github.com/andresvia/terraform@v0.6.15-0.20160412045437-d51c75946785/builtin/providers/aws/resource_aws_opsworks_stack_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/acctest" 8 "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/terraform" 10 11 "github.com/aws/aws-sdk-go/aws" 12 "github.com/aws/aws-sdk-go/aws/awserr" 13 "github.com/aws/aws-sdk-go/service/opsworks" 14 ) 15 16 /////////////////////////////// 17 //// Tests for the No-VPC case 18 /////////////////////////////// 19 20 func TestAccAWSOpsworksStackNoVpc(t *testing.T) { 21 stackName := fmt.Sprintf("tf-opsworks-acc-%d", acctest.RandInt()) 22 resource.Test(t, resource.TestCase{ 23 PreCheck: func() { testAccPreCheck(t) }, 24 Providers: testAccProviders, 25 CheckDestroy: testAccCheckAwsOpsworksStackDestroy, 26 Steps: []resource.TestStep{ 27 resource.TestStep{ 28 Config: testAccAwsOpsworksStackConfigNoVpcCreate(stackName), 29 Check: testAccAwsOpsworksStackCheckResourceAttrsCreate("us-east-1c", stackName), 30 }, 31 // resource.TestStep{ 32 // Config: testAccAWSOpsworksStackConfigNoVpcUpdate(stackName), 33 // Check: testAccAwsOpsworksStackCheckResourceAttrsUpdate("us-east-1c", stackName), 34 // }, 35 }, 36 }) 37 } 38 39 func TestAccAWSOpsworksStackVpc(t *testing.T) { 40 stackName := fmt.Sprintf("tf-opsworks-acc-%d", acctest.RandInt()) 41 resource.Test(t, resource.TestCase{ 42 PreCheck: func() { testAccPreCheck(t) }, 43 Providers: testAccProviders, 44 CheckDestroy: testAccCheckAwsOpsworksStackDestroy, 45 Steps: []resource.TestStep{ 46 resource.TestStep{ 47 Config: testAccAwsOpsworksStackConfigVpcCreate(stackName), 48 Check: testAccAwsOpsworksStackCheckResourceAttrsCreate("us-west-2a", stackName), 49 }, 50 resource.TestStep{ 51 Config: testAccAWSOpsworksStackConfigVpcUpdate(stackName), 52 Check: resource.ComposeTestCheckFunc( 53 testAccAwsOpsworksStackCheckResourceAttrsUpdate("us-west-2a", stackName), 54 testAccAwsOpsworksCheckVpc, 55 ), 56 }, 57 }, 58 }) 59 } 60 61 //////////////////////////// 62 //// Checkers and Utilities 63 //////////////////////////// 64 65 func testAccAwsOpsworksStackCheckResourceAttrsCreate(zone, stackName string) resource.TestCheckFunc { 66 return resource.ComposeTestCheckFunc( 67 resource.TestCheckResourceAttr( 68 "aws_opsworks_stack.tf-acc", 69 "name", 70 stackName, 71 ), 72 resource.TestCheckResourceAttr( 73 "aws_opsworks_stack.tf-acc", 74 "default_availability_zone", 75 zone, 76 ), 77 resource.TestCheckResourceAttr( 78 "aws_opsworks_stack.tf-acc", 79 "default_os", 80 "Amazon Linux 2014.09", 81 ), 82 resource.TestCheckResourceAttr( 83 "aws_opsworks_stack.tf-acc", 84 "default_root_device_type", 85 "ebs", 86 ), 87 resource.TestCheckResourceAttr( 88 "aws_opsworks_stack.tf-acc", 89 "custom_json", 90 `{"key": "value"}`, 91 ), 92 resource.TestCheckResourceAttr( 93 "aws_opsworks_stack.tf-acc", 94 "configuration_manager_version", 95 "11.10", 96 ), 97 resource.TestCheckResourceAttr( 98 "aws_opsworks_stack.tf-acc", 99 "use_opsworks_security_groups", 100 "false", 101 ), 102 ) 103 } 104 105 func testAccAwsOpsworksStackCheckResourceAttrsUpdate(zone, stackName string) resource.TestCheckFunc { 106 return resource.ComposeTestCheckFunc( 107 resource.TestCheckResourceAttr( 108 "aws_opsworks_stack.tf-acc", 109 "name", 110 stackName, 111 ), 112 resource.TestCheckResourceAttr( 113 "aws_opsworks_stack.tf-acc", 114 "default_availability_zone", 115 zone, 116 ), 117 resource.TestCheckResourceAttr( 118 "aws_opsworks_stack.tf-acc", 119 "default_os", 120 "Amazon Linux 2014.09", 121 ), 122 resource.TestCheckResourceAttr( 123 "aws_opsworks_stack.tf-acc", 124 "default_root_device_type", 125 "ebs", 126 ), 127 resource.TestCheckResourceAttr( 128 "aws_opsworks_stack.tf-acc", 129 "custom_json", 130 `{"key": "value"}`, 131 ), 132 resource.TestCheckResourceAttr( 133 "aws_opsworks_stack.tf-acc", 134 "configuration_manager_version", 135 "11.10", 136 ), 137 resource.TestCheckResourceAttr( 138 "aws_opsworks_stack.tf-acc", 139 "use_opsworks_security_groups", 140 "false", 141 ), 142 resource.TestCheckResourceAttr( 143 "aws_opsworks_stack.tf-acc", 144 "use_custom_cookbooks", 145 "true", 146 ), 147 resource.TestCheckResourceAttr( 148 "aws_opsworks_stack.tf-acc", 149 "manage_berkshelf", 150 "true", 151 ), 152 resource.TestCheckResourceAttr( 153 "aws_opsworks_stack.tf-acc", 154 "custom_cookbooks_source.0.type", 155 "git", 156 ), 157 resource.TestCheckResourceAttr( 158 "aws_opsworks_stack.tf-acc", 159 "custom_cookbooks_source.0.revision", 160 "master", 161 ), 162 resource.TestCheckResourceAttr( 163 "aws_opsworks_stack.tf-acc", 164 "custom_cookbooks_source.0.url", 165 "https://github.com/aws/opsworks-example-cookbooks.git", 166 ), 167 ) 168 } 169 170 func testAccAwsOpsworksCheckVpc(s *terraform.State) error { 171 rs, ok := s.RootModule().Resources["aws_opsworks_stack.tf-acc"] 172 if !ok { 173 return fmt.Errorf("Not found: %s", "aws_opsworks_stack.tf-acc") 174 } 175 if rs.Primary.ID == "" { 176 return fmt.Errorf("No ID is set") 177 } 178 179 p := rs.Primary 180 181 opsworksconn := testAccProvider.Meta().(*AWSClient).opsworksconn 182 describeOpts := &opsworks.DescribeStacksInput{ 183 StackIds: []*string{aws.String(p.ID)}, 184 } 185 resp, err := opsworksconn.DescribeStacks(describeOpts) 186 if err != nil { 187 return err 188 } 189 if len(resp.Stacks) == 0 { 190 return fmt.Errorf("No stack %s not found", p.ID) 191 } 192 if p.Attributes["vpc_id"] != *resp.Stacks[0].VpcId { 193 return fmt.Errorf("VPCID Got %s, expected %s", *resp.Stacks[0].VpcId, p.Attributes["vpc_id"]) 194 } 195 if p.Attributes["default_subnet_id"] != *resp.Stacks[0].DefaultSubnetId { 196 return fmt.Errorf("VPCID Got %s, expected %s", *resp.Stacks[0].DefaultSubnetId, p.Attributes["default_subnet_id"]) 197 } 198 return nil 199 } 200 201 func testAccCheckAwsOpsworksStackDestroy(s *terraform.State) error { 202 opsworksconn := testAccProvider.Meta().