github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/resource_aws_cognito_identity_pool_test.go (about) 1 package aws 2 3 import ( 4 "errors" 5 "fmt" 6 "testing" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/aws/awserr" 10 "github.com/aws/aws-sdk-go/service/cognitoidentity" 11 "github.com/hashicorp/terraform/helper/acctest" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestAccAWSCognitoIdentityPool_basic(t *testing.T) { 17 name := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 18 updatedName := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 19 20 resource.Test(t, resource.TestCase{ 21 PreCheck: func() { testAccPreCheck(t) }, 22 Providers: testAccProviders, 23 CheckDestroy: testAccCheckAWSCognitoIdentityPoolDestroy, 24 Steps: []resource.TestStep{ 25 { 26 Config: testAccAWSCognitoIdentityPoolConfig_basic(name), 27 Check: resource.ComposeAggregateTestCheckFunc( 28 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 29 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 30 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "allow_unauthenticated_identities", "false"), 31 ), 32 }, 33 { 34 Config: testAccAWSCognitoIdentityPoolConfig_basic(updatedName), 35 Check: resource.ComposeAggregateTestCheckFunc( 36 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 37 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", updatedName)), 38 ), 39 }, 40 }, 41 }) 42 } 43 44 func TestAccAWSCognitoIdentityPool_supportedLoginProviders(t *testing.T) { 45 name := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 46 47 resource.Test(t, resource.TestCase{ 48 PreCheck: func() { testAccPreCheck(t) }, 49 Providers: testAccProviders, 50 CheckDestroy: testAccCheckAWSCognitoIdentityPoolDestroy, 51 Steps: []resource.TestStep{ 52 { 53 Config: testAccAWSCognitoIdentityPoolConfig_supportedLoginProviders(name), 54 Check: resource.ComposeAggregateTestCheckFunc( 55 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 56 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 57 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "supported_login_providers.graph.facebook.com", "7346241598935555"), 58 ), 59 }, 60 { 61 Config: testAccAWSCognitoIdentityPoolConfig_supportedLoginProvidersModified(name), 62 Check: resource.ComposeAggregateTestCheckFunc( 63 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 64 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 65 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "supported_login_providers.graph.facebook.com", "7346241598935552"), 66 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "supported_login_providers.accounts.google.com", "123456789012.apps.googleusercontent.com"), 67 ), 68 }, 69 { 70 Config: testAccAWSCognitoIdentityPoolConfig_basic(name), 71 Check: resource.ComposeAggregateTestCheckFunc( 72 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 73 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 74 ), 75 }, 76 }, 77 }) 78 } 79 80 func TestAccAWSCognitoIdentityPool_openidConnectProviderArns(t *testing.T) { 81 name := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 82 83 resource.Test(t, resource.TestCase{ 84 PreCheck: func() { testAccPreCheck(t) }, 85 Providers: testAccProviders, 86 CheckDestroy: testAccCheckAWSCognitoIdentityPoolDestroy, 87 Steps: []resource.TestStep{ 88 { 89 Config: testAccAWSCognitoIdentityPoolConfig_openidConnectProviderArns(name), 90 Check: resource.ComposeAggregateTestCheckFunc( 91 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 92 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 93 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "openid_connect_provider_arns.#", "1"), 94 ), 95 }, 96 { 97 Config: testAccAWSCognitoIdentityPoolConfig_openidConnectProviderArnsModified(name), 98 Check: resource.ComposeAggregateTestCheckFunc( 99 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 100 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 101 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "openid_connect_provider_arns.#", "2"), 102 ), 103 }, 104 { 105 Config: testAccAWSCognitoIdentityPoolConfig_basic(name), 106 Check: resource.ComposeAggregateTestCheckFunc( 107 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 108 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 109 ), 110 }, 111 }, 112 }) 113 } 114 115 func TestAccAWSCognitoIdentityPool_samlProviderArns(t *testing.T) { 116 name := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 117 118 resource.Test(t, resource.TestCase{ 119 PreCheck: func() { testAccPreCheck(t) }, 120 Providers: testAccProviders, 121 CheckDestroy: testAccCheckAWSCognitoIdentityPoolDestroy, 122 Steps: []resource.TestStep{ 123 { 124 Config: testAccAWSCognitoIdentityPoolConfig_samlProviderArns(name), 125 Check: resource.ComposeAggregateTestCheckFunc( 126 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 127 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 128 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "saml_provider_arns.