github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/resource_aws_iam_instance_profile_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "regexp" 6 "strings" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awserr" 11 "github.com/aws/aws-sdk-go/service/iam" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/terraform" 15 ) 16 17 func TestAccAWSIAMInstanceProfile_importBasic(t *testing.T) { 18 resourceName := "aws_iam_instance_profile.test" 19 rName := acctest.RandString(5) 20 21 resource.Test(t, resource.TestCase{ 22 PreCheck: func() { testAccPreCheck(t) }, 23 Providers: testAccProviders, 24 CheckDestroy: testAccCheckAWSInstanceProfileDestroy, 25 Steps: []resource.TestStep{ 26 { 27 Config: testAccAWSInstanceProfilePrefixNameConfig(rName), 28 }, 29 30 { 31 ResourceName: resourceName, 32 ImportState: true, 33 ImportStateVerify: true, 34 ImportStateVerifyIgnore: []string{"name_prefix"}, 35 }, 36 }, 37 }) 38 } 39 40 func TestAccAWSIAMInstanceProfile_basic(t *testing.T) { 41 var conf iam.GetInstanceProfileOutput 42 43 rName := acctest.RandString(5) 44 resource.Test(t, resource.TestCase{ 45 PreCheck: func() { testAccPreCheck(t) }, 46 Providers: testAccProviders, 47 Steps: []resource.TestStep{ 48 { 49 Config: testAccAwsIamInstanceProfileConfig(rName), 50 Check: resource.ComposeTestCheckFunc( 51 testAccCheckAWSInstanceProfileExists("aws_iam_instance_profile.test", &conf), 52 ), 53 }, 54 }, 55 }) 56 } 57 58 func TestAccAWSIAMInstanceProfile_withRoleNotRoles(t *testing.T) { 59 var conf iam.GetInstanceProfileOutput 60 61 rName := acctest.RandString(5) 62 resource.Test(t, resource.TestCase{ 63 PreCheck: func() { testAccPreCheck(t) }, 64 Providers: testAccProviders, 65 Steps: []resource.TestStep{ 66 { 67 Config: testAccAWSInstanceProfileWithRoleSpecified(rName), 68 Check: resource.ComposeTestCheckFunc( 69 testAccCheckAWSInstanceProfileExists("aws_iam_instance_profile.test", &conf), 70 ), 71 }, 72 }, 73 }) 74 } 75 76 func TestAccAWSIAMInstanceProfile_missingRoleThrowsError(t *testing.T) { 77 rName := acctest.RandString(5) 78 resource.Test(t, resource.TestCase{ 79 PreCheck: func() { testAccPreCheck(t) }, 80 Providers: testAccProviders, 81 Steps: []resource.TestStep{ 82 { 83 Config: testAccAwsIamInstanceProfileConfigMissingRole(rName), 84 ExpectError: regexp.MustCompile(regexp.QuoteMeta("Either `role` or `roles` (deprecated) must be specified when creating an IAM Instance Profile")), 85 }, 86 }, 87 }) 88 } 89 90 func TestAccAWSIAMInstanceProfile_namePrefix(t *testing.T) { 91 var conf iam.GetInstanceProfileOutput 92 rName := acctest.RandString(5) 93 94 resource.Test(t, resource.TestCase{ 95 PreCheck: func() { testAccPreCheck(t) }, 96 IDRefreshName: "aws_iam_instance_profile.test", 97 IDRefreshIgnore: []string{"name_prefix"}, 98 Providers: testAccProviders, 99 CheckDestroy: testAccCheckAWSInstanceProfileDestroy, 100 Steps: []resource.TestStep{ 101 { 102 Config: testAccAWSInstanceProfilePrefixNameConfig(rName), 103 Check: resource.ComposeTestCheckFunc( 104 testAccCheckAWSInstanceProfileExists("aws_iam_instance_profile.test", &conf), 105 testAccCheckAWSInstanceProfileGeneratedNamePrefix( 106 "aws_iam_instance_profile.test", "test-"), 107 ), 108 }, 109 }, 110 }) 111 } 112 113 func testAccCheckAWSInstanceProfileGeneratedNamePrefix(resource, prefix string) resource.TestCheckFunc { 114 return func(s *terraform.State) error { 115 r, ok := s.RootModule().Resources[resource] 116 if !ok { 117 return fmt.Errorf("Resource not found") 118 } 119 name, ok := r.Primary.Attributes["name"] 120 if !ok { 121 return fmt.Errorf("Name attr not found: %#v", r.Primary.Attributes) 122 } 123 if !strings.HasPrefix(name, prefix) { 124 return fmt.Errorf("Name: %q, does not have prefix: %q", name, prefix) 125 } 126 return nil 127 } 128 } 129 130 func testAccCheckAWSInstanceProfileDestroy(s *terraform.State) error { 131 iamconn := testAccProvider.Meta().(*AWSClient).iamconn 132 133 for _, rs := range s.RootModule().Resources { 134 if rs.Type != "aws_iam_instance_profile" { 135 continue 136 } 137 138 // Try to get role 139 _, err := iamconn.GetInstanceProfile(&iam.GetInstanceProfileInput{ 140 InstanceProfileName: aws.String(rs.Primary.ID), 141 }) 142 if err == nil { 143 return fmt.Errorf("still exist.") 144 } 145 146 // Verify the error is what we want 147 ec2err, ok := err.(awserr.Error) 148 if !ok { 149 return err 150 } 151 if ec2err.Code() != "NoSuchEntity" { 152 return err 153 } 154 } 155 156 return nil 157 } 158 159 func testAccCheckAWSInstanceProfileExists(n string, res *iam.GetInstanceProfileOutput) resource.TestCheckFunc { 160 return func(s *terraform.State) error { 161 rs, ok := s.RootModule().Resources[n] 162 if !ok { 163 return fmt.Errorf("Not found: %s", n) 164 } 165 166 if rs.Primary.ID == "" { 167 return fmt.Errorf("No Instance Profile name is set") 168 } 169 170 iamconn := testAccProvider.Meta().(*AWSClient).iamconn 171 172 resp, err := iamconn.GetInstanceProfile(&iam.GetInstanceProfileInput{ 173 InstanceProfileName: aws.String(rs.Primary.ID), 174 }) 175 if err != nil { 176 return err 177 } 178 179 *res = *resp 180 181 return nil 182 } 183 } 184 185 func testAccAwsIamInstanceProfileConfig(rName string) string { 186 return fmt.Sprintf(` 187 resource "aws_iam_role" "test" { 188 name = "test-%s" 189 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 190 } 191 192 resource "aws_iam_instance_profile" "test" { 193 name = "test" 194 roles = ["${aws_iam_role.test.name}"] 195 }`, rName) 196 } 197 198 func testAccAwsIamInstanceProfileConfigMissingRole(rName string) string { 199 return fmt.Sprintf(` 200 resource "aws_iam_instance_profile" "test" { 201 name = "test-%s" 202 }`, rName) 203 } 204 205 func testAccAWSInstanceProfilePrefixNameConfig(rName string) string { 206 return fmt.Sprintf(` 207 resource "aws_iam_role" "test" { 208 name = "test-%s" 209 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 210 } 211 212 resource "aws_iam_instance_profile" "test" { 213 name_prefix = "test-" 214 roles = ["${aws_iam_role.test.name}"] 215 }`, rName) 216 } 217 218 func testAccAWSInstanceProfileWithRoleSpecified(rName string) string { 219 return fmt.Sprintf(` 220 resource "aws_iam_role" "test" { 221 name = "test-%s" 222 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 223 } 224 225 resource "aws_iam_instance_profile" "test" { 226 name_prefix = "test-" 227 role = "${aws_iam_role.test.name}" 228 }`, rName) 229 }