github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/azurerm/resource_arm_network_security_rule_test.go (about) 1 package azurerm 2 3 import ( 4 "fmt" 5 "net/http" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/acctest" 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/terraform" 11 ) 12 13 func TestAccAzureRMNetworkSecurityRule_basic(t *testing.T) { 14 rInt := acctest.RandInt() 15 resource.Test(t, resource.TestCase{ 16 PreCheck: func() { testAccPreCheck(t) }, 17 Providers: testAccProviders, 18 CheckDestroy: testCheckAzureRMNetworkSecurityRuleDestroy, 19 Steps: []resource.TestStep{ 20 { 21 Config: testAccAzureRMNetworkSecurityRule_basic(rInt), 22 Check: resource.ComposeTestCheckFunc( 23 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test"), 24 ), 25 }, 26 }, 27 }) 28 } 29 30 func TestAccAzureRMNetworkSecurityRule_disappears(t *testing.T) { 31 rInt := acctest.RandInt() 32 33 resource.Test(t, resource.TestCase{ 34 PreCheck: func() { testAccPreCheck(t) }, 35 Providers: testAccProviders, 36 CheckDestroy: testCheckAzureRMNetworkSecurityRuleDestroy, 37 Steps: []resource.TestStep{ 38 { 39 Config: testAccAzureRMNetworkSecurityRule_basic(rInt), 40 Check: resource.ComposeTestCheckFunc( 41 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test"), 42 testCheckAzureRMNetworkSecurityRuleDisappears("azurerm_network_security_rule.test"), 43 ), 44 ExpectNonEmptyPlan: true, 45 }, 46 }, 47 }) 48 } 49 50 func TestAccAzureRMNetworkSecurityRule_addingRules(t *testing.T) { 51 rInt := acctest.RandInt() 52 53 resource.Test(t, resource.TestCase{ 54 PreCheck: func() { testAccPreCheck(t) }, 55 Providers: testAccProviders, 56 CheckDestroy: testCheckAzureRMNetworkSecurityRuleDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAzureRMNetworkSecurityRule_updateBasic(rInt), 60 Check: resource.ComposeTestCheckFunc( 61 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test1"), 62 ), 63 }, 64 65 { 66 Config: testAccAzureRMNetworkSecurityRule_updateExtraRule(rInt), 67 Check: resource.ComposeTestCheckFunc( 68 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test2"), 69 ), 70 }, 71 }, 72 }) 73 } 74 75 func testCheckAzureRMNetworkSecurityRuleExists(name string) resource.TestCheckFunc { 76 return func(s *terraform.State) error { 77 78 rs, ok := s.RootModule().Resources[name] 79 if !ok { 80 return fmt.Errorf("Not found: %s", name) 81 } 82 83 sgName := rs.Primary.Attributes["network_security_group_name"] 84 sgrName := rs.Primary.Attributes["name"] 85 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 86 if !hasResourceGroup { 87 return fmt.Errorf("Bad: no resource group found in state for network security rule: %s", sgName) 88 } 89 90 conn := testAccProvider.Meta().(*ArmClient).secRuleClient 91 92 resp, err := conn.Get(resourceGroup, sgName, sgrName) 93 if err != nil { 94 return fmt.Errorf("Bad: Get on secRuleClient: %s", err) 95 } 96 97 if resp.StatusCode == http.StatusNotFound { 98 return fmt.Errorf("Bad: Network Security Rule %q (resource group: %q) (network security group: %q) does not exist", sgrName, sgName, resourceGroup) 99 } 100 101 return nil 102 } 103 } 104 105 func testCheckAzureRMNetworkSecurityRuleDisappears(name string) resource.TestCheckFunc { 106 return func(s *terraform.State) error { 107 108 rs, ok := s.RootModule().Resources[name] 109 if !ok { 110 return fmt.Errorf("Not found: %s", name) 111 } 112 113 sgName := rs.Primary.Attributes["network_security_group_name"] 114 sgrName := rs.Primary.Attributes["name"] 115 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 116 if !hasResourceGroup { 117 return fmt.Errorf("Bad: no resource group found in state for network security rule: %s", sgName) 118 } 119 120 conn := testAccProvider.Meta().