github.com/daveadams/terraform@v0.6.4-0.20160830094355-13ce74975936/builtin/providers/aws/resource_aws_vpn_gateway_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 "time" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/aws/awserr" 10 "github.com/aws/aws-sdk-go/service/ec2" 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 ) 14 15 func TestAccAWSVpnGateway_basic(t *testing.T) { 16 var v, v2 ec2.VpnGateway 17 18 testNotEqual := func(*terraform.State) error { 19 if len(v.VpcAttachments) == 0 { 20 return fmt.Errorf("VPN Gateway A is not attached") 21 } 22 if len(v2.VpcAttachments) == 0 { 23 return fmt.Errorf("VPN Gateway B is not attached") 24 } 25 26 id1 := v.VpcAttachments[0].VpcId 27 id2 := v2.VpcAttachments[0].VpcId 28 if id1 == id2 { 29 return fmt.Errorf("Both attachment IDs are the same") 30 } 31 32 return nil 33 } 34 35 resource.Test(t, resource.TestCase{ 36 PreCheck: func() { testAccPreCheck(t) }, 37 IDRefreshName: "aws_vpn_gateway.foo", 38 Providers: testAccProviders, 39 CheckDestroy: testAccCheckVpnGatewayDestroy, 40 Steps: []resource.TestStep{ 41 resource.TestStep{ 42 Config: testAccVpnGatewayConfig, 43 Check: resource.ComposeTestCheckFunc( 44 testAccCheckVpnGatewayExists( 45 "aws_vpn_gateway.foo", &v), 46 ), 47 }, 48 49 resource.TestStep{ 50 Config: testAccVpnGatewayConfigChangeVPC, 51 Check: resource.ComposeTestCheckFunc( 52 testAccCheckVpnGatewayExists( 53 "aws_vpn_gateway.foo", &v2), 54 testNotEqual, 55 ), 56 }, 57 }, 58 }) 59 } 60 61 func TestAccAWSVpnGateway_disappears(t *testing.T) { 62 var v ec2.VpnGateway 63 64 resource.Test(t, resource.TestCase{ 65 PreCheck: func() { testAccPreCheck(t) }, 66 Providers: testAccProviders, 67 CheckDestroy: testAccCheckVpnGatewayDestroy, 68 Steps: []resource.TestStep{ 69 resource.TestStep{ 70 Config: testAccVpnGatewayConfig, 71 Check: resource.ComposeTestCheckFunc( 72 testAccCheckVpnGatewayExists("aws_vpn_gateway.foo", &v), 73 testAccAWSVpnGatewayDisappears(&v), 74 ), 75 ExpectNonEmptyPlan: true, 76 }, 77 }, 78 }) 79 } 80 81 func TestAccAWSVpnGateway_reattach(t *testing.T) { 82 var vpc1, vpc2 ec2.Vpc 83 var vgw1, vgw2 ec2.VpnGateway 84 85 testAttachmentFunc := func(vgw *ec2.VpnGateway, vpc *ec2.Vpc) func(*terraform.State) error { 86 return func(*terraform.State) error { 87 if len(vgw.VpcAttachments) == 0 { 88 return fmt.Errorf("VPN Gateway %q has no VPC attachments.", 89 *vgw.VpnGatewayId) 90 } 91 92 if len(vgw.VpcAttachments) > 1 { 93 count := 0 94 for _, v := range vgw.VpcAttachments { 95 if *v.State == "attached" { 96 count += 1 97 } 98 } 99 if count > 1 { 100 return fmt.Errorf( 101 "VPN Gateway %q has an unexpected number of VPC attachments (more than 1): %#v", 102 *vgw.VpnGatewayId, vgw.VpcAttachments) 103 } 104 } 105 106 if *vgw.VpcAttachments[0].State != "attached" { 107 return fmt.Errorf("Expected VPN Gateway %q to be attached.", 108 *vgw.VpnGatewayId) 109 } 110 111 if *vgw.VpcAttachments[0].VpcId != *vpc.VpcId { 112 return fmt.Errorf("Expected VPN Gateway %q to be attached to VPC %q, but got: %q", 113 *vgw.VpnGatewayId, *vpc.VpcId, *vgw.VpcAttachments[0].VpcId) 114 } 115 return nil 116 } 117 } 118 119 resource.Test(t, resource.TestCase{ 120 PreCheck: func() { testAccPreCheck(t) }, 121 IDRefreshName: "aws_vpn_gateway.foo", 122 Providers: testAccProviders, 123 CheckDestroy: testAccCheckVpnGatewayDestroy, 124 Steps: []resource.TestStep{ 125 resource.TestStep{ 126 Config: testAccCheckVpnGatewayConfigReattach, 127 Check: resource.ComposeTestCheckFunc( 128 testAccCheckVpcExists("aws_vpc.foo", &vpc1), 129 testAccCheckVpcExists("aws_vpc.bar", &vpc2), 130 testAccCheckVpnGatewayExists( 131 "aws_vpn_gateway.foo", &vgw1), 132 testAccCheckVpnGatewayExists( 133 "aws_vpn_gateway.bar", &vgw2), 134 testAttachmentFunc(&vgw1, &vpc1), 135 testAttachmentFunc(&vgw2, &vpc2), 136 ), 137 }, 138 resource.TestStep{ 139 Config: testAccCheckVpnGatewayConfigReattachChange, 140 Check: resource.ComposeTestCheckFunc( 141 testAccCheckVpnGatewayExists( 142 "aws_vpn_gateway.foo", &vgw1), 143 testAccCheckVpnGatewayExists( 144 "aws_vpn_gateway.bar", &vgw2), 145 testAttachmentFunc(&vgw2, &vpc1), 146 testAttachmentFunc(&vgw1, &vpc2), 147 ), 148 }, 149 resource.TestStep{ 150 Config: testAccCheckVpnGatewayConfigReattach, 151 Check: resource.ComposeTestCheckFunc( 152 testAccCheckVpnGatewayExists( 153 "aws_vpn_gateway.foo", &vgw1), 154 testAccCheckVpnGatewayExists( 155 "aws_vpn_gateway.bar", &vgw2), 156 testAttachmentFunc(&vgw1, &vpc1), 157 testAttachmentFunc(&vgw2, &vpc2), 158 ), 159 }, 160 }, 161 }) 162 } 163 164 func TestAccAWSVpnGateway_delete(t *testing.T) { 165 var vpnGateway ec2.VpnGateway 166 167 testDeleted := func(r string) resource.TestCheckFunc { 168 return func(s *terraform.State) error { 169 _, ok := s.RootModule().Resources[r] 170 if ok { 171 return fmt.Errorf("VPN Gateway %q should have been deleted.", r) 172 } 173 return nil 174 } 175 } 176 177 resource.Test(t, resource.TestCase{ 178 PreCheck: func() { testAccPreCheck(t) }, 179 IDRefreshName: "aws_vpn_gateway.foo", 180 Providers: testAccProviders, 181 CheckDestroy: testAccCheckVpnGatewayDestroy, 182 Steps: []resource.TestStep{ 183 resource.TestStep{ 184 Config: testAccVpnGatewayConfig, 185 Check: resource.ComposeTestCheckFunc( 186 testAccCheckVpnGatewayExists("aws_vpn_gateway.foo", &vpnGateway)), 187 }, 188 resource.TestStep{ 189 Config: testAccNoVpnGatewayConfig, 190 Check: resource.ComposeTestCheckFunc(testDeleted("aws_vpn_gateway.foo")), 191 }, 192 }, 193 }) 194 } 195 196 func TestAccAWSVpnGateway_tags(t *testing.T) { 197 var v ec2.VpnGateway 198 199 resource.Test(t, resource.TestCase{ 200 PreCheck: func() { testAccPreCheck(t) }, 201 IDRefreshName: "aws_vpn_gateway.foo", 202 Providers: testAccProviders, 203 CheckDestroy: testAccCheckVpnGatewayDestroy, 204 Steps: []resource.TestStep{ 205 resource.TestStep{ 206 Config: testAccCheckVpnGatewayConfigTags, 207 Check: resource.ComposeTestCheckFunc( 208 testAccCheckVpnGatewayExists("aws_vpn_gateway.foo", &v), 209 testAccCheckTags(&v.Tags, "foo", "bar"), 210 ), 211 }, 212 resource.TestStep{ 213 Config: testAccCheckVpnGatewayConfigTagsUpdate, 214 Check: resource.ComposeTestCheckFunc( 215 testAccCheckVpnGatewayExists("aws_vpn_gateway.foo", &v), 216 testAccCheckTags(&v.Tags, "foo", ""), 217 testAccCheckTags(&v.Tags, "bar", "baz"), 218 ), 219 }, 220 }, 221 }) 222 } 223 224 func testAccAWSVpnGatewayDisappears(gateway *ec2.VpnGateway) resource.TestCheckFunc { 225 return func(s *terraform.State) error { 226 conn := testAccProvider.Meta().(*AWSClient).ec2conn 227 228 _, err := conn.DetachVpnGateway(&ec2.DetachVpnGatewayInput{ 229 VpnGatewayId: gateway.VpnGatewayId, 230 VpcId: gateway.VpcAttachments[0].VpcId, 231 }) 232 if err != nil { 233 ec2err, ok := err.(awserr.Error) 234 if ok { 235 if ec2err.Code() == "InvalidVpnGatewayID.NotFound" { 236 return nil 237 } else if ec2err.Code() == "InvalidVpnGatewayAttachment.NotFound" { 238 return nil 239 } 240 } 241 242 if err != nil { 243 return err 244 } 245 } 246 247 opts := &ec2.DeleteVpnGatewayInput{ 248 VpnGatewayId: gateway.VpnGatewayId, 249 } 250 if _, err := conn.DeleteVpnGateway(opts); err != nil { 251 return err 252 } 253 return resource.Retry(40*time.Minute, func() *resource.RetryError { 254 opts := &ec2.DescribeVpnGatewaysInput{ 255 VpnGatewayIds: []*string{gateway.VpnGatewayId}, 256 } 257 resp, err := conn.DescribeVpnGateways(opts) 258 if err != nil { 259 cgw, ok := err.(awserr.Error) 260 if ok && cgw.Code() == "InvalidVpnGatewayID.NotFound" { 261 return nil 262 } 263 if ok && cgw.Code() == "IncorrectState" { 264 return resource.RetryableError(fmt.Errorf( 265 "Waiting for VPN Gateway to be in the correct state: %v", gateway.VpnGatewayId)) 266 } 267 return resource.NonRetryableError( 268 fmt.Errorf("Error retrieving VPN Gateway: %s", err)) 269 } 270 if *resp.VpnGateways[0].State == "deleted" { 271 return nil 272 } 273 return resource.RetryableError(fmt.Errorf( 274 "Waiting for VPN Gateway: %v", gateway.VpnGatewayId)) 275 }) 276 } 277 } 278 279 func testAccCheckVpnGatewayDestroy(s *terraform.State) error { 280 ec2conn := testAccProvider.Meta().(*AWSClient).ec2conn 281 282 for _, rs := range s.RootModule().Resources { 283 if rs.Type != "aws_vpn_gateway" { 284 continue 285 } 286 287 // Try to find the resource 288 resp, err := ec2conn.DescribeVpnGateways(&ec2.DescribeVpnGatewaysInput{ 289 VpnGatewayIds: []*string{aws.String(rs.Primary.ID)}, 290 }) 291 if err == nil { 292 var v *ec2.VpnGateway 293 for _, g := range resp.VpnGateways { 294 if *g.VpnGatewayId == rs.Primary.ID { 295 v = g 296 } 297 } 298 299 if v == nil { 300 // wasn't found 301 return nil 302 } 303 304 if *v.State != "deleted" { 305 return fmt.Errorf("Expected VPN Gateway to be in deleted state, but was not: %s", v) 306 } 307 return nil 308 } 309 310 // Verify the error is what we want 311 ec2err, ok := err.