github.com/dougneal/terraform@v0.6.15-0.20170330092735-b6a3840768a4/builtin/providers/aws/resource_aws_alb_test.go (about) 1 package aws 2 3 import ( 4 "errors" 5 "fmt" 6 "regexp" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/service/elbv2" 11 "github.com/hashicorp/errwrap" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/terraform" 15 ) 16 17 func TestALBCloudwatchSuffixFromARN(t *testing.T) { 18 cases := []struct { 19 name string 20 arn *string 21 suffix string 22 }{ 23 { 24 name: "valid suffix", 25 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer/app/my-alb/abc123`), 26 suffix: `app/my-alb/abc123`, 27 }, 28 { 29 name: "no suffix", 30 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer`), 31 suffix: ``, 32 }, 33 { 34 name: "nil ARN", 35 arn: nil, 36 suffix: ``, 37 }, 38 } 39 40 for _, tc := range cases { 41 actual := albSuffixFromARN(tc.arn) 42 if actual != tc.suffix { 43 t.Fatalf("bad suffix: %q\nExpected: %s\n Got: %s", tc.name, tc.suffix, actual) 44 } 45 } 46 } 47 48 func TestAccAWSALB_basic(t *testing.T) { 49 var conf elbv2.LoadBalancer 50 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 51 52 resource.Test(t, resource.TestCase{ 53 PreCheck: func() { testAccPreCheck(t) }, 54 IDRefreshName: "aws_alb.alb_test", 55 Providers: testAccProviders, 56 CheckDestroy: testAccCheckAWSALBDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAWSALBConfig_basic(albName), 60 Check: resource.ComposeAggregateTestCheckFunc( 61 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 62 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 63 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 64 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 65 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 66 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 67 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 68 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 69 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 70 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 71 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 72 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 73 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 74 ), 75 }, 76 }, 77 }) 78 } 79 80 func TestAccAWSALB_generatedName(t *testing.T) { 81 var conf elbv2.LoadBalancer 82 83 resource.Test(t, resource.TestCase{ 84 PreCheck: func() { testAccPreCheck(t) }, 85 IDRefreshName: "aws_alb.alb_test", 86 Providers: testAccProviders, 87 CheckDestroy: testAccCheckAWSALBDestroy, 88 Steps: []resource.TestStep{ 89 { 90 Config: testAccAWSALBConfig_generatedName(), 91 Check: resource.ComposeAggregateTestCheckFunc( 92 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 93 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 94 ), 95 }, 96 }, 97 }) 98 } 99 100 func TestAccAWSALB_namePrefix(t *testing.T) { 101 var conf elbv2.LoadBalancer 102 103 resource.Test(t, resource.TestCase{ 104 PreCheck: func() { testAccPreCheck(t) }, 105 IDRefreshName: "aws_alb.alb_test", 106 Providers: testAccProviders, 107 CheckDestroy: testAccCheckAWSALBDestroy, 108 Steps: []resource.TestStep{ 109 { 110 Config: testAccAWSALBConfig_namePrefix(), 111 Check: resource.ComposeAggregateTestCheckFunc( 112 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 113 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 114 resource.TestMatchResourceAttr("aws_alb.alb_test", "name", 115 regexp.MustCompile("^tf-lb")), 116 ), 117 }, 118 }, 119 }) 120 } 121 122 func TestAccAWSALB_tags(t *testing.T) { 123 var conf elbv2.LoadBalancer 124 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 125 126 resource.Test(t, resource.TestCase{ 127 PreCheck: func() { testAccPreCheck(t) }, 128 IDRefreshName: "aws_alb.alb_test", 129 Providers: testAccProviders, 130 CheckDestroy: testAccCheckAWSALBDestroy, 131 Steps: []resource.TestStep{ 132 { 133 Config: testAccAWSALBConfig_basic(albName), 134 Check: resource.ComposeAggregateTestCheckFunc( 135 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 136 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 137 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 138 ), 139 }, 140 { 141 Config: testAccAWSALBConfig_updatedTags(albName), 142 Check: resource.ComposeAggregateTestCheckFunc( 143 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 144 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "2"), 