDevices[*blockDevice.DeviceName] = blockDevice 120 } 121 122 // Check if the root block device exists. 123 if _, ok := blockDevices["/dev/sda1"]; !ok { 124 return fmt.Errorf("block device doesn't exist: /dev/sda1") 125 } 126 127 return nil 128 } 129 } 130 131 resource.Test(t, resource.TestCase{ 132 PreCheck: func() { testAccPreCheck(t) }, 133 IDRefreshName: "aws_instance.foo", 134 IDRefreshIgnore: []string{ 135 "ephemeral_block_device", "user_data", "security_groups", "vpc_security_groups"}, 136 Providers: testAccProviders, 137 CheckDestroy: testAccCheckInstanceDestroy, 138 Steps: []resource.TestStep{ 139 { 140 Config: testAccInstanceGP2IopsDevice, 141 //Config: testAccInstanceConfigBlockDevices, 142 Check: resource.ComposeTestCheckFunc( 143 testAccCheckInstanceExists( 144 "aws_instance.foo", &v), 145 resource.TestCheckResourceAttr( 146 "aws_instance.foo", "root_block_device.#", "1"), 147 resource.TestCheckResourceAttr( 148 "aws_instance.foo", "root_block_device.0.volume_size", "11"), 149 resource.TestCheckResourceAttr( 150 "aws_instance.foo", "root_block_device.0.volume_type", "gp2"), 151 resource.TestCheckResourceAttr( 152 "aws_instance.foo", "root_block_device.0.iops", "100"), 153 testCheck(), 154 ), 155 }, 156 }, 157 }) 158 } 159 160 func TestAccAWSInstance_blockDevices(t *testing.T) { 161 var v ec2.Instance 162 163 testCheck := func() resource.TestCheckFunc { 164 return func(*terraform.State) error { 165 166 // Map out the block devices by name, which should be unique. 167 blockDevices := make(map[string]*ec2.InstanceBlockDeviceMapping) 168 for _, blockDevice := range v.BlockDeviceMappings { 169 blockDevices[*blockDevice.DeviceName] = blockDevice 170 } 171 172 // Check if the root block device exists. 173 if _, ok := blockDevices["/dev/sda1"]; !ok { 174 return fmt.Errorf("block device doesn't exist: /dev/sda1") 175 } 176 177 // Check if the secondary block device exists. 178 if _, ok := blockDevices["/dev/sdb"]; !ok { 179 return fmt.Errorf("block device doesn't exist: /dev/sdb") 180 } 181 182 // Check if the third block device exists. 183 if _, ok := blockDevices["/dev/sdc"]; !ok { 184 return fmt.Errorf("block device doesn't exist: /dev/sdc") 185 } 186 187 // Check if the encrypted block device exists 188 if _, ok := blockDevices["/dev/sdd"]; !ok { 189 return fmt.Errorf("block device doesn't exist: /dev/sdd") 190 } 191 192 return nil 193 } 194 } 195 196 resource.Test(t, resource.TestCase{ 197 PreCheck: func() { testAccPreCheck(t) }, 198 IDRefreshName: "aws_instance.foo", 199 IDRefreshIgnore: []string{ 200 "ephemeral_block_device", "security_groups", "vpc_security_groups"}, 201 Providers: testAccProviders, 202 CheckDestroy: testAccCheckInstanceDestroy, 203 Steps: []resource.TestStep{ 204 { 205 Config: testAccInstanceConfigBlockDevices, 206 Check: resource.ComposeTestCheckFunc( 207 testAccCheckInstanceExists( 208 "aws_instance.foo", &v), 209 resource.TestCheckResourceAttr( 210 "aws_instance.foo", "root_block_device.#", "1"), 211 resource.TestCheckResourceAttr( 212 "aws_instance.foo", "root_block_device.0.volume_size", "11"), 213 resource.TestCheckResourceAttr( 214 "aws_instance.foo", "root_block_device.0.volume_type", "gp2"), 215 resource.TestCheckResourceAttr( 216 "aws_instance.foo", "ebs_block_device.#", "3"), 217 resource.TestCheckResourceAttr( 218 "aws_instance.foo", "ebs_block_device.2576023345.device_name", "/dev/sdb"), 219 resource.TestCheckResourceAttr( 220 "aws_instance.foo", "ebs_block_device.2576023345.volume_size", "9"), 221 resource.TestCheckResourceAttr( 222 "aws_instance.foo", "ebs_block_device.2576023345.volume_type", "standard"), 223 resource.TestCheckResourceAttr( 224 "aws_instance.foo", "ebs_block_device.2554893574.device_name", "/dev/sdc"), 225 resource.TestCheckResourceAttr( 226 "aws_instance.foo", "ebs_block_device.2554893574.volume_size", "10"), 227 resource.TestCheckResourceAttr( 228 "aws_instance.foo", "ebs_block_device.2554893574.volume_type", "io1"), 229 resource.TestCheckResourceAttr( 230 "aws_instance.foo", "ebs_block_device.2554893574.iops", "100"), 231 resource.TestCheckResourceAttr( 232 "aws_instance.foo", "ebs_block_device.2634515331.device_name", "/dev/sdd"), 233 resource.TestCheckResourceAttr( 234 "aws_instance.foo", "ebs_block_device.2634515331.encrypted", "true"), 235 resource.TestCheckResourceAttr( 236 "aws_instance.foo", "ebs_block_device.2634515331.volume_size", "12"), 237 resource.TestCheckResourceAttr( 238 "aws_instance.foo", "ephemeral_block_device.#", "1"), 239 resource.TestCheckResourceAttr( 240 "aws_instance.foo", "ephemeral_block_device.1692014856.device_name", "/dev/sde"), 241 resource.TestCheckResourceAttr( 242 "aws_instance.foo", "ephemeral_block_device.1692014856.virtual_name", "ephemeral0"), 243 testCheck(), 244 ), 245 }, 246 }, 247 }) 248 } 249 250 func TestAccAWSInstance_rootInstanceStore(t *testing.T) { 251 var v ec2.Instance 252 253 resource.Test(t, resource.TestCase{ 254 PreCheck: func() { testAccPreCheck(t) }, 255 IDRefreshName: "aws_instance.foo", 256 Providers: testAccProviders, 257 CheckDestroy: testAccCheckInstanceDestroy, 258 Steps: []resource.TestStep{ 259 { 260 Config: ` 261 resource "aws_instance" "foo" { 262 # us-west-2 263 # Amazon Linux HVM Instance Store 64-bit (2016.09.0) 264 # https://aws.amazon.com/amazon-linux-ami 265 ami = "ami-44c36524" 266 267 # Only certain instance types support ephemeral root instance stores. 268 # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html 269 instance_type = "m3.medium" 270 }`, 271 Check: resource.ComposeTestCheckFunc( 272 testAccCheckInstanceExists( 273 "aws_instance.foo", &v), 274 resource.TestCheckResourceAttr( 275 "aws_instance.foo", "ami", "ami-44c36524"), 276 resource.TestCheckResourceAttr( 277 "aws_instance.foo", "ebs_block_device.#", "0"), 278 resource.TestCheckResourceAttr( 279 "aws_instance.foo", "ebs_optimized", "false"), 280 resource.TestCheckResourceAttr( 281 "aws_instance.foo", "instance_type", "m3.medium"), 282 resource.TestCheckResourceAttr( 283 "aws_instance.foo", "root_block_device.#", "0"), 284 ), 285 }, 286 }, 287 }) 288 } 289 290 func TestAcctABSInstance_noAMIEphemeralDevices(t *testing.T) { 291 var v ec2.Instance 292 293 testCheck := func() resource.TestCheckFunc { 294 return func(*terraform.State) error { 295 296 // Map out the block devices by name, which should be unique. 297 blockDevices := make(map[string]*ec2.InstanceBlockDeviceMapping) 298 for _, blockDevice := range v.BlockDeviceMappings { 299 blockDevices[*blockDevice.DeviceName] = blockDevice 300 } 301 302 // Check if the root block device exists. 303 if _, ok := blockDevices["/dev/sda1"]; !ok { 304 return fmt.Errorf("block device doesn't exist: /dev/sda1") 305 } 306 307 // Check if the secondary block not exists. 308 if _, ok := blockDevices["/dev/sdb"]; ok { 309 return fmt.Errorf("block device exist: /dev/sdb") 310 } 311 312 // Check if the third block device not exists. 