github.com/bigkraig/terraform@v0.6.4-0.20151219155159-c90d1b074e31/builtin/providers/aws/resource_aws_network_acl_rule_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/ec2" 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 ) 13 14 func TestAccAWSNetworkAclRule_basic(t *testing.T) { 15 var networkAcl ec2.NetworkAcl 16 17 resource.Test(t, resource.TestCase{ 18 PreCheck: func() { testAccPreCheck(t) }, 19 Providers: testAccProviders, 20 CheckDestroy: testAccCheckAWSNetworkAclRuleDestroy, 21 Steps: []resource.TestStep{ 22 resource.TestStep{ 23 Config: testAccAWSNetworkAclRuleBasicConfig, 24 Check: resource.ComposeTestCheckFunc( 25 testAccCheckAWSNetworkAclRuleExists("aws_network_acl_rule.bar", &networkAcl), 26 ), 27 }, 28 }, 29 }) 30 } 31 32 func testAccCheckAWSNetworkAclRuleDestroy(s *terraform.State) error { 33 34 for _, rs := range s.RootModule().Resources { 35 conn := testAccProvider.Meta().(*AWSClient).ec2conn 36 if rs.Type != "aws_network_acl_rule" { 37 continue 38 } 39 40 req := &ec2.DescribeNetworkAclsInput{ 41 NetworkAclIds: []*string{aws.String(rs.Primary.ID)}, 42 } 43 resp, err := conn.DescribeNetworkAcls(req) 44 if err == nil { 45 if len(resp.NetworkAcls) > 0 && *resp.NetworkAcls[0].NetworkAclId == rs.Primary.ID { 46 networkAcl := resp.NetworkAcls[0] 47 if networkAcl.Entries != nil { 48 return fmt.Errorf("Network ACL Entries still exist") 49 } 50 } 51 } 52 53 ec2err, ok := err.(awserr.Error) 54 if !ok { 55 return err 56 } 57 if ec2err.Code() != "InvalidNetworkAclEntry.NotFound" { 58 return err 59 } 60 } 61 62 return nil 63 } 64 65 func testAccCheckAWSNetworkAclRuleExists(n string, networkAcl *ec2.NetworkAcl) resource.TestCheckFunc { 66 67 return func(s *terraform.State) error { 68 conn := testAccProvider.Meta().(*AWSClient).ec2conn 69 rs, ok := s.RootModule().Resources[n] 70 if !ok { 71 return fmt.Errorf("Not found: %s", n) 72 } 73 74 if rs.Primary.ID == "" { 75 return fmt.Errorf("No Network ACL Id is set") 76 } 77 78 req := &ec2.DescribeNetworkAclsInput{ 79 NetworkAclIds: []*string{aws.String(rs.Primary.ID)}, 80 } 81 resp, err := conn.DescribeNetworkAcls(req) 82 if err == nil { 83 if len(resp.NetworkAcls) > 0 && *resp.NetworkAcls[0].NetworkAclId == rs.Primary.ID { 84 networkAcl := resp.NetworkAcls[0] 85 if networkAcl.Entries == nil { 86 return fmt.Errorf("No Network ACL Entries exist") 87 } 88 } 89 } 90 91 ec2err, ok := err.(awserr.Error) 92 if !ok { 93 return err 94 } 95 if ec2err.Code() != "InvalidNetworkAclEntry.NotFound" { 96 return err 97 } 98 99 return nil 100 } 101 102 return nil 103 } 104 105 const testAccAWSNetworkAclRuleBasicConfig = ` 106 provider "aws" { 107 region = "us-east-1" 108 } 109 resource "aws_vpc" "foo" { 110 cidr_block = "10.3.0.0/16" 111 } 112 resource "aws_network_acl" "bar" { 113 vpc_id = "${aws_vpc.foo.id}" 114 } 115 resource "aws_network_acl_rule" "bar" { 116 network_acl_id = "${aws_network_acl.bar.id}" 117 rule_number = 200 118 egress = false 119 protocol = "tcp" 120 rule_action = "allow" 121 cidr_block = "0.0.0.0/0" 122 from_port = 22 123 to_port = 22 124 } 125 `