github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/resource_aws_redshift_security_group_test.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	"github.com/aws/aws-sdk-go/aws"
     8  	"github.com/aws/aws-sdk-go/aws/awserr"
     9  	"github.com/aws/aws-sdk-go/service/redshift"
    10  	"github.com/hashicorp/terraform/helper/acctest"
    11  	"github.com/hashicorp/terraform/helper/resource"
    12  	"github.com/hashicorp/terraform/terraform"
    13  )
    14  
    15  func TestAccAWSRedshiftSecurityGroup_ingressCidr(t *testing.T) {
    16  	var v redshift.ClusterSecurityGroup
    17  	rInt := acctest.RandInt()
    18  
    19  	resource.Test(t, resource.TestCase{
    20  		PreCheck:     func() { testAccPreCheck(t) },
    21  		Providers:    testAccProviders,
    22  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
    23  		Steps: []resource.TestStep{
    24  			{
    25  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidr(rInt),
    26  				Check: resource.ComposeTestCheckFunc(
    27  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    28  					resource.TestCheckResourceAttr(
    29  						"aws_redshift_security_group.bar", "name", fmt.Sprintf("redshift-sg-terraform-%d", rInt)),
    30  					resource.TestCheckResourceAttr(
    31  						"aws_redshift_security_group.bar", "description", "Managed by Terraform"),
    32  					resource.TestCheckResourceAttr(
    33  						"aws_redshift_security_group.bar", "ingress.2735652665.cidr", "10.0.0.1/24"),
    34  					resource.TestCheckResourceAttr(
    35  						"aws_redshift_security_group.bar", "ingress.#", "1"),
    36  				),
    37  			},
    38  		},
    39  	})
    40  }
    41  
    42  func TestAccAWSRedshiftSecurityGroup_updateIngressCidr(t *testing.T) {
    43  	var v redshift.ClusterSecurityGroup
    44  	rInt := acctest.RandInt()
    45  
    46  	resource.Test(t, resource.TestCase{
    47  		PreCheck:     func() { testAccPreCheck(t) },
    48  		Providers:    testAccProviders,
    49  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
    50  		Steps: []resource.TestStep{
    51  			{
    52  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidr(rInt),
    53  				Check: resource.ComposeTestCheckFunc(
    54  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    55  					resource.TestCheckResourceAttr(
    56  						"aws_redshift_security_group.bar", "ingress.#", "1"),
    57  				),
    58  			},
    59  
    60  			{
    61  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidrAdd(rInt),
    62  				Check: resource.ComposeTestCheckFunc(
    63  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    64  					resource.TestCheckResourceAttr(
    65  						"aws_redshift_security_group.bar", "ingress.#", "3"),
    66  				),
    67  			},
    68  
    69  			{
    70  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidrReduce(rInt),
    71  				Check: resource.ComposeTestCheckFunc(
    72  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    73  					resource.TestCheckResourceAttr(
    74  						"aws_redshift_security_group.bar", "ingress.#", "2"),
    75  				),
    76  			},
    77  		},
    78  	})
    79  }
    80  
    81  func TestAccAWSRedshiftSecurityGroup_ingressSecurityGroup(t *testing.T) {
    82  	var v redshift.ClusterSecurityGroup
    83  	rInt := acctest.RandInt()
    84  
    85  	resource.Test(t, resource.TestCase{
    86  		PreCheck:     func() { testAccPreCheck(t) },
    87  		Providers:    testAccProviders,
    88  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
    89  		Steps: []resource.TestStep{
    90  			{
    91  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgId(rInt),
