github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/azurerm/resource_arm_network_security_group_test.go (about) 1 package azurerm 2 3 import ( 4 "fmt" 5 "net/http" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/acctest" 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/terraform" 11 ) 12 13 func TestAccAzureRMNetworkSecurityGroup_basic(t *testing.T) { 14 rInt := acctest.RandInt() 15 resource.Test(t, resource.TestCase{ 16 PreCheck: func() { testAccPreCheck(t) }, 17 Providers: testAccProviders, 18 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 19 Steps: []resource.TestStep{ 20 { 21 Config: testAccAzureRMNetworkSecurityGroup_basic(rInt), 22 Check: resource.ComposeTestCheckFunc( 23 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 24 ), 25 }, 26 }, 27 }) 28 } 29 30 func TestAccAzureRMNetworkSecurityGroup_disappears(t *testing.T) { 31 rInt := acctest.RandInt() 32 resource.Test(t, resource.TestCase{ 33 PreCheck: func() { testAccPreCheck(t) }, 34 Providers: testAccProviders, 35 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 36 Steps: []resource.TestStep{ 37 { 38 Config: testAccAzureRMNetworkSecurityGroup_basic(rInt), 39 Check: resource.ComposeTestCheckFunc( 40 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 41 testCheckAzureRMNetworkSecurityGroupDisappears("azurerm_network_security_group.test"), 42 ), 43 ExpectNonEmptyPlan: true, 44 }, 45 }, 46 }) 47 } 48 49 func TestAccAzureRMNetworkSecurityGroup_withTags(t *testing.T) { 50 rInt := acctest.RandInt() 51 resource.Test(t, resource.TestCase{ 52 PreCheck: func() { testAccPreCheck(t) }, 53 Providers: testAccProviders, 54 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 55 Steps: []resource.TestStep{ 56 { 57 Config: testAccAzureRMNetworkSecurityGroup_withTags(rInt), 58 Check: resource.ComposeTestCheckFunc( 59 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 60 resource.TestCheckResourceAttr( 61 "azurerm_network_security_group.test", "tags.%", "2"), 62 resource.TestCheckResourceAttr( 63 "azurerm_network_security_group.test", "tags.environment", "Production"), 64 resource.TestCheckResourceAttr( 65 "azurerm_network_security_group.test", "tags.cost_center", "MSFT"), 66 ), 67 }, 68 69 { 70 Config: testAccAzureRMNetworkSecurityGroup_withTagsUpdate(rInt), 71 Check: resource.ComposeTestCheckFunc( 72 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 73 resource.TestCheckResourceAttr( 74 "azurerm_network_security_group.test", "tags.%", "1"), 75 resource.TestCheckResourceAttr( 76 "azurerm_network_security_group.test", "tags.environment", "staging"), 77 ), 78 }, 79 }, 80 }) 81 } 82 83 func TestAccAzureRMNetworkSecurityGroup_addingExtraRules(t *testing.T) { 84 rInt := acctest.RandInt() 85 resource.Test(t, resource.TestCase{ 86 PreCheck: func() { testAccPreCheck(t) }, 87 Providers: testAccProviders, 88 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 89 Steps: []resource.TestStep{ 90 { 91 Config: testAccAzureRMNetworkSecurityGroup_basic(rInt), 92 Check: resource.ComposeTestCheckFunc( 93 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 94 resource.TestCheckResourceAttr( 95 "azurerm_network_security_group.test", "security_rule.#", "1"), 96 ), 97 }, 98 99 { 100 Config: testAccAzureRMNetworkSecurityGroup_anotherRule(rInt), 101 Check: resource.ComposeTestCheckFunc( 102 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 103 resource.TestCheckResourceAttr( 104 "azurerm_network_security_group.test", "security_rule.#", "2"), 105 ), 106 }, 107 }, 108 }) 109 } 110 111 func testCheckAzureRMNetworkSecurityGroupExists(name string) resource.TestCheckFunc { 112 return func(s *terraform.State) error { 113 114 rs, ok := s.RootModule().Resources[name] 115 if !ok { 116 return fmt.Errorf("Not found: %s", name) 117 } 118 119 sgName := rs.Primary.Attributes["name"] 120 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 121 if !hasResourceGroup { 122 return fmt.Errorf("Bad: no resource group found in state for network security group: %s", sgName) 123 } 124 125 conn := testAccProvider.Meta().(*ArmClient).secGroupClient 126 127 resp, err := conn.Get(resourceGroup, sgName, "") 128 if err != nil { 129 return fmt.Errorf("Bad: Get on secGroupClient: %s", err) 130 } 131 132 if resp.StatusCode == http.StatusNotFound { 133 return fmt.Errorf("Bad: Network Security Group %q (resource group: %q) does not exist", name, resourceGroup) 134 } 135 136 return nil 137 } 138 } 139 140 func testCheckAzureRMNetworkSecurityGroupDisappears(name string) resource.TestCheckFunc { 141 return func(s *terraform.State) error { 142 143 rs, ok := s.RootModule().Resources[name] 144 if !ok { 145 return fmt.Errorf("Not found: %s", name) 146 } 147 148 sgName := rs.Primary.Attributes["name"] 149 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 150 if !hasResourceGroup { 151 return fmt.Errorf("Bad: no resource group found in state for network security group: %s", sgName) 152 } 153 154 conn := testAccProvider.Meta().