github.com/ggiamarchi/terraform@v0.3.7-0.20150607194748-ed2a66a46a71/builtin/providers/azure/resource_azure_security_group_test.go (about) 1 package azure 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 "github.com/svanharmelen/azure-sdk-for-go/management" 10 "github.com/svanharmelen/azure-sdk-for-go/management/networksecuritygroup" 11 ) 12 13 func TestAccAzureSecurityGroup_basic(t *testing.T) { 14 var group networksecuritygroup.SecurityGroupResponse 15 16 resource.Test(t, resource.TestCase{ 17 PreCheck: func() { testAccPreCheck(t) }, 18 Providers: testAccProviders, 19 CheckDestroy: testAccCheckAzureSecurityGroupDestroy, 20 Steps: []resource.TestStep{ 21 resource.TestStep{ 22 Config: testAccAzureSecurityGroup_basic, 23 Check: resource.ComposeTestCheckFunc( 24 testAccCheckAzureSecurityGroupExists( 25 "azure_security_group.foo", &group), 26 testAccCheckAzureSecurityGroupBasicAttributes(&group), 27 resource.TestCheckResourceAttr( 28 "azure_security_group.foo", "name", "terraform-security-group"), 29 resource.TestCheckResourceAttr( 30 "azure_security_group.foo", "location", "West US"), 31 resource.TestCheckResourceAttr( 32 "azure_security_group.foo", "rule.936204579.name", "RDP"), 33 resource.TestCheckResourceAttr( 34 "azure_security_group.foo", "rule.936204579.source_port", "*"), 35 resource.TestCheckResourceAttr( 36 "azure_security_group.foo", "rule.936204579.destination_port", "3389"), 37 ), 38 }, 39 }, 40 }) 41 } 42 43 func TestAccAzureSecurityGroup_update(t *testing.T) { 44 var group networksecuritygroup.SecurityGroupResponse 45 46 resource.Test(t, resource.TestCase{ 47 PreCheck: func() { testAccPreCheck(t) }, 48 Providers: testAccProviders, 49 CheckDestroy: testAccCheckAzureSecurityGroupDestroy, 50 Steps: []resource.TestStep{ 51 resource.TestStep{ 52 Config: testAccAzureSecurityGroup_basic, 53 Check: resource.ComposeTestCheckFunc( 54 testAccCheckAzureSecurityGroupExists( 55 "azure_security_group.foo", &group), 56 testAccCheckAzureSecurityGroupBasicAttributes(&group), 57 resource.TestCheckResourceAttr( 58 "azure_security_group.foo", "name", "terraform-security-group"), 59 resource.TestCheckResourceAttr( 60 "azure_security_group.foo", "location", "West US"), 61 resource.TestCheckResourceAttr( 62 "azure_security_group.foo", "rule.936204579.name", "RDP"), 63 resource.TestCheckResourceAttr( 64 "azure_security_group.foo", "rule.936204579.source_cidr", "*"), 65 resource.TestCheckResourceAttr( 66 "azure_security_group.foo", "rule.936204579.destination_port", "3389"), 67 ), 68 }, 69 70 resource.TestStep{ 71 Config: testAccAzureSecurityGroup_update, 72 Check: resource.ComposeTestCheckFunc( 73 testAccCheckAzureSecurityGroupExists( 74 "azure_security_group.foo", &group), 75 testAccCheckAzureSecurityGroupUpdatedAttributes(&group), 76 resource.TestCheckResourceAttr( 77 "azure_security_group.foo", "rule.3322523298.name", "RDP"), 78 resource.TestCheckResourceAttr( 79 "azure_security_group.foo", "rule.3322523298.source_cidr", "192.168.0.0/24"), 80 resource.TestCheckResourceAttr( 81 "azure_security_group.foo", "rule.3322523298.destination_port", "3389"), 82 resource.TestCheckResourceAttr( 83 "azure_security_group.foo", "rule.3929353075.name", "WINRM"), 84 resource.TestCheckResourceAttr( 85 "azure_security_group.foo", "rule.3929353075.source_cidr", "192.168.0.0/24"), 86 resource.TestCheckResourceAttr( 87 "azure_security_group.foo", "rule.3929353075.destination_port", "5985"), 88 ), 89 }, 90 }, 91 }) 92 } 93 94 func testAccCheckAzureSecurityGroupExists( 95 n string, 96 group *networksecuritygroup.SecurityGroupResponse) resource.TestCheckFunc { 97 return func(s *terraform.State) error { 98 rs, ok := s.RootModule().Resources[n] 99 if !ok { 100 return fmt.Errorf("Not found: %s", n) 101 } 102 103 if rs.Primary.ID == "" { 104 return fmt.Errorf("No Network Security Group ID is set") 105 } 106 107 mc := testAccProvider.Meta().