313 if _, ok := blockDevices["/dev/sdc"]; ok { 314 return fmt.Errorf("block device exist: /dev/sdc") 315 } 316 return nil 317 } 318 } 319 320 resource.Test(t, resource.TestCase{ 321 PreCheck: func() { testAccPreCheck(t) }, 322 IDRefreshName: "aws_instance.foo", 323 IDRefreshIgnore: []string{ 324 "ephemeral_block_device", "security_groups", "vpc_security_groups"}, 325 Providers: testAccProviders, 326 CheckDestroy: testAccCheckInstanceDestroy, 327 Steps: []resource.TestStep{ 328 { 329 Config: ` 330 resource "aws_instance" "foo" { 331 # us-west-2 332 ami = "ami-01f05461" // This AMI (Ubuntu) contains two ephemerals 333 334 instance_type = "c3.large" 335 336 root_block_device { 337 volume_type = "gp2" 338 volume_size = 11 339 } 340 ephemeral_block_device { 341 device_name = "/dev/sdb" 342 no_device = true 343 } 344 ephemeral_block_device { 345 device_name = "/dev/sdc" 346 no_device = true 347 } 348 }`, 349 Check: resource.ComposeTestCheckFunc( 350 testAccCheckInstanceExists( 351 "aws_instance.foo", &v), 352 resource.TestCheckResourceAttr( 353 "aws_instance.foo", "ami", "ami-01f05461"), 354 resource.TestCheckResourceAttr( 355 "aws_instance.foo", "ebs_optimized", "false"), 356 resource.TestCheckResourceAttr( 357 "aws_instance.foo", "instance_type", "c3.large"), 358 resource.TestCheckResourceAttr( 359 "aws_instance.foo", "root_block_device.#", "1"), 360 resource.TestCheckResourceAttr( 361 "aws_instance.foo", "root_block_device.0.volume_size", "11"), 362 resource.TestCheckResourceAttr( 363 "aws_instance.foo", "root_block_device.0.volume_type", "gp2"), 364 resource.TestCheckResourceAttr( 365 "aws_instance.foo", "ebs_block_device.#", "0"), 366 resource.TestCheckResourceAttr( 367 "aws_instance.foo", "ephemeral_block_device.#", "2"), 368 resource.TestCheckResourceAttr( 369 "aws_instance.foo", "ephemeral_block_device.172787947.device_name", "/dev/sdb"), 370 resource.TestCheckResourceAttr( 371 "aws_instance.foo", "ephemeral_block_device.172787947.no_device", "true"), 372 resource.TestCheckResourceAttr( 373 "aws_instance.foo", "ephemeral_block_device.3336996981.device_name", "/dev/sdc"), 374 resource.TestCheckResourceAttr( 375 "aws_instance.foo", "ephemeral_block_device.3336996981.no_device", "true"), 376 testCheck(), 377 ), 378 }, 379 }, 380 }) 381 } 382 383 func TestAccAWSInstance_sourceDestCheck(t *testing.T) { 384 var v ec2.Instance 385 386 testCheck := func(enabled bool) resource.TestCheckFunc { 387 return func(*terraform.State) error { 388 if v.SourceDestCheck == nil { 389 return fmt.Errorf("bad source_dest_check: got nil") 390 } 391 if *v.SourceDestCheck != enabled { 392 return fmt.Errorf("bad source_dest_check: %#v", *v.SourceDestCheck) 393 } 394 395 return nil 396 } 397 } 398 399 resource.Test(t, resource.TestCase{ 400 PreCheck: func() { testAccPreCheck(t) }, 401 IDRefreshName: "aws_instance.foo", 402 Providers: testAccProviders, 403 CheckDestroy: testAccCheckInstanceDestroy, 404 Steps: []resource.TestStep{ 405 { 406 Config: testAccInstanceConfigSourceDestDisable, 407 Check: resource.ComposeTestCheckFunc( 408 testAccCheckInstanceExists("aws_instance.foo", &v), 409 testCheck(false), 410 ), 411 }, 412 413 { 414 Config: testAccInstanceConfigSourceDestEnable, 415 Check: resource.ComposeTestCheckFunc( 416 testAccCheckInstanceExists("aws_instance.foo", &v), 417 testCheck(true), 418 ), 419 }, 420 421 { 422 Config: testAccInstanceConfigSourceDestDisable, 423 Check: resource.ComposeTestCheckFunc( 424 testAccCheckInstanceExists("aws_instance.foo", &v), 425 testCheck(false), 426 ), 427 }, 428 }, 429 }) 430 } 431 432 func TestAccAWSInstance_disableApiTermination(t *testing.T) { 433 var v ec2.Instance 434 435 checkDisableApiTermination := func(expected bool) resource.TestCheckFunc { 436 return func(*terraform.State) error { 437 conn := testAccProvider.Meta().(*AWSClient).ec2conn 438 r, err := conn.DescribeInstanceAttribute(&ec2.DescribeInstanceAttributeInput{ 439 InstanceId: v.InstanceId, 440 Attribute: aws.String("disableApiTermination"), 441 }) 442 if err != nil { 443 return err 444 } 445 got := *r.DisableApiTermination.Value 446 if got != expected { 447 return fmt.Errorf("expected: %t, got: %t", expected, got) 448 } 449 return nil 450 } 451 } 452 453 resource.Test(t, resource.TestCase{ 454 PreCheck: func() { testAccPreCheck(t) }, 455 IDRefreshName: "aws_instance.foo", 456 Providers: testAccProviders, 457 CheckDestroy: testAccCheckInstanceDestroy, 458 Steps: []resource.TestStep{ 459 { 460 Config: testAccInstanceConfigDisableAPITermination(true), 461 Check: resource.ComposeTestCheckFunc( 462 testAccCheckInstanceExists("aws_instance.foo", &v), 463 checkDisableApiTermination(true), 464 ), 465 }, 466 467 { 468 Config: testAccInstanceConfigDisableAPITermination(false), 469 Check: resource.ComposeTestCheckFunc( 470 testAccCheckInstanceExists("aws_instance.foo", &v), 471 checkDisableApiTermination(false), 472 ), 473 }, 474 }, 475 }) 476 } 477 478 func TestAccAWSInstance_vpc(t *testing.T) { 479 var v ec2.Instance 480 481 resource.Test(t, resource.TestCase{ 482 PreCheck: func() { testAccPreCheck(t) }, 483 IDRefreshName: "aws_instance.foo", 484 IDRefreshIgnore: []string{"associate_public_ip_address"}, 485 Providers: testAccProviders, 486 CheckDestroy: testAccCheckInstanceDestroy, 487 Steps: []resource.TestStep{ 488 { 489 Config: testAccInstanceConfigVPC, 490 Check: resource.ComposeTestCheckFunc( 491 testAccCheckInstanceExists( 492 "aws_instance.foo", &v), 493 resource.TestCheckResourceAttr( 494 "aws_instance.foo", 495 "user_data", 496 "562a3e32810edf6ff09994f050f12e799452379d"), 497 ), 498 }, 499 }, 500 }) 501 } 502 503 func TestAccAWSInstance_ipv6_supportAddressCount(t *testing.T) { 504 var v ec2.Instance 505 506 resource.Test(t, resource.TestCase{ 507 PreCheck: func() { testAccPreCheck(t) }, 508 Providers: testAccProviders, 509 CheckDestroy: testAccCheckInstanceDestroy, 510 Steps: []resource.TestStep{ 511 { 512 Config: testAccInstanceConfigIpv6Support, 513 Check: resource.ComposeTestCheckFunc( 514 testAccCheckInstanceExists( 515 "aws_instance.foo", &v), 516 resource.TestCheckResourceAttr( 517 "aws_instance.foo", 518 "ipv6_address_count", 519 "1"), 520 ), 521 }, 522 }, 523 }) 524 } 525 526 func TestAccAWSInstance_ipv6AddressCountAndSingleAddressCausesError(t *testing.T) { 527 528 resource.Test(t, resource.TestCase{ 529 PreCheck: func() { testAccPreCheck(t) }, 530 Providers: testAccProviders, 531 CheckDestroy: testAccCheckInstanceDestroy, 532 Steps: []resource.TestStep{ 533 { 534 Config: testAccInstanceConfigIpv6ErrorConfig, 535 ExpectError: regexp.MustCompile("Only 1 of `ipv6_address_count` or `ipv6_addresses` can be specified"), 536 }, 537 }, 538 }) 539 } 540 541 func TestAccAWSInstance_multipleRegions(t *testing.T) { 542 var v ec2.Instance 543 544 // record the initialized providers so that we can use them to 545 // check for the instances in each region 546 var providers []*schema.Provider 547 providerFactories := map[string]terraform.ResourceProviderFactory{ 548 "aws": func() (terraform.ResourceProvider, error) { 549 p := Provider() 550 providers = append(providers, p.