145 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Type", "Sample Type Tag"), 146 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Environment", "Production"), 147 ), 148 }, 149 }, 150 }) 151 } 152 153 func TestAccAWSALB_updatedSecurityGroups(t *testing.T) { 154 var pre, post elbv2.LoadBalancer 155 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 156 157 resource.Test(t, resource.TestCase{ 158 PreCheck: func() { testAccPreCheck(t) }, 159 IDRefreshName: "aws_alb.alb_test", 160 Providers: testAccProviders, 161 CheckDestroy: testAccCheckAWSALBDestroy, 162 Steps: []resource.TestStep{ 163 { 164 Config: testAccAWSALBConfig_basic(albName), 165 Check: resource.ComposeAggregateTestCheckFunc( 166 testAccCheckAWSALBExists("aws_alb.alb_test", &pre), 167 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 168 ), 169 }, 170 { 171 Config: testAccAWSALBConfig_updateSecurityGroups(albName), 172 Check: resource.ComposeAggregateTestCheckFunc( 173 testAccCheckAWSALBExists("aws_alb.alb_test", &post), 174 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "2"), 175 testAccCheckAWSAlbARNs(&pre, &post), 176 ), 177 }, 178 }, 179 }) 180 } 181 182 func TestAccAWSALB_updatedSubnets(t *testing.T) { 183 var pre, post elbv2.LoadBalancer 184 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 185 186 resource.Test(t, resource.TestCase{ 187 PreCheck: func() { testAccPreCheck(t) }, 188 IDRefreshName: "aws_alb.alb_test", 189 Providers: testAccProviders, 190 CheckDestroy: testAccCheckAWSALBDestroy, 191 Steps: []resource.TestStep{ 192 { 193 Config: testAccAWSALBConfig_basic(albName), 194 Check: resource.ComposeAggregateTestCheckFunc( 195 testAccCheckAWSALBExists("aws_alb.alb_test", &pre), 196 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 197 ), 198 }, 199 { 200 Config: testAccAWSALBConfig_updateSubnets(albName), 201 Check: resource.ComposeAggregateTestCheckFunc( 202 testAccCheckAWSALBExists("aws_alb.alb_test", &post), 203 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "3"), 204 testAccCheckAWSAlbARNs(&pre, &post), 205 ), 206 }, 207 }, 208 }) 209 } 210 211 // TestAccAWSALB_noSecurityGroup regression tests the issue in #8264, 212 // where if an ALB is created without a security group, a default one 213 // is assigned. 214 func TestAccAWSALB_noSecurityGroup(t *testing.T) { 215 var conf elbv2.LoadBalancer 216 albName := fmt.Sprintf("testaccawsalb-nosg-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 217 218 resource.Test(t, resource.TestCase{ 219 PreCheck: func() { testAccPreCheck(t) }, 220 IDRefreshName: "aws_alb.alb_test", 221 Providers: testAccProviders, 222 CheckDestroy: testAccCheckAWSALBDestroy, 223 Steps: []resource.TestStep{ 224 { 225 Config: testAccAWSALBConfig_nosg(albName), 226 Check: resource.ComposeAggregateTestCheckFunc( 227 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 228 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 229 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 230 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 231 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 232 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 233 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 234 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 235 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 236 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 237 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 238 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 239 ), 240 }, 241 }, 242 }) 243 } 244 245 func TestAccAWSALB_accesslogs(t *testing.T) { 246 var conf elbv2.LoadBalancer 247 bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)) 248 albName := fmt.Sprintf("testaccawsalbaccesslog-%s", acctest.RandStringFromCharSet(4, acctest.CharSetAlpha)) 249 250 resource.Test(t, resource.TestCase{ 251 PreCheck: func() { testAccPreCheck(t) }, 252 IDRefreshName: "aws_alb.alb_test", 253 Providers: testAccProviders, 254 CheckDestroy: testAccCheckAWSALBDestroy, 255 Steps: []resource.TestStep{ 256 { 257 Config: testAccAWSALBConfig_basic(albName), 258 Check: resource.ComposeAggregateTestCheckFunc( 259 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 260 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 261 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 262 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 