(*AWSClient).opsworksconn 203 for _, rs := range s.RootModule().Resources { 204 if rs.Type != "aws_opsworks_stack" { 205 continue 206 } 207 208 req := &opsworks.DescribeStacksInput{ 209 StackIds: []*string{ 210 aws.String(rs.Primary.ID), 211 }, 212 } 213 214 _, err := opsworksconn.DescribeStacks(req) 215 if err != nil { 216 if awserr, ok := err.(awserr.Error); ok { 217 if awserr.Code() == "ResourceNotFoundException" { 218 // not found, all good 219 return nil 220 } 221 } 222 return err 223 } 224 } 225 return fmt.Errorf("Fall through error for OpsWorks stack test") 226 } 227 228 ////////////////////////////////////////////////// 229 //// Helper configs for the necessary IAM objects 230 ////////////////////////////////////////////////// 231 232 func testAccAwsOpsworksStackConfigNoVpcCreate(name string) string { 233 return fmt.Sprintf(` 234 resource "aws_opsworks_stack" "tf-acc" { 235 name = "%s" 236 region = "us-east-1" 237 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 238 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 239 default_availability_zone = "us-east-1c" 240 default_os = "Amazon Linux 2014.09" 241 default_root_device_type = "ebs" 242 custom_json = "{\"key\": \"value\"}" 243 configuration_manager_version = "11.10" 244 use_opsworks_security_groups = false 245 } 246 247 resource "aws_iam_role" "opsworks_service" { 248 name = "%s_opsworks_service" 249 assume_role_policy = <<EOT 250 { 251 "Version": "2008-10-17", 252 "Statement": [ 253 { 254 "Sid": "", 255 "Effect": "Allow", 256 "Principal": { 257 "Service": "opsworks.amazonaws.com" 258 }, 259 "Action": "sts:AssumeRole" 260 } 261 ] 262 } 263 EOT 264 } 265 266 resource "aws_iam_role_policy" "opsworks_service" { 267 name = "%s_opsworks_service" 268 role = "${aws_iam_role.opsworks_service.id}" 269 policy = <<EOT 270 { 271 "Statement": [ 272 { 273 "Action": [ 274 "ec2:*", 275 "iam:PassRole", 276 "cloudwatch:GetMetricStatistics", 277 "elasticloadbalancing:*", 278 "rds:*" 279 ], 280 "Effect": "Allow", 281 "Resource": ["*"] 282 } 283 ] 284 } 285 EOT 286 } 287 288 resource "aws_iam_role" "opsworks_instance" { 289 name = "%s_opsworks_instance" 290 assume_role_policy = <<EOT 291 { 292 "Version": "2008-10-17", 293 "Statement": [ 294 { 295 "Sid": "", 296 "Effect": "Allow", 297 "Principal": { 298 "Service": "ec2.amazonaws.com" 299 }, 300 "Action": "sts:AssumeRole" 301 } 302 ] 303 } 304 EOT 305 } 306 307 resource "aws_iam_instance_profile" "opsworks_instance" { 308 name = "%s_opsworks_instance" 309 roles = ["${aws_iam_role.opsworks_instance.name}"] 310 }`, name, name, name, name, name) 311 } 312 313 func testAccAWSOpsworksStackConfigNoVpcUpdate(name string) string { 314 return fmt.Sprintf(` 315 resource "aws_opsworks_stack" "tf-acc" { 316 name = "%s" 317 region = "us-east-1" 318 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 319 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 320 default_availability_zone = "us-east-1c" 321 default_os = "Amazon Linux 2014.09" 322 default_root_device_type = "ebs" 323 custom_json = "{\"key\": \"value\"}" 324 configuration_manager_version = "11.10" 325 use_opsworks_security_groups = false 326 use_custom_cookbooks = true 