(*schema.Provider)) 551 return p, nil 552 }, 553 } 554 555 resource.Test(t, resource.TestCase{ 556 PreCheck: func() { testAccPreCheck(t) }, 557 ProviderFactories: providerFactories, 558 CheckDestroy: testAccCheckInstanceDestroyWithProviders(&providers), 559 Steps: []resource.TestStep{ 560 { 561 Config: testAccInstanceConfigMultipleRegions, 562 Check: resource.ComposeTestCheckFunc( 563 testAccCheckInstanceExistsWithProviders( 564 "aws_instance.foo", &v, &providers), 565 testAccCheckInstanceExistsWithProviders( 566 "aws_instance.bar", &v, &providers), 567 ), 568 }, 569 }, 570 }) 571 } 572 573 func TestAccAWSInstance_NetworkInstanceSecurityGroups(t *testing.T) { 574 var v ec2.Instance 575 576 resource.Test(t, resource.TestCase{ 577 PreCheck: func() { testAccPreCheck(t) }, 578 IDRefreshName: "aws_instance.foo_instance", 579 IDRefreshIgnore: []string{"associate_public_ip_address"}, 580 Providers: testAccProviders, 581 CheckDestroy: testAccCheckInstanceDestroy, 582 Steps: []resource.TestStep{ 583 { 584 Config: testAccInstanceNetworkInstanceSecurityGroups, 585 Check: resource.ComposeTestCheckFunc( 586 testAccCheckInstanceExists( 587 "aws_instance.foo_instance", &v), 588 ), 589 }, 590 }, 591 }) 592 } 593 594 func TestAccAWSInstance_NetworkInstanceVPCSecurityGroupIDs(t *testing.T) { 595 var v ec2.Instance 596 597 resource.Test(t, resource.TestCase{ 598 PreCheck: func() { testAccPreCheck(t) }, 599 IDRefreshName: "aws_instance.foo_instance", 600 Providers: testAccProviders, 601 CheckDestroy: testAccCheckInstanceDestroy, 602 Steps: []resource.TestStep{ 603 { 604 Config: testAccInstanceNetworkInstanceVPCSecurityGroupIDs, 605 Check: resource.ComposeTestCheckFunc( 606 testAccCheckInstanceExists( 607 "aws_instance.foo_instance", &v), 608 resource.TestCheckResourceAttr( 609 "aws_instance.foo_instance", "security_groups.#", "0"), 610 resource.TestCheckResourceAttr( 611 "aws_instance.foo_instance", "vpc_security_group_ids.#", "1"), 612 ), 613 }, 614 }, 615 }) 616 } 617 618 func TestAccAWSInstance_tags(t *testing.T) { 619 var v ec2.Instance 620 621 resource.Test(t, resource.TestCase{ 622 PreCheck: func() { testAccPreCheck(t) }, 623 Providers: testAccProviders, 624 CheckDestroy: testAccCheckInstanceDestroy, 625 Steps: []resource.TestStep{ 626 { 627 Config: testAccCheckInstanceConfigTags, 628 Check: resource.ComposeTestCheckFunc( 629 testAccCheckInstanceExists("aws_instance.foo", &v), 630 testAccCheckTags(&v.Tags, "foo", "bar"), 631 // Guard against regression of https://github.com/hashicorp/terraform/issues/914 632 testAccCheckTags(&v.Tags, "#", ""), 633 ), 634 }, 635 { 636 Config: testAccCheckInstanceConfigTagsUpdate, 637 Check: resource.ComposeTestCheckFunc( 638 testAccCheckInstanceExists("aws_instance.foo", &v), 639 testAccCheckTags(&v.Tags, "foo", ""), 640 testAccCheckTags(&v.Tags, "bar", "baz"), 641 ), 642 }, 643 }, 644 }) 645 } 646 647 func TestAccAWSInstance_volumeTags(t *testing.T) { 648 var v ec2.Instance 649 650 resource.Test(t, resource.TestCase{ 651 PreCheck: func() { testAccPreCheck(t) }, 652 Providers: testAccProviders, 653 CheckDestroy: testAccCheckInstanceDestroy, 654 Steps: []resource.TestStep{ 655 { 656 Config: testAccCheckInstanceConfigNoVolumeTags, 657 Check: resource.ComposeTestCheckFunc( 658 testAccCheckInstanceExists("aws_instance.foo", &v), 659 resource.TestCheckNoResourceAttr( 660 "aws_instance.foo", "volume_tags"), 661 ), 662 }, 663 { 664 Config: testAccCheckInstanceConfigWithVolumeTags, 665 Check: resource.ComposeTestCheckFunc( 666 testAccCheckInstanceExists("aws_instance.foo", &v), 667 resource.TestCheckResourceAttr( 668 "aws_instance.foo", "volume_tags.%", "1"), 669 resource.TestCheckResourceAttr( 670 "aws_instance.foo", "volume_tags.Name", "acceptance-test-volume-tag"), 671 ), 672 }, 673 { 674 Config: testAccCheckInstanceConfigWithVolumeTagsUpdate, 675 Check: resource.ComposeTestCheckFunc( 676 testAccCheckInstanceExists("aws_instance.foo", &v), 677 resource.TestCheckResourceAttr( 678 "aws_instance.foo", "volume_tags.%", "2"), 679 resource.TestCheckResourceAttr( 680 "aws_instance.foo", "volume_tags.Name", "acceptance-test-volume-tag"), 681 resource.TestCheckResourceAttr( 682 "aws_instance.foo", "volume_tags.Environment", "dev"), 683 ), 684 }, 685 { 686 Config: testAccCheckInstanceConfigNoVolumeTags, 687 Check: resource.ComposeTestCheckFunc( 688 testAccCheckInstanceExists("aws_instance.foo", &v), 689 resource.TestCheckNoResourceAttr( 690 "aws_instance.foo", "volume_tags"), 691 ), 692 }, 693 }, 694 }) 695 } 696 697 func TestAccAWSInstance_volumeTagsComputed(t *testing.T) { 698 var v ec2.Instance 699 700 resource.Test(t, resource.TestCase{ 701 PreCheck: func() { testAccPreCheck(t) }, 702 Providers: testAccProviders, 703 CheckDestroy: testAccCheckInstanceDestroy, 704 Steps: []resource.TestStep{ 705 { 706 Config: testAccCheckInstanceConfigWithAttachedVolume, 707 Check: resource.ComposeTestCheckFunc( 708 testAccCheckInstanceExists("aws_instance.foo", &v), 709 ), 710 ExpectNonEmptyPlan: false, 711 }, 712 }, 713 }) 714 } 715 716 func TestAccAWSInstance_instanceProfileChange(t *testing.T) { 717 var v ec2.Instance 718 rName := acctest.RandString(5) 719 720 testCheckInstanceProfile := func() resource.TestCheckFunc { 721 return func(*terraform.State) error { 722 if v.IamInstanceProfile == nil { 723 return fmt.Errorf("Instance Profile is nil - we expected an InstanceProfile associated with the Instance") 724 } 725 726 return nil 727 } 728 } 729 730 resource.Test(t, resource.TestCase{ 731 PreCheck: func() { testAccPreCheck(t) }, 732 IDRefreshName: "aws_instance.foo", 733 Providers: testAccProviders, 734 CheckDestroy: testAccCheckInstanceDestroy, 735 Steps: []resource.TestStep{ 736 { 737 Config: testAccInstanceConfigWithoutInstanceProfile(rName), 738 Check: resource.ComposeTestCheckFunc( 739 testAccCheckInstanceExists("aws_instance.foo", &v), 740 ), 741 }, 742 { 743 Config: testAccInstanceConfigWithInstanceProfile(rName), 744 Check: resource.ComposeTestCheckFunc( 745 testAccCheckInstanceExists("aws_instance.foo", &v), 746 testCheckInstanceProfile(), 747 ), 748 }, 749 }, 750 }) 751 } 752 753 func TestAccAWSInstance_withIamInstanceProfile(t *testing.T) { 754 var v ec2.Instance 755 rName := acctest.RandString(5) 756 757 testCheckInstanceProfile := func() resource.TestCheckFunc { 758 return func(*terraform.State) error { 759 if v.IamInstanceProfile == nil { 760 return fmt.Errorf("Instance Profile is nil - we expected an InstanceProfile associated with the Instance") 761 } 762 763 return nil 764 } 765 } 766 767 resource.Test(t, resource.TestCase{ 768 PreCheck: func() { testAccPreCheck(t) }, 769 IDRefreshName: "aws_instance.foo", 770 Providers: testAccProviders, 771 CheckDestroy: testAccCheckInstanceDestroy, 772 Steps: []resource.TestStep{ 773 { 774 Config: testAccInstanceConfigWithInstanceProfile(rName), 775 Check: resource.ComposeTestCheckFunc( 776 testAccCheckInstanceExists("aws_instance.foo", &v), 777 testCheckInstanceProfile(), 778 ), 779 }, 780 }, 781 }) 782 } 783 784 func TestAccAWSInstance_privateIP(t *testing.T) { 785 var v ec2.Instance 786 787 testCheckPrivateIP := func() resource.TestCheckFunc { 788 return func(*terraform.State) error { 789 if *v.PrivateIpAddress != "10.1.1.42" { 790 return fmt.Errorf("bad private IP: %s", *v.PrivateIpAddress) 791 } 792 793 return nil 794 } 795 } 796 797 resource.Test(t, resource.TestCase{ 798 PreCheck: func() { testAccPreCheck(t) }, 799 IDRefreshName: "aws_instance.foo", 800 Providers: testAccProviders, 801 CheckDestroy: testAccCheckInstanceDestroy, 802 Steps: []resource.TestStep{ 803 { 804 Config: testAccInstanceConfigPrivateIP, 805 Check: resource.ComposeTestCheckFunc( 806 testAccCheckInstanceExists("aws_instance.foo", &v), 