github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/azurerm/resource_arm_key_vault_test.go (about) 1 package azurerm 2 3 import ( 4 "fmt" 5 "net/http" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/acctest" 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/terraform" 11 ) 12 13 func TestAccAzureRMKeyVault_basic(t *testing.T) { 14 ri := acctest.RandInt() 15 config := fmt.Sprintf(testAccAzureRMKeyVault_basic, ri, ri) 16 17 resource.Test(t, resource.TestCase{ 18 PreCheck: func() { testAccPreCheck(t) }, 19 Providers: testAccProviders, 20 CheckDestroy: testCheckAzureRMKeyVaultDestroy, 21 Steps: []resource.TestStep{ 22 { 23 Config: config, 24 Check: resource.ComposeTestCheckFunc( 25 testCheckAzureRMKeyVaultExists("azurerm_key_vault.test"), 26 ), 27 }, 28 }, 29 }) 30 } 31 32 func TestAccAzureRMKeyVault_update(t *testing.T) { 33 ri := acctest.RandInt() 34 preConfig := fmt.Sprintf(testAccAzureRMKeyVault_basic, ri, ri) 35 postConfig := fmt.Sprintf(testAccAzureRMKeyVault_update, ri, ri) 36 37 resource.Test(t, resource.TestCase{ 38 PreCheck: func() { testAccPreCheck(t) }, 39 Providers: testAccProviders, 40 CheckDestroy: testCheckAzureRMKeyVaultDestroy, 41 Steps: []resource.TestStep{ 42 { 43 Config: preConfig, 44 Check: resource.ComposeTestCheckFunc( 45 testCheckAzureRMKeyVaultExists("azurerm_key_vault.test"), 46 resource.TestCheckResourceAttr("azurerm_key_vault.test", "access_policy.0.key_permissions.0", "all"), 47 resource.TestCheckResourceAttr("azurerm_key_vault.test", "access_policy.0.secret_permissions.0", "all"), 48 resource.TestCheckResourceAttr("azurerm_key_vault.test", "tags.environment", "Production"), 49 ), 50 }, 51 { 52 Config: postConfig, 53 Check: resource.ComposeTestCheckFunc( 54 resource.TestCheckResourceAttr("azurerm_key_vault.test", "access_policy.0.key_permissions.0", "get"), 55 resource.TestCheckResourceAttr("azurerm_key_vault.test", "access_policy.0.secret_permissions.0", "get"), 56 resource.TestCheckResourceAttr("azurerm_key_vault.test", "enabled_for_deployment", "true"), 57 resource.TestCheckResourceAttr("azurerm_key_vault.test", "enabled_for_disk_encryption", "true"), 58 resource.TestCheckResourceAttr("azurerm_key_vault.test", "enabled_for_template_deployment", "true"), 59 resource.TestCheckResourceAttr("azurerm_key_vault.test", "tags.environment", "Staging"), 60 ), 61 }, 62 }, 63 }) 64 } 65 66 func testCheckAzureRMKeyVaultDestroy(s *terraform.State) error { 67 client := testAccProvider.Meta().(*ArmClient).keyVaultClient 68 69 for _, rs := range s.RootModule().Resources { 70 if rs.Type != "azurerm_key_vault" { 71 continue 72 } 73 74 name := rs.Primary.Attributes["name"] 75 resourceGroup := rs.Primary.Attributes["resource_group_name"] 76 77 resp, err := client.Get(resourceGroup, name) 78 if err != nil { 79 if resp.StatusCode == http.StatusNotFound { 80 return nil 81 } 82 return err 83 } 84 85 if resp.StatusCode != http.StatusNotFound { 86 return fmt.Errorf("Key Vault still exists:\n%#v", resp.Properties) 87 } 88 } 89 90 return nil 91 } 92 93 func testCheckAzureRMKeyVaultExists(name string) resource.TestCheckFunc { 94 return func(s *terraform.State) error { 95 // Ensure we have enough information in state to look up in API 96 rs, ok := s.RootModule().Resources[name] 97 if !ok { 98 return fmt.Errorf("Not found: %s", name) 99 } 100 101 vaultName := rs.Primary.Attributes["name"] 102 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 103 if !hasResourceGroup { 104 return fmt.Errorf("Bad: no resource group found in state for vault: %s", vaultName) 105 } 106 107 client := testAccProvider.Meta().(*ArmClient).keyVaultClient 108 109 resp, err := client.Get(resourceGroup, vaultName) 110 if err != nil { 111 return fmt.Errorf("Bad: Get on keyVaultClient: %s", err) 112 } 113 114 if resp.StatusCode == http.StatusNotFound { 115 return fmt.Errorf("Bad: Vault %q (resource group: %q) does not exist", vaultName, resourceGroup) 116 } 117 118 return nil 119 } 120 } 121 122 var testAccAzureRMKeyVault_basic = ` 123 data "azurerm_client_config" "current" {} 124 125 resource "azurerm_resource_group" "test" { 126 name = "acctestRG-%d" 127 location = "West US" 128 } 129 130 resource "azurerm_key_vault" "test" { 131 name = "vault%d" 132 location = "West US" 133 resource_group_name = "${azurerm_resource_group.test.name}" 134 tenant_id = "${data.azurerm_client_config.current.tenant_id}" 135 136 sku { 137 name = "premium" 138 } 139 140 access_policy { 141 tenant_id = "${data.azurerm_client_config.current.tenant_id}" 142 object_id = "${data.azurerm_client_config.current.client_id}" 143 144 key_permissions = [ 145 "all" 146 ] 147 148 secret_permissions = [ 149 "all" 150 ] 151 } 152 153 tags { 154 environment = "Production" 155 } 156 } 157 ` 158 159 var testAccAzureRMKeyVault_update = ` 160 data "azurerm_client_config" "current" {} 161 162 resource "azurerm_resource_group" "test" { 163 name = "acctestRG-%d" 164 location = "West US" 165 } 166 167 resource "azurerm_key_vault" "test" { 168 name = "vault%d" 169 location = "West US" 170 resource_group_name = "${azurerm_resource_group.test.name}" 171 tenant_id = "${data.azurerm_client_config.current.tenant_id}" 172 173 sku { 174 name = "premium" 175 } 176 177 access_policy { 178 tenant_id = "${data.azurerm_client_config.current.tenant_id}" 179 object_id = "${data.azurerm_client_config.current.client_id}" 180 181 key_permissions = [ 182 "get" 183 ] 184 185 secret_permissions = [ 186 "get" 187 ] 188 } 189 190 enabled_for_deployment = true 191 enabled_for_disk_encryption = true 192 enabled_for_template_deployment = true 193 194 tags { 195 environment = "Staging" 196 } 197 } 198 `