github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/azurerm/resource_arm_network_security_group_test.go (about) 1 package azurerm 2 3 import ( 4 "fmt" 5 "net/http" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/acctest" 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/terraform" 11 ) 12 13 func TestAccAzureRMNetworkSecurityGroup_basic(t *testing.T) { 14 rInt := acctest.RandInt() 15 resource.Test(t, resource.TestCase{ 16 PreCheck: func() { testAccPreCheck(t) }, 17 Providers: testAccProviders, 18 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 19 Steps: []resource.TestStep{ 20 { 21 Config: testAccAzureRMNetworkSecurityGroup_basic(rInt), 22 Check: resource.ComposeTestCheckFunc( 23 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 24 ), 25 }, 26 }, 27 }) 28 } 29 30 func TestAccAzureRMNetworkSecurityGroup_disappears(t *testing.T) { 31 rInt := acctest.RandInt() 32 resource.Test(t, resource.TestCase{ 33 PreCheck: func() { testAccPreCheck(t) }, 34 Providers: testAccProviders, 35 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 36 Steps: []resource.TestStep{ 37 { 38 Config: testAccAzureRMNetworkSecurityGroup_basic(rInt), 39 Check: resource.ComposeTestCheckFunc( 40 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 41 testCheckAzureRMNetworkSecurityGroupDisappears("azurerm_network_security_group.test"), 42 ), 43 ExpectNonEmptyPlan: true, 44 }, 45 }, 46 }) 47 } 48 49 func TestAccAzureRMNetworkSecurityGroup_withTags(t *testing.T) { 50 rInt := acctest.RandInt() 51 resource.Test(t, resource.TestCase{ 52 PreCheck: func() { testAccPreCheck(t) }, 53 Providers: testAccProviders, 54 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 55 Steps: []resource.TestStep{ 56 { 57 Config: testAccAzureRMNetworkSecurityGroup_withTags(rInt), 58 Check: resource.ComposeTestCheckFunc( 59 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 60 resource.TestCheckResourceAttr( 61 "azurerm_network_security_group.test", "tags.%", "2"), 62 resource.TestCheckResourceAttr( 63 "azurerm_network_security_group.test", "tags.environment", "Production"), 64 resource.TestCheckResourceAttr( 65 "azurerm_network_security_group.test", "tags.cost_center", "MSFT"), 66 ), 67 }, 68 69 { 70 Config: testAccAzureRMNetworkSecurityGroup_withTagsUpdate(rInt), 71 Check: resource.ComposeTestCheckFunc( 72 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 73 resource.TestCheckResourceAttr( 74 "azurerm_network_security_group.test", "tags.%", "1"), 75 resource.TestCheckResourceAttr( 76 "azurerm_network_security_group.test", "tags.environment", "staging"), 77 ), 78 }, 79 }, 80 }) 81 } 82 83 func TestAccAzureRMNetworkSecurityGroup_addingExtraRules(t *testing.T) { 84 rInt := acctest.RandInt() 85 resource.Test(t, resource.TestCase{ 86 PreCheck: func() { testAccPreCheck(t) }, 87 Providers: testAccProviders, 88 CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy, 89 Steps: []resource.TestStep{ 90 { 91 Config: testAccAzureRMNetworkSecurityGroup_basic(rInt), 92 Check: resource.ComposeTestCheckFunc( 93 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 94 resource.TestCheckResourceAttr( 95 "azurerm_network_security_group.test", "security_rule.#", "1"), 96 ), 97 }, 98 99 { 100 Config: testAccAzureRMNetworkSecurityGroup_anotherRule(rInt), 101 Check: resource.ComposeTestCheckFunc( 102 testCheckAzureRMNetworkSecurityGroupExists("azurerm_network_security_group.test"), 103 resource.TestCheckResourceAttr( 104 "azurerm_network_security_group.test", "security_rule.#", "2"), 105 ), 106 }, 107 }, 108 }) 109 } 110 111 func testCheckAzureRMNetworkSecurityGroupExists(name string) resource.TestCheckFunc { 112 return func(s *terraform.State) error { 113 114 rs, ok := s.RootModule().Resources[name] 115 if !ok { 116 return fmt.Errorf("Not found: %s", name) 117 } 118 119 sgName := rs.Primary.Attributes["name"] 120 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 121 if !hasResourceGroup { 122 return fmt.Errorf("Bad: no resource group found in state for network security group: %s", sgName) 123 } 124 125 conn := testAccProvider.Meta().(*ArmClient).secGroupClient 126 127 resp, err := conn.Get(resourceGroup, sgName, "") 128 if err != nil { 129 return fmt.Errorf("Bad: Get on secGroupClient: %s", err) 130 } 131 132 if resp.StatusCode == http.StatusNotFound { 133 return fmt.Errorf("Bad: Network Security Group %q (resource group: %q) does not exist", name, resourceGroup) 134 } 135 136 return nil 137 } 138 } 139 140 func testCheckAzureRMNetworkSecurityGroupDisappears(name string) resource.TestCheckFunc { 141 return func(s *terraform.State) error { 142 143 rs, ok := s.RootModule().Resources[name] 144 if !ok { 145 return fmt.Errorf("Not found: %s", name) 146 } 147 148 sgName := rs.Primary.Attributes["name"] 149 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 150 if !hasResourceGroup { 151 return fmt.Errorf("Bad: no resource group found in state for network security group: %s", sgName) 152 } 153 154 conn := testAccProvider.Meta().