807 testCheckPrivateIP(), 808 ), 809 }, 810 }, 811 }) 812 } 813 814 func TestAccAWSInstance_associatePublicIPAndPrivateIP(t *testing.T) { 815 var v ec2.Instance 816 817 testCheckPrivateIP := func() resource.TestCheckFunc { 818 return func(*terraform.State) error { 819 if *v.PrivateIpAddress != "10.1.1.42" { 820 return fmt.Errorf("bad private IP: %s", *v.PrivateIpAddress) 821 } 822 823 return nil 824 } 825 } 826 827 resource.Test(t, resource.TestCase{ 828 PreCheck: func() { testAccPreCheck(t) }, 829 IDRefreshName: "aws_instance.foo", 830 IDRefreshIgnore: []string{"associate_public_ip_address"}, 831 Providers: testAccProviders, 832 CheckDestroy: testAccCheckInstanceDestroy, 833 Steps: []resource.TestStep{ 834 { 835 Config: testAccInstanceConfigAssociatePublicIPAndPrivateIP, 836 Check: resource.ComposeTestCheckFunc( 837 testAccCheckInstanceExists("aws_instance.foo", &v), 838 testCheckPrivateIP(), 839 ), 840 }, 841 }, 842 }) 843 } 844 845 // Guard against regression with KeyPairs 846 // https://github.com/hashicorp/terraform/issues/2302 847 func TestAccAWSInstance_keyPairCheck(t *testing.T) { 848 var v ec2.Instance 849 850 testCheckKeyPair := func(keyName string) resource.TestCheckFunc { 851 return func(*terraform.State) error { 852 if v.KeyName == nil { 853 return fmt.Errorf("No Key Pair found, expected(%s)", keyName) 854 } 855 if v.KeyName != nil && *v.KeyName != keyName { 856 return fmt.Errorf("Bad key name, expected (%s), got (%s)", keyName, *v.KeyName) 857 } 858 859 return nil 860 } 861 } 862 863 keyPairName := fmt.Sprintf("tf-acc-test-%s", acctest.RandString(5)) 864 865 resource.Test(t, resource.TestCase{ 866 PreCheck: func() { testAccPreCheck(t) }, 867 IDRefreshName: "aws_instance.foo", 868 IDRefreshIgnore: []string{"source_dest_check"}, 869 Providers: testAccProviders, 870 CheckDestroy: testAccCheckInstanceDestroy, 871 Steps: []resource.TestStep{ 872 { 873 Config: testAccInstanceConfigKeyPair(keyPairName), 874 Check: resource.ComposeTestCheckFunc( 875 testAccCheckInstanceExists("aws_instance.foo", &v), 876 testCheckKeyPair(keyPairName), 877 ), 878 }, 879 }, 880 }) 881 } 882 883 func TestAccAWSInstance_rootBlockDeviceMismatch(t *testing.T) { 884 var v ec2.Instance 885 886 resource.Test(t, resource.TestCase{ 887 PreCheck: func() { testAccPreCheck(t) }, 888 Providers: testAccProviders, 889 CheckDestroy: testAccCheckInstanceDestroy, 890 Steps: []resource.TestStep{ 891 { 892 Config: testAccInstanceConfigRootBlockDeviceMismatch, 893 Check: resource.ComposeTestCheckFunc( 894 testAccCheckInstanceExists("aws_instance.foo", &v), 895 resource.TestCheckResourceAttr( 896 "aws_instance.foo", "root_block_device.0.volume_size", "13"), 897 ), 898 }, 899 }, 900 }) 901 } 902 903 // This test reproduces the bug here: 904 // https://github.com/hashicorp/terraform/issues/1752 905 // 906 // I wish there were a way to exercise resources built with helper.Schema in a 907 // unit context, in which case this test could be moved there, but for now this 908 // will cover the bugfix. 909 // 910 // The following triggers "diffs didn't match during apply" without the fix in to 911 // set NewRemoved on the .# field when it changes to 0. 912 func TestAccAWSInstance_forceNewAndTagsDrift(t *testing.T) { 913 var v ec2.Instance 914 915 resource.Test(t, resource.TestCase{ 916 PreCheck: func() { testAccPreCheck(t) }, 917 IDRefreshName: "aws_instance.foo", 918 Providers: testAccProviders, 919 CheckDestroy: testAccCheckInstanceDestroy, 920 Steps: []resource.TestStep{ 921 { 922 Config: testAccInstanceConfigForceNewAndTagsDrift, 923 Check: resource.ComposeTestCheckFunc( 924 testAccCheckInstanceExists("aws_instance.foo", &v), 925 driftTags(&v), 926 ), 927 ExpectNonEmptyPlan: true, 928 }, 929 { 930 Config: testAccInstanceConfigForceNewAndTagsDrift_Update, 931 Check: resource.ComposeTestCheckFunc( 932 testAccCheckInstanceExists("aws_instance.foo", &v), 933 ), 934 }, 935 }, 936 }) 937 } 938 939 func TestAccAWSInstance_changeInstanceType(t *testing.T) { 940 var before ec2.Instance 941 var after ec2.Instance 942 943 resource.Test(t, resource.TestCase{ 944 PreCheck: func() { testAccPreCheck(t) }, 945 Providers: testAccProviders, 946 CheckDestroy: testAccCheckInstanceDestroy, 947 Steps: []resource.TestStep{ 948 { 949 Config: testAccInstanceConfigWithSmallInstanceType, 950 Check: resource.ComposeTestCheckFunc( 951 testAccCheckInstanceExists("aws_instance.foo", &before), 952 ), 953 }, 954 { 955 Config: testAccInstanceConfigUpdateInstanceType, 956 Check: resource.ComposeTestCheckFunc( 957 testAccCheckInstanceExists("aws_instance.foo", &after), 958 testAccCheckInstanceNotRecreated( 959 t, &before, &after), 960 ), 961 }, 962 }, 963 }) 964 } 965 966 func TestAccAWSInstance_primaryNetworkInterface(t *testing.T) { 967 var instance ec2.Instance 968 var ini ec2.NetworkInterface 969 970 resource.Test(t, resource.TestCase{ 971 PreCheck: func() { testAccPreCheck(t) }, 972 Providers: testAccProviders, 973 CheckDestroy: testAccCheckInstanceDestroy, 974 Steps: []resource.TestStep{ 975 { 976 Config: testAccInstanceConfigPrimaryNetworkInterface, 977 Check: resource.ComposeTestCheckFunc( 978 testAccCheckInstanceExists("aws_instance.foo", &instance), 979 testAccCheckAWSENIExists("aws_network_interface.bar", &ini), 980 resource.TestCheckResourceAttr("aws_instance.foo", "network_interface.#", "1"), 981 ), 982 }, 983 }, 984 }) 985 } 986 987 func TestAccAWSInstance_primaryNetworkInterfaceSourceDestCheck(t *testing.T) { 988 var instance ec2.Instance 989 var ini ec2.NetworkInterface 990 991 resource.Test(t, resource.TestCase{ 992 PreCheck: func() { testAccPreCheck(t) }, 993 Providers: testAccProviders, 994 CheckDestroy: testAccCheckInstanceDestroy, 995 Steps: []resource.TestStep{ 996 { 997 Config: testAccInstanceConfigPrimaryNetworkInterfaceSourceDestCheck, 998 Check: resource.ComposeTestCheckFunc( 999 testAccCheckInstanceExists("aws_instance.foo", &instance), 1000 testAccCheckAWSENIExists("aws_network_interface.bar", &ini), 1001 resource.TestCheckResourceAttr("aws_instance.foo", "source_dest_check", "false"), 1002 ), 1003 }, 1004 }, 1005 }) 1006 } 1007 1008 func TestAccAWSInstance_addSecondaryInterface(t *testing.T) { 1009 var before ec2.Instance 1010 var after ec2.Instance 1011 var iniPrimary ec2.NetworkInterface 1012 var iniSecondary ec2.NetworkInterface 1013 1014 resource.Test(t, resource.TestCase{ 1015 PreCheck: func() { testAccPreCheck(t) }, 1016 Providers: testAccProviders, 1017 CheckDestroy: testAccCheckInstanceDestroy, 1018 Steps: []resource.TestStep{ 1019 { 1020 Config: testAccInstanceConfigAddSecondaryNetworkInterfaceBefore, 1021 Check: resource.ComposeTestCheckFunc( 1022 testAccCheckInstanceExists("aws_instance.foo", &before), 1023 testAccCheckAWSENIExists("aws_network_interface.primary", &iniPrimary), 1024 resource.TestCheckResourceAttr("aws_instance.foo", "network_interface.#", "1"), 1025 ), 1026 }, 1027 { 1028 Config: testAccInstanceConfigAddSecondaryNetworkInterfaceAfter, 1029 Check: resource.ComposeTestCheckFunc( 1030 testAccCheckInstanceExists("aws_instance.foo", &after), 1031 testAccCheckAWSENIExists("aws_network_interface.secondary", &iniSecondary), 1032 resource.TestCheckResourceAttr("aws_instance.foo", "network_interface.