#", "1"), 129 ), 130 }, 131 { 132 Config: testAccAWSCognitoIdentityPoolConfig_samlProviderArnsModified(name), 133 Check: resource.ComposeAggregateTestCheckFunc( 134 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 135 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 136 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "saml_provider_arns.#", "1"), 137 ), 138 }, 139 { 140 Config: testAccAWSCognitoIdentityPoolConfig_basic(name), 141 Check: resource.ComposeAggregateTestCheckFunc( 142 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 143 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 144 resource.TestCheckNoResourceAttr("aws_cognito_identity_pool.main", "saml_provider_arns.#"), 145 ), 146 }, 147 }, 148 }) 149 } 150 151 func TestAccAWSCognitoIdentityPool_cognitoIdentityProviders(t *testing.T) { 152 name := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 153 154 resource.Test(t, resource.TestCase{ 155 PreCheck: func() { testAccPreCheck(t) }, 156 Providers: testAccProviders, 157 CheckDestroy: testAccCheckAWSCognitoIdentityPoolDestroy, 158 Steps: []resource.TestStep{ 159 { 160 Config: testAccAWSCognitoIdentityPoolConfig_cognitoIdentityProviders(name), 161 Check: resource.ComposeAggregateTestCheckFunc( 162 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 163 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 164 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.66456389.client_id", "7lhlkkfbfb4q5kpp90urffao"), 165 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.66456389.provider_name", "cognito-idp.us-east-1.amazonaws.com/us-east-1_Zr231apJu"), 166 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.66456389.server_side_token_check", "false"), 167 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.3571192419.client_id", "7lhlkkfbfb4q5kpp90urffao"), 168 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.3571192419.provider_name", "cognito-idp.us-east-1.amazonaws.com/us-east-1_Ab129faBb"), 169 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.3571192419.server_side_token_check", "false"), 170 ), 171 }, 172 { 173 Config: testAccAWSCognitoIdentityPoolConfig_cognitoIdentityProvidersModified(name), 174 Check: resource.ComposeAggregateTestCheckFunc( 175 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 176 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 177 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.3661724441.client_id", "6lhlkkfbfb4q5kpp90urffae"), 178 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.3661724441.provider_name", "cognito-idp.us-east-1.amazonaws.com/us-east-1_Zr231apJu"), 179 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "cognito_identity_providers.3661724441.server_side_token_check", "false"), 180 ), 181 }, 182 { 183 Config: testAccAWSCognitoIdentityPoolConfig_basic(name), 184 Check: resource.ComposeAggregateTestCheckFunc( 185 testAccCheckAWSCognitoIdentityPoolExists("aws_cognito_identity_pool.main"), 186 resource.TestCheckResourceAttr("aws_cognito_identity_pool.main", "identity_pool_name", fmt.Sprintf("identity pool %s", name)), 187 ), 188 }, 189 }, 190 }) 191 } 192 193 func testAccCheckAWSCognitoIdentityPoolExists(n string) resource.TestCheckFunc { 194 return func(s *terraform.State) error { 195 rs, ok := s.RootModule().Resources[n] 196 if !ok { 197 return fmt.Errorf("Not found: %s", n) 198 } 199 200 if rs.Primary.ID == "" { 201 return errors.New("No Cognito Identity Pool ID is set") 202 } 203 204 conn := testAccProvider.Meta().(*AWSClient).cognitoconn 205 206 _, err := conn.DescribeIdentityPool(&cognitoidentity.DescribeIdentityPoolInput{ 207 IdentityPoolId: aws.String(rs.Primary.ID), 208 }) 209 210 if err != nil { 211 return err 212 } 213 214 return nil 215 } 216 } 217 218 func testAccCheckAWSCognitoIdentityPoolDestroy(s *terraform.State) error { 219 conn := testAccProvider.Meta().(*AWSClient).cognitoconn 220 221 for _, rs := range s.RootModule().Resources { 222 if rs.Type != "aws_cognito_identity_pool" { 223 continue 224 } 225 226 _, err := conn.DescribeIdentityPool(&cognitoidentity.DescribeIdentityPoolInput{ 227 IdentityPoolId: aws.String(rs.Primary.ID), 228 }) 229 230 if err != nil { 231 if wserr, ok := err.