(*ArmClient).secRuleClient 121 122 _, err := conn.Delete(resourceGroup, sgName, sgrName, make(chan struct{})) 123 if err != nil { 124 return fmt.Errorf("Bad: Delete on secRuleClient: %s", err) 125 } 126 127 return nil 128 } 129 } 130 131 func testCheckAzureRMNetworkSecurityRuleDestroy(s *terraform.State) error { 132 conn := testAccProvider.Meta().(*ArmClient).secRuleClient 133 134 for _, rs := range s.RootModule().Resources { 135 136 if rs.Type != "azurerm_network_security_rule" { 137 continue 138 } 139 140 sgName := rs.Primary.Attributes["network_security_group_name"] 141 sgrName := rs.Primary.Attributes["name"] 142 resourceGroup := rs.Primary.Attributes["resource_group_name"] 143 144 resp, err := conn.Get(resourceGroup, sgName, sgrName) 145 146 if err != nil { 147 return nil 148 } 149 150 if resp.StatusCode != http.StatusNotFound { 151 return fmt.Errorf("Network Security Rule still exists:\n%#v", resp.SecurityRulePropertiesFormat) 152 } 153 } 154 155 return nil 156 } 157 158 func testAccAzureRMNetworkSecurityRule_basic(rInt int) string { 159 return fmt.Sprintf(` 160 resource "azurerm_resource_group" "test" { 161 name = "acctestRG-%d" 162 location = "West US" 163 } 164 165 resource "azurerm_network_security_group" "test" { 166 name = "acceptanceTestSecurityGroup1" 167 location = "West US" 168 resource_group_name = "${azurerm_resource_group.test.name}" 169 } 170 171 resource "azurerm_network_security_rule" "test" { 172 name = "test123" 173 priority = 100 174 direction = "Outbound" 175 access = "Allow" 176 protocol = "Tcp" 177 source_port_range = "*" 178 destination_port_range = "*" 179 source_address_prefix = "*" 180 destination_address_prefix = "*" 181 resource_group_name = "${azurerm_resource_group.test.name}" 182 network_security_group_name = "${azurerm_network_security_group.test.name}" 183 } 184 `, rInt) 185 } 186 187 func testAccAzureRMNetworkSecurityRule_updateBasic(rInt int) string { 188 return fmt.Sprintf(` 189 resource "azurerm_resource_group" "test1" { 190 name = "acctestRG-%d" 191 location = "West US" 192 } 193 194 resource "azurerm_network_security_group" "test1" { 195 name = "acceptanceTestSecurityGroup2" 196 location = "West US" 197 resource_group_name = "${azurerm_resource_group.test1.name}" 198 } 199 200 resource "azurerm_network_security_rule" "test1" { 201 name = "test123" 202 priority = 100 203 direction = "Outbound" 204 access = "Allow" 205 protocol = "Tcp" 206 source_port_range = "*" 207 destination_port_range = "*" 208 source_address_prefix = "*" 209 destination_address_prefix = "*" 210 resource_group_name = "${azurerm_resource_group.test1.name}" 211 network_security_group_name = "${azurerm_network_security_group.test1.name}" 212 } 213 `, rInt) 214 } 215 216 func testAccAzureRMNetworkSecurityRule_updateExtraRule(rInt int) string { 217 return fmt.Sprintf(` 218 resource "azurerm_resource_group" "test1" { 219 name = "acctestRG-%d" 220 location = "West US" 221 } 222 223 resource "azurerm_network_security_group" "test1" { 224 name = "acceptanceTestSecurityGroup2" 225 location = "West US" 226 resource_group_name = "${azurerm_resource_group.test1.name}" 227 } 228 229 resource "azurerm_network_security_rule" "test1" { 230 name = "test123" 231 priority = 100 232 direction = "Outbound" 233 access = "Allow" 234 protocol = "Tcp" 235 source_port_range = "*" 236 destination_port_range = "*" 237 source_address_prefix = "*" 238 destination_address_prefix = "*" 239 resource_group_name = "${azurerm_resource_group.test1.name}" 240 network_security_group_name = "${azurerm_network_security_group.test1.name}" 241 } 242 243 resource "azurerm_network_security_rule" "test2" { 244 name = "testing456" 245 priority = 101 246 direction = "Inbound" 247 access = "Deny" 248 protocol = "Tcp" 249 source_port_range = "*" 250 destination_port_range = "*" 251 source_address_prefix = "*" 252 destination_address_prefix = "*" 253 resource_group_name = "${azurerm_resource_group.test1.name}" 254 network_security_group_name = "${azurerm_network_security_group.test1.name}" 255 } 256 `, rInt) 257 }