(*Client).mgmtClient 108 sg, err := networksecuritygroup.NewClient(mc).GetNetworkSecurityGroup(rs.Primary.ID) 109 if err != nil { 110 return err 111 } 112 113 if sg.Name != rs.Primary.ID { 114 return fmt.Errorf("Security Group not found") 115 } 116 117 *group = sg 118 119 return nil 120 } 121 } 122 123 func testAccCheckAzureSecurityGroupBasicAttributes( 124 group *networksecuritygroup.SecurityGroupResponse) resource.TestCheckFunc { 125 return func(s *terraform.State) error { 126 127 if group.Name != "terraform-security-group" { 128 return fmt.Errorf("Bad name: %s", group.Name) 129 } 130 131 for _, r := range group.Rules { 132 if !r.IsDefault { 133 if r.Name != "RDP" { 134 return fmt.Errorf("Bad rule name: %s", r.Name) 135 } 136 if r.Priority != 101 { 137 return fmt.Errorf("Bad rule priority: %d", r.Priority) 138 } 139 if r.SourceAddressPrefix != "*" { 140 return fmt.Errorf("Bad source CIDR: %s", r.SourceAddressPrefix) 141 } 142 if r.DestinationAddressPrefix != "*" { 143 return fmt.Errorf("Bad destination CIDR: %s", r.DestinationAddressPrefix) 144 } 145 if r.DestinationPortRange != "3389" { 146 return fmt.Errorf("Bad destination port: %s", r.DestinationPortRange) 147 } 148 } 149 } 150 151 return nil 152 } 153 } 154 155 func testAccCheckAzureSecurityGroupUpdatedAttributes( 156 group *networksecuritygroup.SecurityGroupResponse) resource.TestCheckFunc { 157 return func(s *terraform.State) error { 158 159 if group.Name != "terraform-security-group" { 160 return fmt.Errorf("Bad name: %s", group.Name) 161 } 162 163 foundRDP := false 164 foundWINRM := false 165 for _, r := range group.Rules { 166 if !r.IsDefault { 167 if r.Name == "RDP" { 168 if r.SourceAddressPrefix != "192.168.0.0/24" { 169 return fmt.Errorf("Bad source CIDR: %s", r.SourceAddressPrefix) 170 } 171 172 foundRDP = true 173 } 174 175 if r.Name == "WINRM" { 176 if r.Priority != 102 { 177 return fmt.Errorf("Bad rule priority: %d", r.Priority) 178 } 179 if r.SourceAddressPrefix != "192.168.0.0/24" { 180 return fmt.Errorf("Bad source CIDR: %s", r.SourceAddressPrefix) 181 } 182 if r.DestinationAddressPrefix != "*" { 183 return fmt.Errorf("Bad destination CIDR: %s", r.DestinationAddressPrefix) 184 } 185 if r.DestinationPortRange != "5985" { 186 return fmt.Errorf("Bad destination port: %s", r.DestinationPortRange) 187 } 188 189 foundWINRM = true 190 } 191 } 192 } 193 194 if !foundRDP { 195 return fmt.Errorf("RDP rule not found") 196 } 197 198 if !foundWINRM { 199 return fmt.Errorf("WINRM rule not found") 200 } 201 202 return nil 203 } 204 } 205 206 func testAccCheckAzureSecurityGroupDestroy(s *terraform.State) error { 207 mc := testAccProvider.Meta().(*Client).mgmtClient 208 209 for _, rs := range s.RootModule().Resources { 210 if rs.Type != "azure_security_group" { 211 continue 212 } 213 214 if rs.Primary.ID == "" { 215 return fmt.Errorf("No Network Security Group ID is set") 216 } 217 218 _, err := networksecuritygroup.NewClient(mc).GetNetworkSecurityGroup(rs.Primary.ID) 219 if err == nil { 220 return fmt.Errorf("Resource %s still exists", rs.Primary.ID) 221 } 222 223 if !management.IsResourceNotFoundError(err) { 224 return err 225 } 226 } 227 228 return nil 229 } 230 231 const testAccAzureSecurityGroup_basic = ` 232 resource "azure_security_group" "foo" { 233 name = "terraform-security-group" 234 location = "West US" 235 236 rule { 237 name = "RDP" 238 priority = 101 239 source_cidr = "*" 240 source_port = "*" 241 destination_cidr = "*" 242 destination_port = "3389" 243 protocol = "TCP" 244 } 245 }` 246 247 const testAccAzureSecurityGroup_update = ` 248 resource "azure_security_group" "foo" { 249 name = "terraform-security-group" 250 location = "West US" 251 252 rule { 253 name = "RDP" 254 priority = 101 255 source_cidr = "192.168.0.0/24" 256 source_port = "*" 257 destination_cidr = "*" 258 destination_port = "3389" 259 protocol = "TCP" 260 } 261 262 rule { 263 name = "WINRM" 264 priority = 102 265 source_cidr = "192.168.0.0/24" 266 source_port = "*" 267 destination_cidr = "*" 268 destination_port = "5985" 269 protocol = "TCP" 270 } 271 }`