    92  				Check: resource.ComposeTestCheckFunc(
    93  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    94  					resource.TestCheckResourceAttr(
    95  						"aws_redshift_security_group.bar", "name", fmt.Sprintf("redshift-sg-terraform-%d", rInt)),
    96  					resource.TestCheckResourceAttr(
    97  						"aws_redshift_security_group.bar", "description", "this is a description"),
    98  					resource.TestCheckResourceAttr(
    99  						"aws_redshift_security_group.bar", "ingress.#", "1"),
   100  				),
   101  			},
   102  		},
   103  	})
   104  }
   105  
   106  func TestAccAWSRedshiftSecurityGroup_updateIngressSecurityGroup(t *testing.T) {
   107  	var v redshift.ClusterSecurityGroup
   108  	rInt := acctest.RandInt()
   109  
   110  	resource.Test(t, resource.TestCase{
   111  		PreCheck:     func() { testAccPreCheck(t) },
   112  		Providers:    testAccProviders,
   113  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
   114  		Steps: []resource.TestStep{
   115  			{
   116  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgId(rInt),
   117  				Check: resource.ComposeTestCheckFunc(
   118  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
   119  					resource.TestCheckResourceAttr(
   120  						"aws_redshift_security_group.bar", "ingress.#", "1"),
   121  				),
   122  			},
   123  
   124  			{
   125  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgIdAdd(rInt),
   126  				Check: resource.ComposeTestCheckFunc(
   127  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
   128  					resource.TestCheckResourceAttr(
   129  						"aws_redshift_security_group.bar", "ingress.#", "3"),
   130  				),
   131  			},
   132  
   133  			{
   134  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgIdReduce(rInt),
   135  				Check: resource.ComposeTestCheckFunc(
   136  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
   137  					resource.TestCheckResourceAttr(
   138  						"aws_redshift_security_group.bar", "ingress.#", "2"),
   139  				),
   140  			},
   141  		},
   142  	})
   143  }
   144  
   145  func testAccCheckAWSRedshiftSecurityGroupExists(n string, v *redshift.ClusterSecurityGroup) resource.TestCheckFunc {
   146  	return func(s *terraform.State) error {
   147  		rs, ok := s.RootModule().Resources[n]
   148  		if !ok {
   149  			return fmt.Errorf("Not found: %s", n)
   150  		}
   151  
   152  		if rs.Primary.ID == "" {
   153  			return fmt.Errorf("No Redshift Security Group ID is set")
   154  		}
   155  
   156  		conn := testAccProvider.Meta().(*AWSClient).redshiftconn
   157  
   158  		opts := redshift.DescribeClusterSecurityGroupsInput{
   159  			ClusterSecurityGroupName: aws.String(rs.Primary.ID),
   160  		}
   161  
   162  		resp, err := conn.DescribeClusterSecurityGroups(&opts)
   163  
   164  		if err != nil {
   165  			return err
   166  		}
   167  
   168  		if len(resp.ClusterSecurityGroups) != 1 ||
   169  			*resp.ClusterSecurityGroups[0].ClusterSecurityGroupName != rs.Primary.ID {
   170  			return fmt.Errorf("Redshift Security Group not found")
   171  		}
   172  
   173  		*v = *resp.ClusterSecurityGroups[0]
   174  
   175  		return nil
   176  	}
   177  }
   178  
   179  func testAccCheckAWSRedshiftSecurityGroupDestroy(s *terraform.State) error {
   180  	conn := testAccProvider.Meta().(*AWSClient).redshiftconn
   181  
   182  	for _, rs := range s.RootModule().Resources {
   183  		if rs.Type != "aws_redshift_security_group" {
   184  			continue
   185  		}
   186  
   187  		// Try to find the Group
   188  		resp, err := conn.DescribeClusterSecurityGroups(
   189  			&redshift.DescribeClusterSecurityGroupsInput{
   190  				ClusterSecurityGroupName: aws.String(rs.Primary.ID),