(awserr.Error); ok && wserr.Code() == "ResourceNotFoundException" { 232 return nil 233 } 234 return err 235 } 236 } 237 238 return nil 239 } 240 241 func testAccAWSCognitoIdentityPoolConfig_basic(name string) string { 242 return fmt.Sprintf(` 243 resource "aws_cognito_identity_pool" "main" { 244 identity_pool_name = "identity pool %s" 245 allow_unauthenticated_identities = false 246 developer_provider_name = "my.developer" 247 } 248 `, name) 249 } 250 251 func testAccAWSCognitoIdentityPoolConfig_supportedLoginProviders(name string) string { 252 return fmt.Sprintf(` 253 resource "aws_cognito_identity_pool" "main" { 254 identity_pool_name = "identity pool %s" 255 allow_unauthenticated_identities = false 256 257 supported_login_providers { 258 "graph.facebook.com" = "7346241598935555" 259 } 260 } 261 `, name) 262 } 263 264 func testAccAWSCognitoIdentityPoolConfig_supportedLoginProvidersModified(name string) string { 265 return fmt.Sprintf(` 266 resource "aws_cognito_identity_pool" "main" { 267 identity_pool_name = "identity pool %s" 268 allow_unauthenticated_identities = false 269 270 supported_login_providers { 271 "graph.facebook.com" = "7346241598935552" 272 "accounts.google.com" = "123456789012.apps.googleusercontent.com" 273 } 274 } 275 `, name) 276 } 277 278 func testAccAWSCognitoIdentityPoolConfig_openidConnectProviderArns(name string) string { 279 return fmt.Sprintf(` 280 resource "aws_cognito_identity_pool" "main" { 281 identity_pool_name = "identity pool %s" 282 allow_unauthenticated_identities = false 283 284 openid_connect_provider_arns = ["arn:aws:iam::123456789012:oidc-provider/server.example.com"] 285 } 286 `, name) 287 } 288 289 func testAccAWSCognitoIdentityPoolConfig_openidConnectProviderArnsModified(name string) string { 290 return fmt.Sprintf(` 291 resource "aws_cognito_identity_pool" "main" { 292 identity_pool_name = "identity pool %s" 293 allow_unauthenticated_identities = false 294 295 openid_connect_provider_arns = ["arn:aws:iam::123456789012:oidc-provider/foo.example.com", "arn:aws:iam::123456789012:oidc-provider/bar.example.com"] 296 } 297 `, name) 298 } 299 300 func testAccAWSCognitoIdentityPoolConfig_samlProviderArns(name string) string { 301 return fmt.Sprintf(` 302 resource "aws_iam_saml_provider" "default" { 303 name = "myprovider-%s" 304 saml_metadata_document = "${file("./test-fixtures/saml-metadata.xml")}" 305 } 306 307 resource "aws_cognito_identity_pool" "main" { 308 identity_pool_name = "identity pool %s" 309 allow_unauthenticated_identities = false 310 311 saml_provider_arns = ["${aws_iam_saml_provider.default.arn}"] 312 } 313 `, name, name) 314 } 315 316 func testAccAWSCognitoIdentityPoolConfig_samlProviderArnsModified(name string) string { 317 return fmt.Sprintf(` 318 resource "aws_iam_saml_provider" "default" { 319 name = "default-%s" 320 saml_metadata_document = "${file("./test-fixtures/saml-metadata.xml")}" 321 } 322 323 resource "aws_iam_saml_provider" "secondary" { 324 name = "secondary-%s" 325 saml_metadata_document = "${file("./test-fixtures/saml-metadata.xml")}" 326 } 327 328 resource "aws_cognito_identity_pool" "main" { 329 identity_pool_name = "identity pool %s" 330 allow_unauthenticated_identities = false 331 332 saml_provider_arns = ["${aws_iam_saml_provider.secondary.arn}"] 333 } 334 `, name, name, name) 335 } 336 337 func testAccAWSCognitoIdentityPoolConfig_cognitoIdentityProviders(name string) string { 338 return fmt.Sprintf(` 339 resource "aws_cognito_identity_pool" "main" { 340 identity_pool_name = "identity pool %s" 341 allow_unauthenticated_identities = false 342 343 cognito_identity_providers { 344 client_id = "7lhlkkfbfb4q5kpp90urffao" 345 provider_name = "cognito-idp.us-east-1.amazonaws.com/us-east-1_Ab129faBb" 346 server_side_token_check = false 347 } 348 349 cognito_identity_providers { 350 client_id = "7lhlkkfbfb4q5kpp90urffao" 351 provider_name = "cognito-idp.us-east-1.amazonaws.com/us-east-1_Zr231apJu" 352 server_side_token_check = false 353 } 354 } 355 `, name) 356 } 357 358 func testAccAWSCognitoIdentityPoolConfig_cognitoIdentityProvidersModified(name string) string { 359 return fmt.Sprintf(` 360 resource "aws_cognito_identity_pool" "main" { 361 identity_pool_name = "identity pool %s" 362 allow_unauthenticated_identities = false 363 364 cognito_identity_providers { 365 client_id = "6lhlkkfbfb4q5kpp90urffae" 366 provider_name = "cognito-idp.us-east-1.amazonaws.com/us-east-1_Zr231apJu" 367 server_side_token_check = false 368 } 369 } 370 `, name) 371 }