#", "1"), 1033 ), 1034 }, 1035 }, 1036 }) 1037 } 1038 1039 // https://github.com/hashicorp/terraform/issues/3205 1040 func TestAccAWSInstance_addSecurityGroupNetworkInterface(t *testing.T) { 1041 var before ec2.Instance 1042 var after ec2.Instance 1043 1044 resource.Test(t, resource.TestCase{ 1045 PreCheck: func() { testAccPreCheck(t) }, 1046 Providers: testAccProviders, 1047 CheckDestroy: testAccCheckInstanceDestroy, 1048 Steps: []resource.TestStep{ 1049 { 1050 Config: testAccInstanceConfigAddSecurityGroupBefore, 1051 Check: resource.ComposeTestCheckFunc( 1052 testAccCheckInstanceExists("aws_instance.foo", &before), 1053 resource.TestCheckResourceAttr("aws_instance.foo", "vpc_security_group_ids.#", "1"), 1054 ), 1055 }, 1056 { 1057 Config: testAccInstanceConfigAddSecurityGroupAfter, 1058 Check: resource.ComposeTestCheckFunc( 1059 testAccCheckInstanceExists("aws_instance.foo", &after), 1060 resource.TestCheckResourceAttr("aws_instance.foo", "vpc_security_group_ids.#", "2"), 1061 ), 1062 }, 1063 }, 1064 }) 1065 } 1066 1067 func testAccCheckInstanceNotRecreated(t *testing.T, 1068 before, after *ec2.Instance) resource.TestCheckFunc { 1069 return func(s *terraform.State) error { 1070 if *before.InstanceId != *after.InstanceId { 1071 t.Fatalf("AWS Instance IDs have changed. Before %s. After %s", *before.InstanceId, *after.InstanceId) 1072 } 1073 return nil 1074 } 1075 } 1076 1077 func testAccCheckInstanceDestroy(s *terraform.State) error { 1078 return testAccCheckInstanceDestroyWithProvider(s, testAccProvider) 1079 } 1080 1081 func testAccCheckInstanceDestroyWithProviders(providers *[]*schema.Provider) resource.TestCheckFunc { 1082 return func(s *terraform.State) error { 1083 for _, provider := range *providers { 1084 if provider.Meta() == nil { 1085 continue 1086 } 1087 if err := testAccCheckInstanceDestroyWithProvider(s, provider); err != nil { 1088 return err 1089 } 1090 } 1091 return nil 1092 } 1093 } 1094 1095 func testAccCheckInstanceDestroyWithProvider(s *terraform.State, provider *schema.Provider) error { 1096 conn := provider.Meta().(*AWSClient).ec2conn 1097 1098 for _, rs := range s.RootModule().Resources { 1099 if rs.Type != "aws_instance" { 1100 continue 1101 } 1102 1103 // Try to find the resource 1104 resp, err := conn.DescribeInstances(&ec2.DescribeInstancesInput{ 1105 InstanceIds: []*string{aws.String(rs.Primary.ID)}, 1106 }) 1107 if err == nil { 1108 for _, r := range resp.Reservations { 1109 for _, i := range r.Instances { 1110 if i.State != nil && *i.State.Name != "terminated" { 1111 return fmt.Errorf("Found unterminated instance: %s", i) 1112 } 1113 } 1114 } 1115 } 1116 1117 // Verify the error is what we want 1118 if ae, ok := err.(awserr.Error); ok && ae.Code() == "InvalidInstanceID.NotFound" { 1119 continue 1120 } 1121 1122 return err 1123 } 1124 1125 return nil 1126 } 1127 1128 func testAccCheckInstanceExists(n string, i *ec2.Instance) resource.TestCheckFunc { 1129 providers := []*schema.Provider{testAccProvider} 1130 return testAccCheckInstanceExistsWithProviders(n, i, &providers) 1131 } 1132 1133 func testAccCheckInstanceExistsWithProviders(n string, i *ec2.Instance, providers *[]*schema.Provider) resource.TestCheckFunc { 1134 return func(s *terraform.State) error { 1135 rs, ok := s.RootModule().Resources[n] 1136 if !ok { 1137 return fmt.Errorf("Not found: %s", n) 1138 } 1139 1140 if rs.Primary.ID == "" { 1141 return fmt.Errorf("No ID is set") 1142 } 1143 for _, provider := range *providers { 1144 // Ignore if Meta is empty, this can happen for validation providers 1145 if provider.Meta() == nil { 1146 continue 1147 } 1148 1149 conn := provider.Meta().(*AWSClient).ec2conn 1150 resp, err := conn.DescribeInstances(&ec2.DescribeInstancesInput{ 1151 InstanceIds: []*string{aws.String(rs.Primary.ID)}, 1152 }) 1153 if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidInstanceID.NotFound" { 1154 continue 1155 } 1156 if err != nil { 1157 return err 1158 } 1159 1160 if len(resp.Reservations) > 0 { 1161 *i = *resp.Reservations[0].Instances[0] 1162 return nil 1163 } 1164 } 1165 1166 return fmt.Errorf("Instance not found") 1167 } 1168 } 1169 1170 func TestInstanceTenancySchema(t *testing.T) { 1171 actualSchema := resourceAwsInstance().Schema["tenancy"] 1172 expectedSchema := &schema.Schema{ 1173 Type: schema.TypeString, 1174 Optional: true, 1175 Computed: true, 1176 ForceNew: true, 1177 } 1178 if !reflect.DeepEqual(actualSchema, expectedSchema) { 1179 t.Fatalf( 1180 "Got:\n\n%#v\n\nExpected:\n\n%#v\n", 1181 actualSchema, 1182 expectedSchema) 1183 } 1184 } 1185 1186 func driftTags(instance *ec2.Instance) resource.TestCheckFunc { 1187 return func(s *terraform.State) error { 1188 conn := testAccProvider.Meta().(*AWSClient).ec2conn 1189 _, err := conn.CreateTags(&ec2.CreateTagsInput{ 1190 Resources: []*string{instance.InstanceId}, 1191 Tags: []*ec2.Tag{ 1192 { 1193 Key: aws.String("Drift"), 1194 Value: aws.String("Happens"), 1195 }, 1196 }, 1197 }) 1198 return err 1199 } 1200 } 1201 1202 const testAccInstanceConfig_pre = ` 1203 resource "aws_security_group" "tf_test_foo" { 1204 name = "tf_test_foo" 1205 description = "foo" 1206 1207 ingress { 1208 protocol = "icmp" 1209 from_port = -1 1210 to_port = -1 1211 cidr_blocks = ["0.0.0.0/0"] 1212 } 1213 } 1214 ` 1215 1216 const testAccInstanceConfig = ` 1217 resource "aws_security_group" "tf_test_foo" { 1218 name = "tf_test_foo" 1219 description = "foo" 1220 1221 ingress { 1222 protocol = "icmp" 1223 from_port = -1 1224 to_port = -1 1225 cidr_blocks = ["0.0.0.0/0"] 1226 } 1227 } 1228 1229 resource "aws_instance" "foo" { 1230 # us-west-2 1231 ami = "ami-4fccb37f" 1232 availability_zone = "us-west-2a" 1233 1234 instance_type = "m1.small" 1235 security_groups = ["${aws_security_group.tf_test_foo.name}"] 1236 user_data = "foo:-with-character's" 1237 } 1238 ` 1239 1240 const testAccInstanceConfigWithSmallInstanceType = ` 1241 resource "aws_instance" "foo" { 1242 # us-west-2 1243 ami = "ami-55a7ea65" 1244 availability_zone = "us-west-2a" 1245 1246 instance_type = "m3.medium" 1247 1248 tags { 1249 Name = "tf-acctest" 1250 } 1251 } 1252 ` 1253 1254 const testAccInstanceConfigUpdateInstanceType = ` 1255 resource "aws_instance" "foo" { 1256 # us-west-2 1257 ami = "ami-55a7ea65" 1258 availability_zone = "us-west-2a" 1259 1260 instance_type = "m3.large" 1261 1262 tags { 1263 Name = "tf-acctest" 1264 } 1265 } 1266 ` 1267 1268 const testAccInstanceGP2IopsDevice = ` 1269 resource "aws_instance" "foo" { 1270 # us-west-2 1271 ami = "ami-55a7ea65" 1272 1273 # In order to attach an encrypted volume to an instance you need to have an 1274 # m3.medium or larger. See "Supported Instance Types" in: 1275 # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html 1276 instance_type = "m3.medium" 1277 1278 root_block_device { 1279 volume_type = "gp2" 1280 volume_size = 11 1281 } 1282 } 1283 ` 1284 1285 const testAccInstanceConfigBlockDevices = ` 1286 resource "aws_instance" "foo" { 1287 # us-west-2 1288 ami = "ami-55a7ea65" 1289 1290 # In order to attach an encrypted volume to an instance you need to have an 1291 # m3.medium or larger. See "Supported Instance Types" in: 1292 # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html 1293 instance_type = "m3.medium" 1294 