(*ArmClient).secGroupClient 155 156 _, error := conn.Delete(resourceGroup, sgName, make(chan struct{})) 157 err := <-error 158 if err != nil { 159 return fmt.Errorf("Bad: Delete on secGroupClient: %s", err) 160 } 161 162 return nil 163 } 164 } 165 166 func testCheckAzureRMNetworkSecurityGroupDestroy(s *terraform.State) error { 167 conn := testAccProvider.Meta().(*ArmClient).secGroupClient 168 169 for _, rs := range s.RootModule().Resources { 170 if rs.Type != "azurerm_network_security_group" { 171 continue 172 } 173 174 name := rs.Primary.Attributes["name"] 175 resourceGroup := rs.Primary.Attributes["resource_group_name"] 176 177 resp, err := conn.Get(resourceGroup, name, "") 178 179 if err != nil { 180 return nil 181 } 182 183 if resp.StatusCode != http.StatusNotFound { 184 return fmt.Errorf("Network Security Group still exists:\n%#v", resp.SecurityGroupPropertiesFormat) 185 } 186 } 187 188 return nil 189 } 190 191 func testAccAzureRMNetworkSecurityGroup_basic(rInt int) string { 192 return fmt.Sprintf(` 193 resource "azurerm_resource_group" "test" { 194 name = "acctestRG-%d" 195 location = "West US" 196 } 197 198 resource "azurerm_network_security_group" "test" { 199 name = "acceptanceTestSecurityGroup1" 200 location = "West US" 201 resource_group_name = "${azurerm_resource_group.test.name}" 202 203 security_rule { 204 name = "test123" 205 priority = 100 206 direction = "Inbound" 207 access = "Allow" 208 protocol = "TCP" 209 source_port_range = "*" 210 destination_port_range = "*" 211 source_address_prefix = "*" 212 destination_address_prefix = "*" 213 } 214 } 215 `, rInt) 216 } 217 218 func testAccAzureRMNetworkSecurityGroup_anotherRule(rInt int) string { 219 return fmt.Sprintf(` 220 resource "azurerm_resource_group" "test" { 221 name = "acctestRG-%d" 222 location = "West US" 223 } 224 225 resource "azurerm_network_security_group" "test" { 226 name = "acceptanceTestSecurityGroup1" 227 location = "West US" 228 resource_group_name = "${azurerm_resource_group.test.name}" 229 230 security_rule { 231 name = "test123" 232 priority = 100 233 direction = "Inbound" 234 access = "Allow" 235 protocol = "Tcp" 236 source_port_range = "*" 237 destination_port_range = "*" 238 source_address_prefix = "*" 239 destination_address_prefix = "*" 240 } 241 242 security_rule { 243 name = "testDeny" 244 priority = 101 245 direction = "Inbound" 246 access = "Deny" 247 protocol = "Udp" 248 source_port_range = "*" 249 destination_port_range = "*" 250 source_address_prefix = "*" 251 destination_address_prefix = "*" 252 } 253 } 254 `, rInt) 255 } 256 257 func testAccAzureRMNetworkSecurityGroup_withTags(rInt int) string { 258 return fmt.Sprintf(` 259 resource "azurerm_resource_group" "test" { 260 name = "acctestRG-%d" 261 location = "West US" 262 } 263 264 resource "azurerm_network_security_group" "test" { 265 name = "acceptanceTestSecurityGroup1" 266 location = "West US" 267 resource_group_name = "${azurerm_resource_group.test.name}" 268 269 security_rule { 270 name = "test123" 271 priority = 100 272 direction = "Inbound" 273 access = "Allow" 274 protocol = "Tcp" 275 source_port_range = "*" 276 destination_port_range = "*" 277 source_address_prefix = "*" 278 destination_address_prefix = "*" 279 } 280 281 282 tags { 283 environment = "Production" 284 cost_center = "MSFT" 285 } 286 } 287 `, rInt) 288 } 289 290 func testAccAzureRMNetworkSecurityGroup_withTagsUpdate(rInt int) string { 291 return fmt.Sprintf(` 292 resource "azurerm_resource_group" "test" { 293 name = "acctestRG-%d" 294 location = "West US" 295 } 296 297 resource "azurerm_network_security_group" "test" { 298 name = "acceptanceTestSecurityGroup1" 299 location = "West US" 300 resource_group_name = "${azurerm_resource_group.test.name}" 301 302 security_rule { 303 name = "test123" 304 priority = 100 305 direction = "Inbound" 306 access = "Allow" 307 protocol = "Tcp" 308 source_port_range = "*" 309 destination_port_range = "*" 310 source_address_prefix = "*" 311 destination_address_prefix = "*" 312 } 313 314 tags { 315 environment = "staging" 316 } 317 } 318 `, rInt) 319 }