(*ArmClient).secGroupClient 155 156 _, err := conn.Delete(resourceGroup, sgName, make(chan struct{})) 157 if err != nil { 158 return fmt.Errorf("Bad: Delete on secGroupClient: %s", err) 159 } 160 161 return nil 162 } 163 } 164 165 func testCheckAzureRMNetworkSecurityGroupDestroy(s *terraform.State) error { 166 conn := testAccProvider.Meta().(*ArmClient).secGroupClient 167 168 for _, rs := range s.RootModule().Resources { 169 if rs.Type != "azurerm_network_security_group" { 170 continue 171 } 172 173 name := rs.Primary.Attributes["name"] 174 resourceGroup := rs.Primary.Attributes["resource_group_name"] 175 176 resp, err := conn.Get(resourceGroup, name, "") 177 178 if err != nil { 179 return nil 180 } 181 182 if resp.StatusCode != http.StatusNotFound { 183 return fmt.Errorf("Network Security Group still exists:\n%#v", resp.SecurityGroupPropertiesFormat) 184 } 185 } 186 187 return nil 188 } 189 190 func testAccAzureRMNetworkSecurityGroup_basic(rInt int) string { 191 return fmt.Sprintf(` 192 resource "azurerm_resource_group" "test" { 193 name = "acctestRG-%d" 194 location = "West US" 195 } 196 197 resource "azurerm_network_security_group" "test" { 198 name = "acceptanceTestSecurityGroup1" 199 location = "West US" 200 resource_group_name = "${azurerm_resource_group.test.name}" 201 202 security_rule { 203 name = "test123" 204 priority = 100 205 direction = "Inbound" 206 access = "Allow" 207 protocol = "TCP" 208 source_port_range = "*" 209 destination_port_range = "*" 210 source_address_prefix = "*" 211 destination_address_prefix = "*" 212 } 213 } 214 `, rInt) 215 } 216 217 func testAccAzureRMNetworkSecurityGroup_anotherRule(rInt int) string { 218 return fmt.Sprintf(` 219 resource "azurerm_resource_group" "test" { 220 name = "acctestRG-%d" 221 location = "West US" 222 } 223 224 resource "azurerm_network_security_group" "test" { 225 name = "acceptanceTestSecurityGroup1" 226 location = "West US" 227 resource_group_name = "${azurerm_resource_group.test.name}" 228 229 security_rule { 230 name = "test123" 231 priority = 100 232 direction = "Inbound" 233 access = "Allow" 234 protocol = "Tcp" 235 source_port_range = "*" 236 destination_port_range = "*" 237 source_address_prefix = "*" 238 destination_address_prefix = "*" 239 } 240 241 security_rule { 242 name = "testDeny" 243 priority = 101 244 direction = "Inbound" 245 access = "Deny" 246 protocol = "Udp" 247 source_port_range = "*" 248 destination_port_range = "*" 249 source_address_prefix = "*" 250 destination_address_prefix = "*" 251 } 252 } 253 `, rInt) 254 } 255 256 func testAccAzureRMNetworkSecurityGroup_withTags(rInt int) string { 257 return fmt.Sprintf(` 258 resource "azurerm_resource_group" "test" { 259 name = "acctestRG-%d" 260 location = "West US" 261 } 262 263 resource "azurerm_network_security_group" "test" { 264 name = "acceptanceTestSecurityGroup1" 265 location = "West US" 266 resource_group_name = "${azurerm_resource_group.test.name}" 267 268 security_rule { 269 name = "test123" 270 priority = 100 271 direction = "Inbound" 272 access = "Allow" 273 protocol = "Tcp" 274 source_port_range = "*" 275 destination_port_range = "*" 276 source_address_prefix = "*" 277 destination_address_prefix = "*" 278 } 279 280 281 tags { 282 environment = "Production" 283 cost_center = "MSFT" 284 } 285 } 286 `, rInt) 287 } 288 289 func testAccAzureRMNetworkSecurityGroup_withTagsUpdate(rInt int) string { 290 return fmt.Sprintf(` 291 resource "azurerm_resource_group" "test" { 292 name = "acctestRG-%d" 293 location = "West US" 294 } 295 296 resource "azurerm_network_security_group" "test" { 297 name = "acceptanceTestSecurityGroup1" 298 location = "West US" 299 resource_group_name = "${azurerm_resource_group.test.name}" 300 301 security_rule { 302 name = "test123" 303 priority = 100 304 direction = "Inbound" 305 access = "Allow" 306 protocol = "Tcp" 307 source_port_range = "*" 308 destination_port_range = "*" 309 source_address_prefix = "*" 310 destination_address_prefix = "*" 311 } 312 313 tags { 314 environment = "staging" 315 } 316 } 317 `, rInt) 318 }