1295 root_block_device { 1296 volume_type = "gp2" 1297 volume_size = 11 1298 } 1299 ebs_block_device { 1300 device_name = "/dev/sdb" 1301 volume_size = 9 1302 } 1303 ebs_block_device { 1304 device_name = "/dev/sdc" 1305 volume_size = 10 1306 volume_type = "io1" 1307 iops = 100 1308 } 1309 1310 # Encrypted ebs block device 1311 ebs_block_device { 1312 device_name = "/dev/sdd" 1313 volume_size = 12 1314 encrypted = true 1315 } 1316 1317 ephemeral_block_device { 1318 device_name = "/dev/sde" 1319 virtual_name = "ephemeral0" 1320 } 1321 } 1322 ` 1323 1324 const testAccInstanceConfigSourceDestEnable = ` 1325 resource "aws_vpc" "foo" { 1326 cidr_block = "10.1.0.0/16" 1327 } 1328 1329 resource "aws_subnet" "foo" { 1330 cidr_block = "10.1.1.0/24" 1331 vpc_id = "${aws_vpc.foo.id}" 1332 } 1333 1334 resource "aws_instance" "foo" { 1335 # us-west-2 1336 ami = "ami-4fccb37f" 1337 instance_type = "m1.small" 1338 subnet_id = "${aws_subnet.foo.id}" 1339 } 1340 ` 1341 1342 const testAccInstanceConfigSourceDestDisable = ` 1343 resource "aws_vpc" "foo" { 1344 cidr_block = "10.1.0.0/16" 1345 } 1346 1347 resource "aws_subnet" "foo" { 1348 cidr_block = "10.1.1.0/24" 1349 vpc_id = "${aws_vpc.foo.id}" 1350 } 1351 1352 resource "aws_instance" "foo" { 1353 # us-west-2 1354 ami = "ami-4fccb37f" 1355 instance_type = "m1.small" 1356 subnet_id = "${aws_subnet.foo.id}" 1357 source_dest_check = false 1358 } 1359 ` 1360 1361 func testAccInstanceConfigDisableAPITermination(val bool) string { 1362 return fmt.Sprintf(` 1363 resource "aws_vpc" "foo" { 1364 cidr_block = "10.1.0.0/16" 1365 } 1366 1367 resource "aws_subnet" "foo" { 1368 cidr_block = "10.1.1.0/24" 1369 vpc_id = "${aws_vpc.foo.id}" 1370 } 1371 1372 resource "aws_instance" "foo" { 1373 # us-west-2 1374 ami = "ami-4fccb37f" 1375 instance_type = "m1.small" 1376 subnet_id = "${aws_subnet.foo.id}" 1377 disable_api_termination = %t 1378 } 1379 `, val) 1380 } 1381 1382 const testAccInstanceConfigVPC = ` 1383 resource "aws_vpc" "foo" { 1384 cidr_block = "10.1.0.0/16" 1385 } 1386 1387 resource "aws_subnet" "foo" { 1388 cidr_block = "10.1.1.0/24" 1389 vpc_id = "${aws_vpc.foo.id}" 1390 } 1391 1392 resource "aws_instance" "foo" { 1393 # us-west-2 1394 ami = "ami-4fccb37f" 1395 instance_type = "m1.small" 1396 subnet_id = "${aws_subnet.foo.id}" 1397 associate_public_ip_address = true 1398 tenancy = "dedicated" 1399 # pre-encoded base64 data 1400 user_data = "3dc39dda39be1205215e776bad998da361a5955d" 1401 } 1402 ` 1403 1404 const testAccInstanceConfigIpv6ErrorConfig = ` 1405 resource "aws_vpc" "foo" { 1406 cidr_block = "10.1.0.0/16" 1407 assign_generated_ipv6_cidr_block = true 1408 tags { 1409 Name = "tf-ipv6-instance-acc-test" 1410 } 1411 } 1412 1413 resource "aws_subnet" "foo" { 1414 cidr_block = "10.1.1.0/24" 1415 vpc_id = "${aws_vpc.foo.id}" 1416 ipv6_cidr_block = "${cidrsubnet(aws_vpc.foo.ipv6_cidr_block, 8, 1)}" 1417 tags { 1418 Name = "tf-ipv6-instance-acc-test" 1419 } 1420 } 1421 1422 resource "aws_instance" "foo" { 1423 # us-west-2 1424 ami = "ami-c5eabbf5" 1425 instance_type = "t2.micro" 1426 subnet_id = "${aws_subnet.foo.id}" 1427 ipv6_addresses = ["2600:1f14:bb2:e501::10"] 1428 ipv6_address_count = 1 1429 tags { 1430 Name = "tf-ipv6-instance-acc-test" 1431 } 1432 } 1433 ` 1434 1435 const testAccInstanceConfigIpv6Support = ` 1436 resource "aws_vpc" "foo" { 1437 cidr_block = "10.1.0.0/16" 1438 assign_generated_ipv6_cidr_block = true 1439 tags { 1440 Name = "tf-ipv6-instance-acc-test" 1441 } 1442 } 1443 1444 resource "aws_subnet" "foo" { 1445 cidr_block = "10.1.1.0/24" 1446 vpc_id = "${aws_vpc.foo.id}" 1447 ipv6_cidr_block = "${cidrsubnet(aws_vpc.foo.ipv6_cidr_block, 8, 1)}" 1448 tags { 1449 Name = "tf-ipv6-instance-acc-test" 1450 } 1451 } 1452 1453 resource "aws_instance" "foo" { 1454 # us-west-2 1455 ami = "ami-c5eabbf5" 1456 instance_type = "t2.micro" 1457 subnet_id = "${aws_subnet.foo.id}" 1458 1459 ipv6_address_count = 1 1460 tags { 1461 Name = "tf-ipv6-instance-acc-test" 1462 } 1463 } 1464 ` 1465 1466 const testAccInstanceConfigMultipleRegions = ` 1467 provider "aws" { 1468 alias = "west" 1469 region = "us-west-2" 1470 } 1471 1472 provider "aws" { 1473 alias = "east" 1474 region = "us-east-1" 1475 } 1476 1477 resource "aws_instance" "foo" { 1478 # us-west-2 1479 provider = "aws.west" 1480 ami = "ami-4fccb37f" 1481 instance_type = "m1.small" 1482 } 1483 1484 resource "aws_instance" "bar" { 1485 # us-east-1 1486 provider = "aws.east" 1487 ami = "ami-8c6ea9e4" 1488 instance_type = "m1.small" 1489 } 1490 ` 1491 1492 const testAccCheckInstanceConfigTags = ` 1493 resource "aws_instance" "foo" { 1494 ami = "ami-4fccb37f" 1495 instance_type = "m1.small" 1496 tags { 1497 foo = "bar" 1498 } 1499 } 1500 ` 1501 1502 const testAccCheckInstanceConfigWithAttachedVolume = ` 1503 data "aws_ami" "debian_jessie_latest" { 1504 most_recent = true 1505 1506 filter { 1507 name = "name" 1508 values = ["debian-jessie-*"] 1509 } 1510 1511 filter { 1512 name = "virtualization-type" 1513 values = ["hvm"] 1514 } 1515 1516 filter { 1517 name = "architecture" 1518 values = ["x86_64"] 1519 } 1520 1521 filter { 1522 name = "root-device-type" 1523 values = ["ebs"] 1524 } 1525 1526 owners = ["379101102735"] # Debian 1527 } 1528 1529 resource "aws_instance" "foo" { 1530 ami = "${data.aws_ami.debian_jessie_latest.id}" 1531 associate_public_ip_address = true 1532 count = 1 1533 instance_type = "t2.medium" 1534 1535 root_block_device { 1536 volume_size = "10" 1537 volume_type = "standard" 1538 delete_on_termination = true 1539 } 1540 1541 tags { 1542 Name = "test-terraform" 1543 } 1544 } 1545 1546 resource "aws_ebs_volume" "test" { 1547 depends_on = ["aws_instance.foo"] 1548 availability_zone = "${aws_instance.foo.availability_zone}" 1549 type = "gp2" 1550 size = "10" 1551 1552 tags { 1553 Name = "test-terraform" 1554 } 1555 } 1556 1557 resource "aws_volume_attachment" "test" { 1558 depends_on = ["aws_ebs_volume.test"] 1559 device_name = "/dev/xvdg" 1560 volume_id = "${aws_ebs_volume.test.id}" 1561 instance_id = "${aws_instance.foo.id}" 1562 } 1563 ` 1564 1565 const testAccCheckInstanceConfigNoVolumeTags = ` 1566 resource "aws_instance" "foo" { 1567 ami = "ami-55a7ea65" 1568 1569 instance_type = "m3.medium" 1570 1571 root_block_device { 1572 volume_type = "gp2" 1573 volume_size = 11 1574 } 1575 ebs_block_device { 1576 device_name = "/dev/sdb" 1577 volume_size = 9 1578 } 1579 ebs_block_device { 1580 device_name = "/dev/sdc" 1581 volume_size = 10 1582 volume_type = "io1" 1583 iops = 100 1584 } 1585 1586 ebs_block_device { 1587 device_name = "/dev/sdd" 1588 volume_size = 12 1589 encrypted = true 1590 } 1591 1592 ephemeral_block_device { 1593 device_name = "/dev/sde" 1594 virtual_name = "ephemeral0" 1595 } 1596 } 1597 ` 1598 1599 const testAccCheckInstanceConfigWithVolumeTags = ` 1600 resource "aws_instance" "foo" { 1601 ami = "ami-55a7ea65" 1602 1603 instance_type = "m3.medium" 1604 1605 root_block_device { 1606 volume_type = "gp2" 1607 volume_size = 11 1608 } 1609 ebs_block_device { 1610 device_name = "/dev/sdb" 1611 volume_size = 9 1612 } 1613 ebs_block_device { 1614 device_name = "/dev/sdc" 1615 volume_size = 10 1616 volume_type = "io1" 1617 iops = 100 1618 } 1619 1620 ebs_block_device { 1621 device_name = "/dev/sdd" 1622 volume_size = 12 1623 encrypted = true 1624 } 1625 1626 ephemeral_block_device { 1627 device_name = "/dev/sde" 1628 virtual_name = "ephemeral0" 1629 } 1630 1631 volume_tags { 1632 Name = "acceptance-test-volume-tag" 1633 } 1634 } 1635 ` 1636 1637 const testAccCheckInstanceConfigWithVolumeTagsUpdate = ` 1638 resource "aws_instance" "foo" { 1639 ami = "ami-55a7ea65" 1640 1641 instance_type = "m3.medium" 1642 1643 root_block_device { 1644 volume_type = "gp2" 1645 volume_size = 11 1646 } 1647 ebs_block_device { 1648 device_name = "/dev/sdb" 1649 volume_size = 9 1650 } 1651 ebs_block_device { 1652 device_name = "/dev/sdc" 1653 volume_size = 10 1654 volume_type = "io1" 1655 iops = 100 1656 } 1657 1658 ebs_block_device { 1659 device_name = "/dev/sdd" 1660 volume_size = 12 1661 encrypted = true 1662 } 1663 1664 ephemeral_block_device { 1665 device_name = "/dev/sde" 1666 virtual_name = "ephemeral0" 1667 } 1668 1669 volume_tags { 1670 Name = "acceptance-test-volume-tag" 1671 Environment = "dev" 1672 } 1673 } 1674 ` 1675 1676 const testAccCheckInstanceConfigTagsUpdate = ` 1677 resource "aws_instance" "foo" { 1678 ami = "ami-4fccb37f" 1679 instance_type = "m1.small" 1680 tags { 1681 bar = "baz" 1682 } 1683 } 1684 ` 1685 1686 func testAccInstanceConfigWithoutInstanceProfile(rName string) string { 1687 return fmt.Sprintf(` 1688 resource "aws_iam_role" "test" { 1689 name = "test-%s" 1690 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 1691 } 1692 1693 resource "aws_iam_instance_profile" "test" { 1694 name = "test-%s" 1695 roles = ["${aws_iam_role.test.name}"] 1696 } 1697 1698 resource "aws_instance" "foo" { 1699 ami = "ami-4fccb37f" 1700 instance_type = "m1.small" 1701 tags { 1702 bar = "baz" 1703 } 1704 }`, rName, rName) 1705 } 1706 1707 func testAccInstanceConfigWithInstanceProfile(rName string) string { 1708 return fmt.Sprintf(` 1709 resource "aws_iam_role" "test" { 1710 name = "test-%s" 1711 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 1712 } 1713 1714 resource "aws_iam_instance_profile" "test" { 1715 name = "test-%s" 1716 roles = ["${aws_iam_role.test.name}"] 1717 } 1718 1719 resource "aws_instance" "foo" { 1720 ami = "ami-4fccb37f" 1721 instance_type = "m1.small" 1722 iam_instance_profile = "${aws_iam_instance_profile.test.name}" 1723 tags { 1724 bar = "baz" 1725 } 1726 }`, rName, rName) 1727 } 1728 1729 const testAccInstanceConfigPrivateIP = ` 1730 resource "aws_vpc" "foo" { 1731 cidr_block = "10.1.0.0/16" 1732 } 1733 1734 resource "aws_subnet" "foo" { 1735 cidr_block = "10.1.1.0/24" 1736 vpc_id = "${aws_vpc.foo.id}" 1737 } 1738 1739 resource "aws_instance" "foo" { 1740 ami = "ami-c5eabbf5" 1741 instance_type = "t2.micro" 1742 subnet_id = "${aws_subnet.foo.id}" 1743 private_ip = "10.1.1.42" 1744 } 1745 ` 1746 1747 const testAccInstanceConfigAssociatePublicIPAndPrivateIP = ` 1748 resource "aws_vpc" "foo" { 1749 cidr_block = "10.1.0.0/16" 1750 } 1751 1752 resource "aws_subnet" "foo" { 1753 cidr_block = "10.1.1.0/24" 1754 vpc_id = "${aws_vpc.foo.id}" 1755 } 1756 1757 resource "aws_instance" "foo" { 1758 ami = "ami-c5eabbf5" 1759 instance_type = "t2.micro" 1760 subnet_id = "${aws_subnet.foo.id}" 1761 associate_public_ip_address = true 1762 private_ip = "10.1.1.42" 1763 } 1764 ` 1765 1766 const testAccInstanceNetworkInstanceSecurityGroups = ` 1767 resource "aws_internet_gateway" "gw" { 1768 vpc_id = "${aws_vpc.foo.id}" 1769 } 1770 1771 resource "aws_vpc" "foo" { 1772 cidr_block = "10.1.0.0/16" 1773 tags { 1774 Name = "tf-network-test" 1775 } 1776 } 1777 1778 resource "aws_security_group" "tf_test_foo" { 1779 name = "tf_test_foo" 1780 description = "foo" 1781 vpc_id="${aws_vpc.foo.id}" 1782 1783 ingress { 1784 protocol = "icmp" 1785 from_port = -1 1786 to_port = -1 1787 cidr_blocks = ["0.0.0.0/0"] 1788 } 1789 } 1790 1791 resource "aws_subnet" "foo" { 1792 cidr_block = "10.1.1.0/24" 1793 vpc_id = "${aws_vpc.foo.id}" 1794 } 1795 1796 resource "aws_instance" "foo_instance" { 1797 ami = "ami-21f78e11" 1798 instance_type = "t1.micro" 1799 vpc_security_group_ids = ["${aws_security_group.tf_test_foo.id}"] 1800 subnet_id = "${aws_subnet.foo.id}" 1801 associate_public_ip_address = true 1802 depends_on = ["aws_internet_gateway.gw"] 1803 } 1804 1805 resource "aws_eip" "foo_eip" { 1806 instance = "${aws_instance.foo_instance.id}" 1807 vpc = true 1808 depends_on = ["aws_internet_gateway.gw"] 1809 } 1810 ` 1811 1812 const testAccInstanceNetworkInstanceVPCSecurityGroupIDs = ` 1813 resource "aws_internet_gateway" "gw" { 1814 vpc_id = "${aws_vpc.foo.id}" 1815 } 1816 1817 resource "aws_vpc" "foo" { 1818 cidr_block = "10.1.0.0/16" 1819 tags { 1820 Name = "tf-network-test" 1821 } 1822 } 1823 1824 resource "aws_security_group" "tf_test_foo" { 1825 name = "tf_test_foo" 1826 description = "foo" 1827 vpc_id="${aws_vpc.foo.id}" 1828 1829 ingress { 1830 protocol = "icmp" 1831 from_port = -1 1832 to_port = -1 1833 cidr_blocks = ["0.0.0.0/0"] 1834 } 1835 } 1836 1837 resource "aws_subnet" "foo" { 1838 cidr_block = "10.1.1.0/24" 1839 vpc_id = "${aws_vpc.foo.id}" 1840 } 1841 1842 resource "aws_instance" "foo_instance" { 1843 ami = "ami-21f78e11" 1844 instance_type = "t1.micro" 1845 vpc_security_group_ids = ["${aws_security_group.tf_test_foo.id}"] 1846 subnet_id = "${aws_subnet.foo.id}" 1847 depends_on = ["aws_internet_gateway.gw"] 1848 } 1849 1850 resource "aws_eip" "foo_eip" { 1851 instance = "${aws_instance.foo_instance.id}" 1852 vpc = true 1853 depends_on = ["aws_internet_gateway.gw"] 1854 } 1855 ` 1856 1857 func testAccInstanceConfigKeyPair(keyPairName string) string { 1858 return fmt.Sprintf(` 1859 provider "aws" { 1860 region = "us-east-1" 1861 } 1862 1863 resource "aws_key_pair" "debugging" { 1864 key_name = "%s" 1865 public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 phodgson@thoughtworks.com" 1866 } 1867 1868 resource "aws_instance" "foo" { 1869 ami = "ami-408c7f28" 1870 instance_type = "t1.micro" 1871 key_name = "${aws_key_pair.debugging.key_name}" 1872 tags { 1873 Name = "testAccInstanceConfigKeyPair_TestAMI" 1874 } 1875 } 1876 `, keyPairName) 1877 } 1878 1879 const testAccInstanceConfigRootBlockDeviceMismatch = ` 1880 resource "aws_vpc" "foo" { 1881 cidr_block = "10.1.0.0/16" 1882 } 1883 1884 resource "aws_subnet" "foo" { 1885 cidr_block = "10.1.1.0/24" 1886 vpc_id = "${aws_vpc.foo.id}" 1887 } 1888 1889 resource "aws_instance" "foo" { 1890 // This is an AMI with RootDeviceName: "/dev/sda1"; actual root: "/dev/sda" 1891 ami = "ami-ef5b69df" 1892 instance_type = "t1.micro" 1893 subnet_id = "${aws_subnet.foo.id}" 1894 root_block_device { 1895 volume_size = 13 1896 } 1897 } 1898 ` 1899 1900 const testAccInstanceConfigForceNewAndTagsDrift = ` 1901 resource "aws_vpc" "foo" { 1902 cidr_block = "10.1.0.0/16" 1903 } 1904 1905 resource "aws_subnet" "foo" { 1906 cidr_block = "10.1.1.0/24" 1907 vpc_id = "${aws_vpc.foo.id}" 1908 } 1909 1910 resource "aws_instance" "foo" { 1911 ami = "ami-22b9a343" 1912 instance_type = "t2.nano" 1913 subnet_id = "${aws_subnet.foo.id}" 1914 } 1915 ` 1916 1917 const testAccInstanceConfigForceNewAndTagsDrift_Update = ` 1918 resource "aws_vpc" "foo" { 1919 cidr_block = "10.1.0.0/16" 1920 } 1921 1922 resource "aws_subnet" "foo" { 1923 cidr_block = "10.1.1.0/24" 