327 manage_berkshelf = true 328 custom_cookbooks_source { 329 type = "git" 330 revision = "master" 331 url = "https://github.com/aws/opsworks-example-cookbooks.git" 332 } 333 resource "aws_iam_role" "opsworks_service" { 334 name = "%s_opsworks_service" 335 assume_role_policy = <<EOT 336 { 337 "Version": "2008-10-17", 338 "Statement": [ 339 { 340 "Sid": "", 341 "Effect": "Allow", 342 "Principal": { 343 "Service": "opsworks.amazonaws.com" 344 }, 345 "Action": "sts:AssumeRole" 346 } 347 ] 348 } 349 EOT 350 } 351 352 resource "aws_iam_role_policy" "opsworks_service" { 353 name = "%s_opsworks_service" 354 role = "${aws_iam_role.opsworks_service.id}" 355 policy = <<EOT 356 { 357 "Statement": [ 358 { 359 "Action": [ 360 "ec2:*", 361 "iam:PassRole", 362 "cloudwatch:GetMetricStatistics", 363 "elasticloadbalancing:*", 364 "rds:*" 365 ], 366 "Effect": "Allow", 367 "Resource": ["*"] 368 } 369 ] 370 } 371 EOT 372 } 373 374 resource "aws_iam_role" "opsworks_instance" { 375 name = "%s_opsworks_instance" 376 assume_role_policy = <<EOT 377 { 378 "Version": "2008-10-17", 379 "Statement": [ 380 { 381 "Sid": "", 382 "Effect": "Allow", 383 "Principal": { 384 "Service": "ec2.amazonaws.com" 385 }, 386 "Action": "sts:AssumeRole" 387 } 388 ] 389 } 390 EOT 391 } 392 393 resource "aws_iam_instance_profile" "opsworks_instance" { 394 name = "%s_opsworks_instance" 395 roles = ["${aws_iam_role.opsworks_instance.name}"] 396 } 397 `, name, name, name, name, name) 398 } 399 400 //////////////////////////// 401 //// Tests for the VPC case 402 //////////////////////////// 403 404 func testAccAwsOpsworksStackConfigVpcCreate(name string) string { 405 return fmt.Sprintf(` 406 resource "aws_vpc" "tf-acc" { 407 cidr_block = "10.3.5.0/24" 408 } 409 resource "aws_subnet" "tf-acc" { 410 vpc_id = "${aws_vpc.tf-acc.id}" 411 cidr_block = "${aws_vpc.tf-acc.cidr_block}" 412 availability_zone = "us-west-2a" 413 } 414 resource "aws_opsworks_stack" "tf-acc" { 415 name = "%s" 416 region = "us-west-2" 417 vpc_id = "${aws_vpc.tf-acc.id}" 418 default_subnet_id = "${aws_subnet.tf-acc.id}" 419 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 420 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 421 default_os = "Amazon Linux 2014.09" 422 default_root_device_type = "ebs" 423 custom_json = "{\"key\": \"value\"}" 424 configuration_manager_version = "11.10" 425 use_opsworks_security_groups = false 426 } 427 428 resource "aws_iam_role" "opsworks_service" { 429 name = "%s_opsworks_service" 430 assume_role_policy = <<EOT 431 { 432 "Version": "2008-10-17", 433 "Statement": [ 434 { 435 "Sid": "", 436 "Effect": "Allow", 437 "Principal": { 438 "Service": "opsworks.amazonaws.com" 439 }, 440 "Action": "sts:AssumeRole" 441 } 442 ] 443 } 444 EOT 445 } 446 447 resource "aws_iam_role_policy" "opsworks_service" { 448 name = "%s_opsworks_service" 449 role = "${aws_iam_role.opsworks_service.id}" 450 policy = <<EOT 451 { 452 "Statement": [ 453 { 454 "Action": [ 455 "ec2:*", 456 "iam:PassRole", 457 "cloudwatch:GetMetricStatistics", 