github.com/andresvia/terraform@v0.6.15-0.20160412045437-d51c75946785/builtin/providers/aws/resource_aws_iam_group_membership_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "strings" 6 "testing" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/aws/awserr" 10 "github.com/aws/aws-sdk-go/service/iam" 11 "github.com/hashicorp/terraform/helper/acctest" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestAccAWSGroupMembership_basic(t *testing.T) { 17 var group iam.GetGroupOutput 18 19 rString := acctest.RandStringFromCharSet(10, acctest.CharSetAlpha) 20 configBase := fmt.Sprintf(testAccAWSGroupMemberConfig, rString, rString, rString) 21 configUpdate := fmt.Sprintf(testAccAWSGroupMemberConfigUpdate, rString, rString, rString, rString, rString) 22 configUpdateDown := fmt.Sprintf(testAccAWSGroupMemberConfigUpdateDown, rString, rString, rString) 23 24 testUser := fmt.Sprintf("test-user-%s", rString) 25 testUserTwo := fmt.Sprintf("test-user-two-%s", rString) 26 testUserThree := fmt.Sprintf("test-user-three-%s", rString) 27 28 resource.Test(t, resource.TestCase{ 29 PreCheck: func() { testAccPreCheck(t) }, 30 Providers: testAccProviders, 31 CheckDestroy: testAccCheckAWSGroupMembershipDestroy, 32 Steps: []resource.TestStep{ 33 resource.TestStep{ 34 Config: configBase, 35 Check: resource.ComposeTestCheckFunc( 36 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 37 testAccCheckAWSGroupMembershipAttributes(&group, []string{testUser}), 38 ), 39 }, 40 41 resource.TestStep{ 42 Config: configUpdate, 43 Check: resource.ComposeTestCheckFunc( 44 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 45 testAccCheckAWSGroupMembershipAttributes(&group, []string{testUserTwo, testUserThree}), 46 ), 47 }, 48 49 resource.TestStep{ 50 Config: configUpdateDown, 51 Check: resource.ComposeTestCheckFunc( 52 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 53 testAccCheckAWSGroupMembershipAttributes(&group, []string{testUserThree}), 54 ), 55 }, 56 }, 57 }) 58 } 59 60 func testAccCheckAWSGroupMembershipDestroy(s *terraform.State) error { 61 conn := testAccProvider.Meta().(*AWSClient).iamconn 62 63 for _, rs := range s.RootModule().Resources { 64 if rs.Type != "aws_iam_group_membership" { 65 continue 66 } 67 68 group := rs.Primary.Attributes["group"] 69 70 _, err := conn.GetGroup(&iam.GetGroupInput{ 71 GroupName: aws.String(group), 72 }) 73 if err != nil { 74 // Verify the error is what we want 75 if ae, ok := err.(awserr.Error); ok && ae.Code() == "NoSuchEntity" { 76 continue 77 } 78 return err 79 } 80 81 return fmt.Errorf("still exists") 82 } 83 84 return nil 85 } 86 87 func testAccCheckAWSGroupMembershipExists(n string, g *iam.GetGroupOutput) resource.TestCheckFunc { 88 return func(s *terraform.State) error { 89 rs, ok := s.RootModule().Resources[n] 90 if !ok { 91 return fmt.Errorf("Not found: %s", n) 92 } 93 94 if rs.Primary.ID == "" { 95 return fmt.Errorf("No User name is set") 96 } 97 98 conn := testAccProvider.Meta().(*AWSClient).iamconn 99 gn := rs.Primary.Attributes["group"] 100 101 resp, err := conn.GetGroup(&iam.GetGroupInput{ 102 GroupName: aws.String(gn), 103 }) 104 105 if err != nil { 106 return fmt.Errorf("Error: Group (%s) not found", gn) 107 } 108 109 *g = *resp 110 111 return nil 112 } 113 } 114 115 func testAccCheckAWSGroupMembershipAttributes(group *iam.GetGroupOutput, users []string) resource.TestCheckFunc { 116 return func(s *terraform.State) error { 117 if !strings.Contains(*group.Group.GroupName, "test-group") { 118 return fmt.Errorf("Bad group membership: expected %s, got %s", "test-group", *group.Group.GroupName) 119 } 120 121 uc := len(users) 122 for _, u := range users { 123 for _, gu := range group.Users { 124 if u == *gu.UserName { 125 uc-- 126 } 127 } 128 } 129 130 if uc > 0 { 131 return fmt.Errorf("Bad group membership count, expected (%d), but only (%d) found", len(users), uc) 132 } 133 return nil 134 } 135 } 136 137 const testAccAWSGroupMemberConfig = ` 138 resource "aws_iam_group" "group" { 139 name = "test-group-%s" 140 path = "/" 141 } 142 143 resource "aws_iam_user" "user" { 144 name = "test-user-%s" 145 path = "/" 146 } 147 148 resource "aws_iam_group_membership" "team" { 149 name = "tf-testing-group-membership-%s" 150 users = ["${aws_iam_user.user.name}"] 151 group = "${aws_iam_group.group.name}" 152 } 153 ` 154 155 const testAccAWSGroupMemberConfigUpdate = ` 156 resource "aws_iam_group" "group" { 157 name = "test-group-%s" 158 path = "/" 159 } 160 161 resource "aws_iam_user" "user" { 162 name = "test-user-%s" 163 path = "/" 164 } 165 166 resource "aws_iam_user" "user_two" { 167 name = "test-user-two-%s" 168 path = "/" 169 } 170 171 resource "aws_iam_user" "user_three" { 172 name = "test-user-three-%s" 173 path = "/" 174 } 175 176 resource "aws_iam_group_membership" "team" { 177 name = "tf-testing-group-membership-%s" 178 users = [ 179 "${aws_iam_user.user_two.name}", 180 "${aws_iam_user.user_three.name}", 181 ] 182 group = "${aws_iam_group.group.name}" 183 } 184 ` 185 186 const testAccAWSGroupMemberConfigUpdateDown = ` 187 resource "aws_iam_group" "group" { 188 name = "test-group-%s" 189 path = "/" 190 } 191 192 resource "aws_iam_user" "user_three" { 193 name = "test-user-three-%s" 194 path = "/" 195 } 196 197 resource "aws_iam_group_membership" "team" { 198 name = "tf-testing-group-membership-%s" 199 users = [ 200 "${aws_iam_user.user_three.name}", 201 ] 202 group = "${aws_iam_group.group.name}" 203 } 204 `