1924 vpc_id = "${aws_vpc.foo.id}" 1925 } 1926 1927 resource "aws_instance" "foo" { 1928 ami = "ami-22b9a343" 1929 instance_type = "t2.micro" 1930 subnet_id = "${aws_subnet.foo.id}" 1931 } 1932 ` 1933 1934 const testAccInstanceConfigPrimaryNetworkInterface = ` 1935 resource "aws_vpc" "foo" { 1936 cidr_block = "172.16.0.0/16" 1937 tags { 1938 Name = "tf-instance-test" 1939 } 1940 } 1941 1942 resource "aws_subnet" "foo" { 1943 vpc_id = "${aws_vpc.foo.id}" 1944 cidr_block = "172.16.10.0/24" 1945 availability_zone = "us-west-2a" 1946 tags { 1947 Name = "tf-instance-test" 1948 } 1949 } 1950 1951 resource "aws_network_interface" "bar" { 1952 subnet_id = "${aws_subnet.foo.id}" 1953 private_ips = ["172.16.10.100"] 1954 tags { 1955 Name = "primary_network_interface" 1956 } 1957 } 1958 1959 resource "aws_instance" "foo" { 1960 ami = "ami-22b9a343" 1961 instance_type = "t2.micro" 1962 network_interface { 1963 network_interface_id = "${aws_network_interface.bar.id}" 1964 device_index = 0 1965 } 1966 } 1967 ` 1968 1969 const testAccInstanceConfigPrimaryNetworkInterfaceSourceDestCheck = ` 1970 resource "aws_vpc" "foo" { 1971 cidr_block = "172.16.0.0/16" 1972 tags { 1973 Name = "tf-instance-test" 1974 } 1975 } 1976 1977 resource "aws_subnet" "foo" { 1978 vpc_id = "${aws_vpc.foo.id}" 1979 cidr_block = "172.16.10.0/24" 1980 availability_zone = "us-west-2a" 1981 tags { 1982 Name = "tf-instance-test" 1983 } 1984 } 1985 1986 resource "aws_network_interface" "bar" { 1987 subnet_id = "${aws_subnet.foo.id}" 1988 private_ips = ["172.16.10.100"] 1989 source_dest_check = false 1990 tags { 1991 Name = "primary_network_interface" 1992 } 1993 } 1994 1995 resource "aws_instance" "foo" { 1996 ami = "ami-22b9a343" 1997 instance_type = "t2.micro" 1998 network_interface { 1999 network_interface_id = "${aws_network_interface.bar.id}" 2000 device_index = 0 2001 } 2002 } 2003 ` 2004 2005 const testAccInstanceConfigAddSecondaryNetworkInterfaceBefore = ` 2006 resource "aws_vpc" "foo" { 2007 cidr_block = "172.16.0.0/16" 2008 tags { 2009 Name = "tf-instance-test" 2010 } 2011 } 2012 2013 resource "aws_subnet" "foo" { 2014 vpc_id = "${aws_vpc.foo.id}" 2015 cidr_block = "172.16.10.0/24" 2016 availability_zone = "us-west-2a" 2017 tags { 2018 Name = "tf-instance-test" 2019 } 2020 } 2021 2022 resource "aws_network_interface" "primary" { 2023 subnet_id = "${aws_subnet.foo.id}" 2024 private_ips = ["172.16.10.100"] 2025 tags { 2026 Name = "primary_network_interface" 2027 } 2028 } 2029 2030 resource "aws_network_interface" "secondary" { 2031 subnet_id = "${aws_subnet.foo.id}" 2032 private_ips = ["172.16.10.101"] 2033 tags { 2034 Name = "secondary_network_interface" 2035 } 2036 } 2037 2038 resource "aws_instance" "foo" { 2039 ami = "ami-22b9a343" 2040 instance_type = "t2.micro" 2041 network_interface { 2042 network_interface_id = "${aws_network_interface.primary.id}" 2043 device_index = 0 2044 } 2045 } 2046 ` 2047 2048 const testAccInstanceConfigAddSecondaryNetworkInterfaceAfter = ` 2049 resource "aws_vpc" "foo" { 2050 cidr_block = "172.16.0.0/16" 2051 tags { 2052 Name = "tf-instance-test" 2053 } 2054 } 2055 2056 resource "aws_subnet" "foo" { 2057 vpc_id = "${aws_vpc.foo.id}" 2058 cidr_block = "172.16.10.0/24" 2059 availability_zone = "us-west-2a" 2060 tags { 2061 Name = "tf-instance-test" 2062 } 2063 } 2064 2065 resource "aws_network_interface" "primary" { 2066 subnet_id = "${aws_subnet.foo.id}" 2067 private_ips = ["172.16.10.100"] 2068 tags { 2069 Name = "primary_network_interface" 2070 } 2071 } 2072 2073 // Attach previously created network interface, observe no state diff on instance resource 2074 resource "aws_network_interface" "secondary" { 2075 subnet_id = "${aws_subnet.foo.id}" 2076 private_ips = ["172.16.10.101"] 2077 tags { 2078 Name = "secondary_network_interface" 2079 } 2080 attachment { 2081 instance = "${aws_instance.foo.id}" 2082 device_index = 1 2083 } 2084 } 2085 2086 resource "aws_instance" "foo" { 2087 ami = "ami-22b9a343" 2088 instance_type = "t2.micro" 2089 network_interface { 2090 network_interface_id = "${aws_network_interface.primary.id}" 2091 device_index = 0 2092 } 2093 } 2094 ` 2095 2096 const testAccInstanceConfigAddSecurityGroupBefore = ` 2097 resource "aws_vpc" "foo" { 2098 cidr_block = "172.16.0.0/16" 2099 tags { 2100 Name = "tf-eni-test" 2101 } 2102 } 2103 2104 resource "aws_subnet" "foo" { 2105 vpc_id = "${aws_vpc.foo.id}" 2106 cidr_block = "172.16.10.0/24" 2107 availability_zone = "us-west-2a" 2108 tags { 2109 Name = "tf-foo-instance-add-sg-test" 2110 } 2111 } 2112 2113 resource "aws_subnet" "bar" { 2114 vpc_id = "${aws_vpc.foo.id}" 2115 cidr_block = "172.16.11.0/24" 2116 availability_zone = "us-west-2a" 2117 tags { 2118 Name = "tf-bar-instance-add-sg-test" 2119 } 2120 } 2121 2122 resource "aws_security_group" "foo" { 2123 vpc_id = "${aws_vpc.foo.id}" 2124 description = "foo" 2125 name = "foo" 2126 } 2127 2128 resource "aws_security_group" "bar" { 2129 vpc_id = "${aws_vpc.foo.id}" 2130 description = "bar" 2131 name = "bar" 2132 } 2133 2134 resource "aws_instance" "foo" { 2135 ami = "ami-c5eabbf5" 2136 instance_type = "t2.micro" 2137 subnet_id = "${aws_subnet.bar.id}" 2138 associate_public_ip_address = false 2139 vpc_security_group_ids = [ 2140 "${aws_security_group.foo.id}" 2141 ] 2142 tags { 2143 Name = "foo-instance-sg-add-test" 2144 } 2145 } 2146 2147 resource "aws_network_interface" "bar" { 2148 subnet_id = "${aws_subnet.foo.id}" 2149 private_ips = ["172.16.10.100"] 2150 security_groups = ["${aws_security_group.foo.id}"] 2151 attachment { 2152 instance = "${aws_instance.foo.id}" 2153 device_index = 1 2154 } 2155 tags { 2156 Name = "bar_interface" 2157 } 2158 } 2159 ` 2160 2161 const testAccInstanceConfigAddSecurityGroupAfter = ` 2162 resource "aws_vpc" "foo" { 2163 cidr_block = "172.16.0.0/16" 2164 tags { 2165 Name = "tf-eni-test" 2166 } 2167 } 2168 2169 resource "aws_subnet" "foo" { 2170 vpc_id = "${aws_vpc.foo.id}" 2171 cidr_block = "172.16.10.0/24" 2172 availability_zone = "us-west-2a" 2173 tags { 2174 Name = "tf-foo-instance-add-sg-test" 2175 } 2176 } 2177 2178 resource "aws_subnet" "bar" { 2179 vpc_id = "${aws_vpc.foo.id}" 2180 cidr_block = "172.16.11.0/24" 2181 availability_zone = "us-west-2a" 2182 tags { 2183 Name = "tf-bar-instance-add-sg-test" 2184 } 2185 } 2186 2187 resource "aws_security_group" "foo" { 2188 vpc_id = "${aws_vpc.foo.id}" 2189 description = "foo" 2190 name = "foo" 2191 } 2192 2193 resource "aws_security_group" "bar" { 2194 vpc_id = "${aws_vpc.foo.id}" 2195 description = "bar" 2196 name = "bar" 2197 } 2198 2199 resource "aws_instance" "foo" { 2200 ami = "ami-c5eabbf5" 2201 instance_type = "t2.micro" 2202 subnet_id = "${aws_subnet.bar.id}" 2203 associate_public_ip_address = false 2204 vpc_security_group_ids = [ 2205 "${aws_security_group.foo.id}", 2206 "${aws_security_group.bar.id}" 2207 ] 2208 tags { 2209 Name = "foo-instance-sg-add-test" 2210 } 2211 } 2212 2213 resource "aws_network_interface" "bar" { 2214 subnet_id = "${aws_subnet.foo.id}" 2215 private_ips = ["172.16.10.100"] 2216 security_groups = ["${aws_security_group.foo.id}"] 2217 attachment { 2218 instance = "${aws_instance.foo.id}" 2219 device_index = 1 2220 } 2221 tags { 2222 Name = "bar_interface" 2223 } 2224 } 2225 `