458 "elasticloadbalancing:*", 459 "rds:*" 460 ], 461 "Effect": "Allow", 462 "Resource": ["*"] 463 } 464 ] 465 } 466 EOT 467 } 468 469 resource "aws_iam_role" "opsworks_instance" { 470 name = "%s_opsworks_instance" 471 assume_role_policy = <<EOT 472 { 473 "Version": "2008-10-17", 474 "Statement": [ 475 { 476 "Sid": "", 477 "Effect": "Allow", 478 "Principal": { 479 "Service": "ec2.amazonaws.com" 480 }, 481 "Action": "sts:AssumeRole" 482 } 483 ] 484 } 485 EOT 486 } 487 488 resource "aws_iam_instance_profile" "opsworks_instance" { 489 name = "%s_opsworks_instance" 490 roles = ["${aws_iam_role.opsworks_instance.name}"] 491 } 492 `, name, name, name, name, name) 493 } 494 495 func testAccAWSOpsworksStackConfigVpcUpdate(name string) string { 496 return fmt.Sprintf(` 497 resource "aws_vpc" "tf-acc" { 498 cidr_block = "10.3.5.0/24" 499 } 500 resource "aws_subnet" "tf-acc" { 501 vpc_id = "${aws_vpc.tf-acc.id}" 502 cidr_block = "${aws_vpc.tf-acc.cidr_block}" 503 availability_zone = "us-west-2a" 504 } 505 resource "aws_opsworks_stack" "tf-acc" { 506 name = "%s" 507 region = "us-west-2" 508 vpc_id = "${aws_vpc.tf-acc.id}" 509 default_subnet_id = "${aws_subnet.tf-acc.id}" 510 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 511 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 512 default_os = "Amazon Linux 2014.09" 513 default_root_device_type = "ebs" 514 custom_json = "{\"key\": \"value\"}" 515 configuration_manager_version = "11.10" 516 use_opsworks_security_groups = false 517 use_custom_cookbooks = true 518 manage_berkshelf = true 519 custom_cookbooks_source { 520 type = "git" 521 revision = "master" 522 url = "https://github.com/aws/opsworks-example-cookbooks.git" 523 } 524 } 525 526 resource "aws_iam_role" "opsworks_service" { 527 name = "%s_opsworks_service" 528 assume_role_policy = <<EOT 529 { 530 "Version": "2008-10-17", 531 "Statement": [ 532 { 533 "Sid": "", 534 "Effect": "Allow", 535 "Principal": { 536 "Service": "opsworks.amazonaws.com" 537 }, 538 "Action": "sts:AssumeRole" 539 } 540 ] 541 } 542 EOT 543 } 544 545 resource "aws_iam_role_policy" "opsworks_service" { 546 name = "%s_opsworks_service" 547 role = "${aws_iam_role.opsworks_service.id}" 548 policy = <<EOT 549 { 550 "Statement": [ 551 { 552 "Action": [ 553 "ec2:*", 554 "iam:PassRole", 555 "cloudwatch:GetMetricStatistics", 556 "elasticloadbalancing:*", 557 "rds:*" 558 ], 559 "Effect": "Allow", 560 "Resource": ["*"] 561 } 562 ] 563 } 564 EOT 565 } 566 567 resource "aws_iam_role" "opsworks_instance" { 568 name = "%s_opsworks_instance" 569 assume_role_policy = <<EOT 570 { 571 "Version": "2008-10-17", 572 "Statement": [ 573 { 574 "Sid": "", 575 "Effect": "Allow", 576 "Principal": { 577 "Service": "ec2.amazonaws.com" 578 }, 579 "Action": "sts:AssumeRole" 580 } 581 ] 582 } 583 EOT 584 } 585 586 resource "aws_iam_instance_profile" "opsworks_instance" { 587 name = "%s_opsworks_instance" 588 roles = ["${aws_iam_role.opsworks_instance.name}"] 589 } 590 591 `, name, name, name, name, name) 592 }