263 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 264 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 265 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 266 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 267 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 268 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 269 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 270 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 271 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 272 ), 273 }, 274 { 275 Config: testAccAWSALBConfig_accessLogs(true, albName, bucketName), 276 Check: resource.ComposeAggregateTestCheckFunc( 277 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 278 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 279 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 280 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 281 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 282 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 283 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 284 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 285 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 286 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 287 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 288 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 289 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 290 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.bucket", bucketName), 291 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.prefix", "testAccAWSALBConfig_accessLogs"), 292 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "true"), 293 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 294 ), 295 }, 296 { 297 Config: testAccAWSALBConfig_accessLogs(false, albName, bucketName), 298 Check: resource.ComposeAggregateTestCheckFunc( 299 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 300 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 301 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 302 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 303 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 304 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 305 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 306 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 307 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 308 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 309 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 310 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 311 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 312 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "false"), 313 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 314 ), 315 }, 316 }, 317 }) 318 } 319 320 func testAccCheckAWSAlbARNs(pre, post *elbv2.LoadBalancer) resource.TestCheckFunc { 321 return func(s *terraform.State) error { 322 if *pre.LoadBalancerArn != *post.LoadBalancerArn { 323 return errors.New("ALB has been recreated. ARNs are different") 324 } 325 326 return nil 327 } 328 } 329 330 func testAccCheckAWSALBExists(n string, res *elbv2.LoadBalancer) resource.TestCheckFunc { 331 return func(s *terraform.State) error { 332 rs, ok := s.RootModule().Resources[n] 333 if !ok { 334 return fmt.Errorf("Not found: %s", n) 335 } 336 337 if rs.Primary.ID == "" { 338 return errors.New("No ALB ID is set") 339 } 340 341 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 342 343 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 344 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 345 }) 346 347 if err != nil { 348 return err 349 } 350 351 if len(describe.LoadBalancers) != 1 || 352 *describe.LoadBalancers[0].LoadBalancerArn != rs.Primary.ID { 353 return errors.New("ALB not found") 354 } 355 356 *res = *describe.LoadBalancers[0] 357 return nil 358 } 359 } 360 361 func testAccCheckAWSALBDestroy(s *terraform.State) error { 362 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 363 364 for _, rs := range s.RootModule().Resources { 365 if rs.Type != "aws_alb" { 366 continue 367 } 368 369 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 370 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 371 }) 372 373 if err == nil { 374 if len(describe.LoadBalancers) != 0 && 375 *describe.LoadBalancers[0].LoadBalancerArn == rs.Primary.ID { 376 return fmt.Errorf("ALB %q still exists", rs.Primary.ID) 377 } 378 } 379 380 // Verify the error 381 if isLoadBalancerNotFound(err) { 382 return nil 383 } else { 384 return errwrap.Wrapf("Unexpected error checking ALB destroyed: {{err}}", err) 385 } 386 } 387 388 return nil 389 } 390 391 func testAccAWSALBConfig_basic(albName string) string { 392 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 393 name = "%s" 394 internal = true 395 security_groups = ["${aws_security_group.alb_test.id}"] 396 subnets = ["${aws_subnet.alb_test.