   191  			})
   192  
   193  		if err == nil {
   194  			if len(resp.ClusterSecurityGroups) != 0 &&
   195  				*resp.ClusterSecurityGroups[0].ClusterSecurityGroupName == rs.Primary.ID {
   196  				return fmt.Errorf("Redshift Security Group still exists")
   197  			}
   198  		}
   199  
   200  		// Verify the error
   201  		newerr, ok := err.(awserr.Error)
   202  		if !ok {
   203  			return err
   204  		}
   205  		if newerr.Code() != "ClusterSecurityGroupNotFound" {
   206  			return err
   207  		}
   208  	}
   209  
   210  	return nil
   211  }
   212  
   213  func TestResourceAWSRedshiftSecurityGroupNameValidation(t *testing.T) {
   214  	cases := []struct {
   215  		Value    string
   216  		ErrCount int
   217  	}{
   218  		{
   219  			Value:    "default",
   220  			ErrCount: 1,
   221  		},
   222  		{
   223  			Value:    "testing123%%",
   224  			ErrCount: 1,
   225  		},
   226  		{
   227  			Value:    "TestingSG",
   228  			ErrCount: 1,
   229  		},
   230  		{
   231  			Value:    randomString(256),
   232  			ErrCount: 1,
   233  		},
   234  	}
   235  
   236  	for _, tc := range cases {
   237  		_, errors := validateRedshiftSecurityGroupName(tc.Value, "aws_redshift_security_group_name")
   238  
   239  		if len(errors) != tc.ErrCount {
   240  			t.Fatalf("Expected the Redshift Security Group Name to trigger a validation error")
   241  		}
   242  	}
   243  }
   244  
   245  func testAccAWSRedshiftSecurityGroupConfig_ingressCidr(rInt int) string {
   246  	return fmt.Sprintf(`
   247  	provider "aws" {
   248  			region = "us-east-1"
   249  	}
   250  
   251  	resource "aws_redshift_security_group" "bar" {
   252  			name = "redshift-sg-terraform-%d"
   253  
   254  			ingress {
   255  					cidr = "10.0.0.1/24"
   256  			}
   257  	}`, rInt)
   258  }
   259  
   260  func testAccAWSRedshiftSecurityGroupConfig_ingressCidrAdd(rInt int) string {
   261  	return fmt.Sprintf(`
   262  	provider "aws" {
   263  			region = "us-east-1"
   264  	}
   265  
   266  	resource "aws_redshift_security_group" "bar" {
   267  			name = "redshift-sg-terraform-%d"
   268  			description = "this is a description"
   269  
   270  			ingress {
   271  					cidr = "10.0.0.1/24"
   272  			}
   273  
   274  			ingress {
   275  					cidr = "10.0.10.1/24"
   276  			}
   277  
   278  			ingress {
   279  					cidr = "10.0.20.1/24"
   280  			}
   281  	}`, rInt)
   282  }
   283  
   284  func testAccAWSRedshiftSecurityGroupConfig_ingressCidrReduce(rInt int) string {
   285  	return fmt.Sprintf(`
   286  	provider "aws" {
   287  			region = "us-east-1"
   288  	}
   289  
   290  	resource "aws_redshift_security_group" "bar" {
   291  			name = "redshift-sg-terraform-%d"
   292  			description = "this is a description"
   293  
   294  			ingress {
   295  					cidr = "10.0.0.1/24"
   296  			}
   297  
   298  			ingress {
   299  					cidr = "10.0.10.1/24"
   300  			}
   301  	}`, rInt)
   302  }
   303  
   304  func testAccAWSRedshiftSecurityGroupConfig_ingressSgId(rInt int) string {
   305  	return fmt.Sprintf(`
   306  	provider "aws" {
   307  			region = "us-east-1"
   308  	}
   309  
   310  	resource "aws_security_group" "redshift" {
   311  		name = "terraform_redshift_test_%d"
   312  		description = "Used in the redshift acceptance tests"
   313  
   314  		ingress {
   315  			protocol = "tcp"
   316  			from_port = 22
   317  			to_port = 22
   318  			cidr_blocks = ["10.0.0.0/8"]
   319  		}
   320  	}
   321  
   322  	resource "aws_redshift_security_group" "bar" {
   323  			name = "redshift-sg-terraform-%d"
   324  			description = "this is a description"
