github.com/bendemaree/terraform@v0.5.4-0.20150613200311-f50d97d6eee6/builtin/providers/azure/resource_azure_security_group_rule_test.go (about) 1 package azure 2 3 import ( 4 "fmt" 5 "testing" 6 7 netsecgroup "github.com/Azure/azure-sdk-for-go/management/networksecuritygroup" 8 "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/terraform" 10 ) 11 12 func TestAccAzureSecurityGroupRule(t *testing.T) { 13 name := "azure_security_group_rule.foo" 14 15 resource.Test(t, resource.TestCase{ 16 PreCheck: func() { testAccPreCheck(t) }, 17 Providers: testAccProviders, 18 CheckDestroy: testAccCheckAzureSecurityGroupRuleDeleted, 19 Steps: []resource.TestStep{ 20 resource.TestStep{ 21 Config: testAccAzureSecurityGroupRule, 22 Check: resource.ComposeTestCheckFunc( 23 testAccCheckAzureSecurityGroupRuleExists(name), 24 resource.TestCheckResourceAttr(name, "name", "terraform-secgroup-rule"), 25 resource.TestCheckResourceAttr(name, "security_group_name", testAccSecurityGroupName), 26 resource.TestCheckResourceAttr(name, "type", "Inbound"), 27 resource.TestCheckResourceAttr(name, "action", "Deny"), 28 resource.TestCheckResourceAttr(name, "priority", "200"), 29 resource.TestCheckResourceAttr(name, "source_address_prefix", "100.0.0.0/32"), 30 resource.TestCheckResourceAttr(name, "source_port_range", "1000"), 31 resource.TestCheckResourceAttr(name, "destination_address_prefix", "10.0.0.0/32"), 32 resource.TestCheckResourceAttr(name, "protocol", "TCP"), 33 ), 34 }, 35 }, 36 }) 37 } 38 39 func testAccCheckAzureSecurityGroupRuleExists(name string) resource.TestCheckFunc { 40 return func(s *terraform.State) error { 41 resource, ok := s.RootModule().Resources[name] 42 if !ok { 43 return fmt.Errorf("Azure security group rule not found: %s", name) 44 } 45 46 if resource.Primary.ID == "" { 47 return fmt.Errorf("Azure network security group rule ID not set: %s", name) 48 } 49 50 mgmtClient := testAccProvider.Meta().(*Client).mgmtClient 51 secGroupClient := netsecgroup.NewClient(mgmtClient) 52 53 secGroup, err := secGroupClient.GetNetworkSecurityGroup(testAccSecurityGroupName) 54 if err != nil { 55 return fmt.Errorf("Failed getting network security group details: %s", err) 56 } 57 58 for _, rule := range secGroup.Rules { 59 if rule.Name == resource.Primary.ID { 60 return nil 61 } 62 } 63 64 return fmt.Errorf("Azure security group rule doesn't exist: %s", name) 65 } 66 } 67 68 func testAccCheckAzureSecurityGroupRuleDeleted(s *terraform.State) error { 69 for _, resource := range s.RootModule().Resources { 70 if resource.Type != "azure_security_group_rule" { 71 continue 72 } 73 74 if resource.Primary.ID == "" { 75 return fmt.Errorf("Azure network security group ID not set.") 76 } 77 78 mgmtClient := testAccProvider.Meta().(*Client).mgmtClient 79 secGroupClient := netsecgroup.NewClient(mgmtClient) 80 81 secGroup, err := secGroupClient.GetNetworkSecurityGroup(testAccSecurityGroupName) 82 if err != nil { 83 return fmt.Errorf("Failed getting network security group details: %s", err) 84 } 85 86 for _, rule := range secGroup.Rules { 87 if rule.Name == resource.Primary.ID { 88 return fmt.Errorf("Azure network security group rule still exists!") 89 } 90 } 91 } 92 93 return nil 94 } 95 96 var testAccAzureSecurityGroupRule = testAccAzureSecurityGroupConfig + ` 97 resource "azure_security_group_rule" "foo" { 98 name = "terraform-secgroup-rule" 99 security_group_name = "${azure_security_group.foo.name}" 100 type = "Inbound" 101 action = "Deny" 102 priority = 200 103 source_address_prefix = "100.0.0.0/32" 104 source_port_range = "1000" 105 destination_address_prefix = "10.0.0.0/32" 106 destination_port_range = "1000" 107 protocol = "TCP" 108 } 109 `