*.id}"] 397 398 idle_timeout = 30 399 enable_deletion_protection = false 400 401 tags { 402 TestName = "TestAccAWSALB_basic" 403 } 404 } 405 406 variable "subnets" { 407 default = ["10.0.1.0/24", "10.0.2.0/24"] 408 type = "list" 409 } 410 411 data "aws_availability_zones" "available" {} 412 413 resource "aws_vpc" "alb_test" { 414 cidr_block = "10.0.0.0/16" 415 416 tags { 417 TestName = "TestAccAWSALB_basic" 418 } 419 } 420 421 resource "aws_subnet" "alb_test" { 422 count = 2 423 vpc_id = "${aws_vpc.alb_test.id}" 424 cidr_block = "${element(var.subnets, count.index)}" 425 map_public_ip_on_launch = true 426 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 427 428 tags { 429 TestName = "TestAccAWSALB_basic" 430 } 431 } 432 433 resource "aws_security_group" "alb_test" { 434 name = "allow_all_alb_test" 435 description = "Used for ALB Testing" 436 vpc_id = "${aws_vpc.alb_test.id}" 437 438 ingress { 439 from_port = 0 440 to_port = 0 441 protocol = "-1" 442 cidr_blocks = ["0.0.0.0/0"] 443 } 444 445 egress { 446 from_port = 0 447 to_port = 0 448 protocol = "-1" 449 cidr_blocks = ["0.0.0.0/0"] 450 } 451 452 tags { 453 TestName = "TestAccAWSALB_basic" 454 } 455 }`, albName) 456 } 457 458 func testAccAWSALBConfig_updateSubnets(albName string) string { 459 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 460 name = "%s" 461 internal = true 462 security_groups = ["${aws_security_group.alb_test.id}"] 463 subnets = ["${aws_subnet.alb_test.*.id}"] 464 465 idle_timeout = 30 466 enable_deletion_protection = false 467 468 tags { 469 TestName = "TestAccAWSALB_basic" 470 } 471 } 472 473 variable "subnets" { 474 default = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] 475 type = "list" 476 } 477 478 data "aws_availability_zones" "available" {} 479 480 resource "aws_vpc" "alb_test" { 481 cidr_block = "10.0.0.0/16" 482 483 tags { 484 TestName = "TestAccAWSALB_basic" 485 } 486 } 487 488 resource "aws_subnet" "alb_test" { 489 count = 3 490 vpc_id = "${aws_vpc.alb_test.id}" 491 cidr_block = "${element(var.subnets, count.index)}" 492 map_public_ip_on_launch = true 493 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 494 495 tags { 496 TestName = "TestAccAWSALB_basic" 497 } 498 } 499 500 resource "aws_security_group" "alb_test" { 501 name = "allow_all_alb_test" 502 description = "Used for ALB Testing" 503 vpc_id = "${aws_vpc.alb_test.id}" 504 505 ingress { 506 from_port = 0 507 to_port = 0 508 protocol = "-1" 509 cidr_blocks = ["0.0.0.0/0"] 510 } 511 512 egress { 513 from_port = 0 514 to_port = 0 515 protocol = "-1" 516 cidr_blocks = ["0.0.0.0/0"] 517 } 518 519 tags { 520 TestName = "TestAccAWSALB_basic" 521 } 522 }`, albName) 523 } 524 525 func testAccAWSALBConfig_generatedName() string { 526 return fmt.Sprintf(` 527 resource "aws_alb" "alb_test" { 528 internal = true 529 security_groups = ["${aws_security_group.alb_test.id}"] 530 subnets = ["${aws_subnet.alb_test.*.id}"] 531 532 idle_timeout = 30 533 enable_deletion_protection = false 534 535 tags { 536 TestName = "TestAccAWSALB_basic" 537 } 538 } 539 540 variable "subnets" { 541 default = ["10.0.1.0/24", "10.0.2.0/24"] 542 type = "list" 543 } 544 545 data "aws_availability_zones" "available" {} 546 547 resource "aws_vpc" "alb_test" { 548 cidr_block = "10.0.0.0/16" 549 550 tags { 551 TestName = "TestAccAWSALB_basic" 552 } 553 } 554 555 resource "aws_internet_gateway" "gw" { 556 vpc_id = "${aws_vpc.alb_test.id}" 557 558 tags { 559 Name = "TestAccAWSALB_basic" 560 } 561 } 562 563 resource "aws_subnet" "alb_test" { 564 count = 2 565 vpc_id = "${aws_vpc.alb_test.id}" 566 cidr_block = "${element(var.subnets, count.index)}" 567 map_public_ip_on_launch = true 568 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 569 570 tags { 571 TestName = "TestAccAWSALB_basic" 572 } 573 } 574 575 resource "aws_security_group" "alb_test" { 576 name = "allow_all_alb_test" 577 description = "Used for ALB Testing" 578 vpc_id = "${aws_vpc.alb_test.id}" 579 580 ingress { 581 from_port = 0 582 to_port = 0 583 protocol = "-1" 584 cidr_blocks = ["0.0.0.0/0"] 585 } 586 587 egress { 588 from_port = 0 589 to_port = 0 590 protocol = "-1" 591 cidr_blocks = ["0.0.0.0/0"] 592 } 593 594 tags { 595 TestName = "TestAccAWSALB_basic" 596 } 597 }`) 598 } 599 600 func testAccAWSALBConfig_namePrefix() string { 601 return fmt.Sprintf(` 602 resource "aws_alb" "alb_test" { 603 name_prefix = "tf-lb" 604 internal = true 605 security_groups = ["${aws_security_group.alb_test.id}"] 606 subnets = ["${aws_subnet.alb_test.*.id}"] 607 608 idle_timeout = 30 609 enable_deletion_protection = false 610 611 tags { 612 TestName = "TestAccAWSALB_basic" 613 } 614 } 615 616 variable "subnets" { 617 default = ["10.0.1.0/24", "10.0.2.0/24"] 618 type = "list" 619 } 620 621 data "aws_availability_zones" "available" {} 622 623 resource "aws_vpc" "alb_test" { 624 cidr_block = "10.0.0.0/16" 625 626 tags { 627 TestName = "TestAccAWSALB_basic" 628 } 629 } 630 631 resource "aws_subnet" "alb_test" { 632 count = 2 633 vpc_id = "${aws_vpc.alb_test.id}" 634 cidr_block = "${element(var.subnets, count.index)}" 635 map_public_ip_on_launch = true 636 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 637 638 tags { 639 TestName = "TestAccAWSALB_basic" 640 } 641 } 642 643 resource "aws_security_group" "alb_test" { 644 name = "allow_all_alb_test" 645 description = "Used for ALB Testing" 646 vpc_id = "${aws_vpc.alb_test.id}" 647 648 ingress { 649 from_port = 0 650 to_port = 0 651 protocol = "-1" 652 cidr_blocks = ["0.0.0.0/0"] 653 } 654 655 egress { 656 from_port = 0 657 to_port = 0 658 protocol = "-1" 659 cidr_blocks = ["0.0.0.0/0"] 660 } 661 662 tags { 663 TestName = "TestAccAWSALB_basic" 664 } 665 }`) 666 } 667 func testAccAWSALBConfig_updatedTags(albName string) string { 668 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 669 name = "%s" 670 internal = true 671 security_groups = ["${aws_security_group.alb_test.id}"] 672 subnets = ["${aws_subnet.alb_test.*.id}"] 673 674 idle_timeout = 30 675 enable_deletion_protection = false 676 677 tags { 678 Environment = "Production" 679 Type = "Sample Type Tag" 680 } 681 } 682 683 variable "subnets" { 684 default = ["10.0.1.0/24", "10.0.2.0/24"] 685 type = "list" 686 } 687 688 data "aws_availability_zones" "available" {} 689 690 resource "aws_vpc" "alb_test" { 691 cidr_block = "10.0.0.0/16" 692 693 tags { 694 TestName = "TestAccAWSALB_basic" 695 } 696 } 697 698 resource "aws_subnet" "alb_test" { 699 count = 2 700 vpc_id = "${aws_vpc.alb_test.id}" 701 cidr_block = "${element(var.subnets, count.index)}" 702 map_public_ip_on_launch = true 703 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 704 705 tags { 706 TestName = "TestAccAWSALB_basic" 707 } 708 } 709 710 resource "aws_security_group" "alb_test" { 711 name = "allow_all_alb_test" 712 description = "Used for ALB Testing" 713 vpc_id = "${aws_vpc.alb_test.id}" 714 715 ingress { 716 from_port = 0 717 to_port = 0 718 protocol = "-1" 719 cidr_blocks = ["0.0.0.0/0"] 720 } 721 722 egress { 723 from_port = 0 724 to_port = 0 725 protocol = "-1" 726 cidr_blocks = ["0.0.0.0/0"] 727 } 728 729 tags { 730 TestName = "TestAccAWSALB_basic" 731 } 732 }`, albName) 733 } 734 735 func testAccAWSALBConfig_accessLogs(enabled bool, albName, bucketName string) string { 736 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 737 name = "%s" 738 internal = true 739 security_groups = ["${aws_security_group.alb_test.id}"] 740 subnets = ["${aws_subnet.alb_test.*.id}"] 741 742 idle_timeout = 50 743 enable_deletion_protection = false 744 745 access_logs { 746 bucket = "${aws_s3_bucket.logs.bucket}" 747 prefix = "${var.bucket_prefix}" 748 enabled = "%t" 749 } 750 751 tags { 752 TestName = "TestAccAWSALB_basic1" 753 } 754 } 755 756 variable "bucket_name" { 757 type = "string" 758 default = "%s" 759 } 760 761 variable "bucket_prefix" { 762 type = "string" 763 default = "testAccAWSALBConfig_accessLogs" 764 } 765 766 resource "aws_s3_bucket" "logs" { 767 bucket = "${var.bucket_name}" 768 policy = "${data.aws_iam_policy_document.logs_bucket.json}" 769 # dangerous, only here for the test... 770 force_destroy = true 771 772 tags { 773 Name = "ALB Logs Bucket Test" 774 } 775 } 