   325  
   326  			ingress {
   327  					security_group_name = "${aws_security_group.redshift.name}"
   328  					security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   329  			}
   330  	}`, rInt, rInt)
   331  }
   332  
   333  func testAccAWSRedshiftSecurityGroupConfig_ingressSgIdAdd(rInt int) string {
   334  	return fmt.Sprintf(`
   335  	provider "aws" {
   336  			region = "us-east-1"
   337  	}
   338  
   339  	resource "aws_security_group" "redshift" {
   340  		name = "terraform_redshift_test_%d"
   341  		description = "Used in the redshift acceptance tests"
   342  
   343  		ingress {
   344  			protocol = "tcp"
   345  			from_port = 22
   346  			to_port = 22
   347  			cidr_blocks = ["10.0.0.0/16"]
   348  		}
   349  	}
   350  
   351  	resource "aws_security_group" "redshift2" {
   352  		name = "terraform_redshift_test_2_%d"
   353  		description = "Used in the redshift acceptance tests #2"
   354  
   355  		ingress {
   356  			protocol = "tcp"
   357  			from_port = 22
   358  			to_port = 22
   359  			cidr_blocks = ["10.1.0.0/16"]
   360  		}
   361  	}
   362  
   363  	resource "aws_security_group" "redshift3" {
   364  		name = "terraform_redshift_test_3_%d"
   365  		description = "Used in the redshift acceptance tests #3"
   366  
   367  		ingress {
   368  			protocol = "tcp"
   369  			from_port = 22
   370  			to_port = 22
   371  			cidr_blocks = ["10.2.0.0/16"]
   372  		}
   373  	}
   374  
   375  	resource "aws_redshift_security_group" "bar" {
   376  			name = "redshift-sg-terraform-%d"
   377  			description = "this is a description"
   378  
   379  			ingress {
   380  					security_group_name = "${aws_security_group.redshift.name}"
   381  					security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   382  			}
   383  
   384  			ingress {
   385  					security_group_name = "${aws_security_group.redshift2.name}"
   386  					security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   387  			}
   388  
   389  			ingress {
   390  					security_group_name = "${aws_security_group.redshift3.name}"
   391  					security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   392  			}
   393  	}`, rInt, rInt, rInt, rInt)
   394  }
   395  
   396  func testAccAWSRedshiftSecurityGroupConfig_ingressSgIdReduce(rInt int) string {
   397  	return fmt.Sprintf(`
   398  	provider "aws" {
   399  			region = "us-east-1"
   400  	}
   401  
   402  	resource "aws_security_group" "redshift" {
   403  		name = "terraform_redshift_test_%d"
   404  		description = "Used in the redshift acceptance tests"
   405  
   406  		ingress {
   407  			protocol = "tcp"
   408  			from_port = 22
   409  			to_port = 22
   410  			cidr_blocks = ["10.0.0.0/16"]
   411  		}
   412  	}
   413  
   414  	resource "aws_security_group" "redshift2" {
   415  		name = "terraform_redshift_test_2_%d"
   416  		description = "Used in the redshift acceptance tests #2"
   417  
   418  		ingress {
   419  			protocol = "tcp"
   420  			from_port = 22
   421  			to_port = 22
   422  			cidr_blocks = ["10.1.0.0/16"]
   423  		}
   424  	}
   425  
   426  	resource "aws_redshift_security_group" "bar" {
   427  			name = "redshift-sg-terraform-%d"
   428  			description = "this is a description"
   429  
   430  			ingress {
   431  					security_group_name = "${aws_security_group.redshift.name}"
   432  					security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   433  			}
   434  
   435  			ingress {
   436  					security_group_name = "${aws_security_group.redshift2.name}"
   437  					security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   438  			}
   439  	}`, rInt, rInt, rInt)
   440  }