(awserr.Error) 312 if !ok { 313 return err 314 } 315 if ec2err.Code() != "InvalidVpnGatewayID.NotFound" { 316 return err 317 } 318 } 319 320 return nil 321 } 322 323 func testAccCheckVpnGatewayExists(n string, ig *ec2.VpnGateway) resource.TestCheckFunc { 324 return func(s *terraform.State) error { 325 rs, ok := s.RootModule().Resources[n] 326 if !ok { 327 return fmt.Errorf("Not found: %s", n) 328 } 329 330 if rs.Primary.ID == "" { 331 return fmt.Errorf("No ID is set") 332 } 333 334 ec2conn := testAccProvider.Meta().(*AWSClient).ec2conn 335 resp, err := ec2conn.DescribeVpnGateways(&ec2.DescribeVpnGatewaysInput{ 336 VpnGatewayIds: []*string{aws.String(rs.Primary.ID)}, 337 }) 338 if err != nil { 339 return err 340 } 341 if len(resp.VpnGateways) == 0 { 342 return fmt.Errorf("VPN Gateway not found") 343 } 344 345 *ig = *resp.VpnGateways[0] 346 347 return nil 348 } 349 } 350 351 const testAccNoVpnGatewayConfig = ` 352 resource "aws_vpc" "foo" { 353 cidr_block = "10.1.0.0/16" 354 } 355 ` 356 357 const testAccVpnGatewayConfig = ` 358 resource "aws_vpc" "foo" { 359 cidr_block = "10.1.0.0/16" 360 } 361 362 resource "aws_vpn_gateway" "foo" { 363 vpc_id = "${aws_vpc.foo.id}" 364 } 365 ` 366 367 const testAccVpnGatewayConfigChangeVPC = ` 368 resource "aws_vpc" "bar" { 369 cidr_block = "10.2.0.0/16" 370 } 371 372 resource "aws_vpn_gateway" "foo" { 373 vpc_id = "${aws_vpc.bar.id}" 374 } 375 ` 376 377 const testAccCheckVpnGatewayConfigTags = ` 378 resource "aws_vpc" "foo" { 379 cidr_block = "10.1.0.0/16" 380 } 381 382 resource "aws_vpn_gateway" "foo" { 383 vpc_id = "${aws_vpc.foo.id}" 384 tags { 385 foo = "bar" 386 } 387 } 388 ` 389 390 const testAccCheckVpnGatewayConfigTagsUpdate = ` 391 resource "aws_vpc" "foo" { 392 cidr_block = "10.1.0.0/16" 393 } 394 395 resource "aws_vpn_gateway" "foo" { 396 vpc_id = "${aws_vpc.foo.id}" 397 tags { 398 bar = "baz" 399 } 400 } 401 ` 402 403 const testAccCheckVpnGatewayConfigReattach = ` 404 resource "aws_vpc" "foo" { 405 cidr_block = "10.1.0.0/16" 406 } 407 408 resource "aws_vpc" "bar" { 409 cidr_block = "10.2.0.0/16" 410 } 411 412 resource "aws_vpn_gateway" "foo" { 413 vpc_id = "${aws_vpc.foo.id}" 414 } 415 416 resource "aws_vpn_gateway" "bar" { 417 vpc_id = "${aws_vpc.bar.id}" 418 } 419 ` 420 421 const testAccCheckVpnGatewayConfigReattachChange = ` 422 resource "aws_vpc" "foo" { 423 cidr_block = "10.1.0.0/16" 424 } 425 426 resource "aws_vpc" "bar" { 427 cidr_block = "10.2.0.0/16" 428 } 429 430 resource "aws_vpn_gateway" "foo" { 431 vpc_id = "${aws_vpc.bar.id}" 432 } 433 434 resource "aws_vpn_gateway" "bar" { 435 vpc_id = "${aws_vpc.foo.id}" 436 } 437 `