776 777 data "aws_caller_identity" "current" {} 778 779 data "aws_elb_service_account" "current" {} 780 781 data "aws_iam_policy_document" "logs_bucket" { 782 statement { 783 actions = ["s3:PutObject"] 784 effect = "Allow" 785 resources = ["arn:aws:s3:::${var.bucket_name}/${var.bucket_prefix}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"] 786 787 principals = { 788 type = "AWS" 789 identifiers = ["arn:aws:iam::${data.aws_elb_service_account.current.id}:root"] 790 } 791 } 792 } 793 794 variable "subnets" { 795 default = ["10.0.1.0/24", "10.0.2.0/24"] 796 type = "list" 797 } 798 799 data "aws_availability_zones" "available" {} 800 801 resource "aws_vpc" "alb_test" { 802 cidr_block = "10.0.0.0/16" 803 804 tags { 805 TestName = "TestAccAWSALB_basic" 806 } 807 } 808 809 resource "aws_subnet" "alb_test" { 810 count = 2 811 vpc_id = "${aws_vpc.alb_test.id}" 812 cidr_block = "${element(var.subnets, count.index)}" 813 map_public_ip_on_launch = true 814 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 815 816 tags { 817 TestName = "TestAccAWSALB_basic" 818 } 819 } 820 821 resource "aws_security_group" "alb_test" { 822 name = "allow_all_alb_test" 823 description = "Used for ALB Testing" 824 vpc_id = "${aws_vpc.alb_test.id}" 825 826 ingress { 827 from_port = 0 828 to_port = 0 829 protocol = "-1" 830 cidr_blocks = ["0.0.0.0/0"] 831 } 832 833 egress { 834 from_port = 0 835 to_port = 0 836 protocol = "-1" 837 cidr_blocks = ["0.0.0.0/0"] 838 } 839 840 tags { 841 TestName = "TestAccAWSALB_basic" 842 } 843 }`, albName, enabled, bucketName) 844 } 845 846 func testAccAWSALBConfig_nosg(albName string) string { 847 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 848 name = "%s" 849 internal = true 850 subnets = ["${aws_subnet.alb_test.*.id}"] 851 852 idle_timeout = 30 853 enable_deletion_protection = false 854 855 tags { 856 TestName = "TestAccAWSALB_basic" 857 } 858 } 859 860 variable "subnets" { 861 default = ["10.0.1.0/24", "10.0.2.0/24"] 862 type = "list" 863 } 864 865 data "aws_availability_zones" "available" {} 866 867 resource "aws_vpc" "alb_test" { 868 cidr_block = "10.0.0.0/16" 869 870 tags { 871 TestName = "TestAccAWSALB_basic" 872 } 873 } 874 875 resource "aws_subnet" "alb_test" { 876 count = 2 877 vpc_id = "${aws_vpc.alb_test.id}" 878 cidr_block = "${element(var.subnets, count.index)}" 879 map_public_ip_on_launch = true 880 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 881 882 tags { 883 TestName = "TestAccAWSALB_basic" 884 } 885 }`, albName) 886 } 887 888 func testAccAWSALBConfig_updateSecurityGroups(albName string) string { 889 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 890 name = "%s" 891 internal = true 892 security_groups = ["${aws_security_group.alb_test.id}", "${aws_security_group.alb_test_2.id}"] 893 subnets = ["${aws_subnet.alb_test.*.id}"] 894 895 idle_timeout = 30 896 enable_deletion_protection = false 897 898 tags { 899 TestName = "TestAccAWSALB_basic" 900 } 901 } 902 903 variable "subnets" { 904 default = ["10.0.1.0/24", "10.0.2.0/24"] 905 type = "list" 906 } 907 908 data "aws_availability_zones" "available" {} 909 910 resource "aws_vpc" "alb_test" { 911 cidr_block = "10.0.0.0/16" 912 913 tags { 914 TestName = "TestAccAWSALB_basic" 915 } 916 } 917 918 resource "aws_subnet" "alb_test" { 919 count = 2 920 vpc_id = "${aws_vpc.alb_test.id}" 921 cidr_block = "${element(var.subnets, count.index)}" 922 map_public_ip_on_launch = true 923 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 924 925 tags { 926 TestName = "TestAccAWSALB_basic" 927 } 928 } 929 930 resource "aws_security_group" "alb_test_2" { 931 name = "allow_all_alb_test_2" 932 description = "Used for ALB Testing" 933 vpc_id = "${aws_vpc.alb_test.id}" 934 935 ingress { 936 from_port = 80 937 to_port = 80 938 protocol = "TCP" 939 cidr_blocks = ["0.0.0.0/0"] 940 } 941 942 tags { 943 TestName = "TestAccAWSALB_basic_2" 944 } 945 } 946 947 resource "aws_security_group" "alb_test" { 948 name = "allow_all_alb_test" 949 description = "Used for ALB Testing" 950 vpc_id = "${aws_vpc.alb_test.id}" 951 952 ingress { 953 from_port = 0 954 to_port = 0 955 protocol = "-1" 956 cidr_blocks = ["0.0.0.0/0"] 957 } 958 959 egress { 960 from_port = 0 961 to_port = 0 962 protocol = "-1" 963 cidr_blocks = ["0.0.0.0/0"] 964 } 965 966 tags { 967 TestName = "TestAccAWSALB_basic" 968 } 969 }`, albName) 970 }