github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/azurerm/resource_arm_network_security_rule_test.go (about) 1 package azurerm 2 3 import ( 4 "fmt" 5 "net/http" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/acctest" 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/terraform" 11 ) 12 13 func TestAccAzureRMNetworkSecurityRule_basic(t *testing.T) { 14 rInt := acctest.RandInt() 15 resource.Test(t, resource.TestCase{ 16 PreCheck: func() { testAccPreCheck(t) }, 17 Providers: testAccProviders, 18 CheckDestroy: testCheckAzureRMNetworkSecurityRuleDestroy, 19 Steps: []resource.TestStep{ 20 { 21 Config: testAccAzureRMNetworkSecurityRule_basic(rInt), 22 Check: resource.ComposeTestCheckFunc( 23 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test"), 24 ), 25 }, 26 }, 27 }) 28 } 29 30 func TestAccAzureRMNetworkSecurityRule_disappears(t *testing.T) { 31 rInt := acctest.RandInt() 32 33 resource.Test(t, resource.TestCase{ 34 PreCheck: func() { testAccPreCheck(t) }, 35 Providers: testAccProviders, 36 CheckDestroy: testCheckAzureRMNetworkSecurityRuleDestroy, 37 Steps: []resource.TestStep{ 38 { 39 Config: testAccAzureRMNetworkSecurityRule_basic(rInt), 40 Check: resource.ComposeTestCheckFunc( 41 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test"), 42 testCheckAzureRMNetworkSecurityRuleDisappears("azurerm_network_security_rule.test"), 43 ), 44 ExpectNonEmptyPlan: true, 45 }, 46 }, 47 }) 48 } 49 50 func TestAccAzureRMNetworkSecurityRule_addingRules(t *testing.T) { 51 rInt := acctest.RandInt() 52 53 resource.Test(t, resource.TestCase{ 54 PreCheck: func() { testAccPreCheck(t) }, 55 Providers: testAccProviders, 56 CheckDestroy: testCheckAzureRMNetworkSecurityRuleDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAzureRMNetworkSecurityRule_updateBasic(rInt), 60 Check: resource.ComposeTestCheckFunc( 61 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test1"), 62 ), 63 }, 64 65 { 66 Config: testAccAzureRMNetworkSecurityRule_updateExtraRule(rInt), 67 Check: resource.ComposeTestCheckFunc( 68 testCheckAzureRMNetworkSecurityRuleExists("azurerm_network_security_rule.test2"), 69 ), 70 }, 71 }, 72 }) 73 } 74 75 func testCheckAzureRMNetworkSecurityRuleExists(name string) resource.TestCheckFunc { 76 return func(s *terraform.State) error { 77 78 rs, ok := s.RootModule().Resources[name] 79 if !ok { 80 return fmt.Errorf("Not found: %s", name) 81 } 82 83 sgName := rs.Primary.Attributes["network_security_group_name"] 84 sgrName := rs.Primary.Attributes["name"] 85 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 86 if !hasResourceGroup { 87 return fmt.Errorf("Bad: no resource group found in state for network security rule: %s", sgName) 88 } 89 90 conn := testAccProvider.Meta().(*ArmClient).secRuleClient 91 92 resp, err := conn.Get(resourceGroup, sgName, sgrName) 93 if err != nil { 94 return fmt.Errorf("Bad: Get on secRuleClient: %s", err) 95 } 96 97 if resp.StatusCode == http.StatusNotFound { 98 return fmt.Errorf("Bad: Network Security Rule %q (resource group: %q) (network security group: %q) does not exist", sgrName, sgName, resourceGroup) 99 } 100 101 return nil 102 } 103 } 104 105 func testCheckAzureRMNetworkSecurityRuleDisappears(name string) resource.TestCheckFunc { 106 return func(s *terraform.State) error { 107 108 rs, ok := s.RootModule().Resources[name] 109 if !ok { 110 return fmt.Errorf("Not found: %s", name) 111 } 112 113 sgName := rs.Primary.Attributes["network_security_group_name"] 114 sgrName := rs.Primary.Attributes["name"] 115 resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] 116 if !hasResourceGroup { 117 return fmt.Errorf("Bad: no resource group found in state for network security rule: %s", sgName) 118 } 119 120 conn := testAccProvider.Meta().(*ArmClient).secRuleClient 121 122 _, error := conn.Delete(resourceGroup, sgName, sgrName, make(chan struct{})) 123 err := <-error 124 if err != nil { 125 return fmt.Errorf("Bad: Delete on secRuleClient: %s", err) 126 } 127 128 return nil 129 } 130 } 131 132 func testCheckAzureRMNetworkSecurityRuleDestroy(s *terraform.State) error { 133 conn := testAccProvider.Meta().(*ArmClient).secRuleClient 134 135 for _, rs := range s.RootModule().Resources { 136 137 if rs.Type != "azurerm_network_security_rule" { 138 continue 139 } 140 141 sgName := rs.Primary.Attributes["network_security_group_name"] 142 sgrName := rs.Primary.Attributes["name"] 143 resourceGroup := rs.Primary.Attributes["resource_group_name"] 144 145 resp, err := conn.Get(resourceGroup, sgName, sgrName) 146 147 if err != nil { 148 return nil 149 } 150 151 if resp.StatusCode != http.StatusNotFound { 152 return fmt.Errorf("Network Security Rule still exists:\n%#v", resp.SecurityRulePropertiesFormat) 153 } 154 } 155 156 return nil 157 } 158 159 func testAccAzureRMNetworkSecurityRule_basic(rInt int) string { 160 return fmt.Sprintf(` 161 resource "azurerm_resource_group" "test" { 162 name = "acctestRG-%d" 163 location = "West US" 164 } 165 166 resource "azurerm_network_security_group" "test" { 167 name = "acceptanceTestSecurityGroup1" 168 location = "West US" 169 resource_group_name = "${azurerm_resource_group.test.name}" 170 } 171 172 resource "azurerm_network_security_rule" "test" { 173 name = "test123" 174 priority = 100 175 direction = "Outbound" 176 access = "Allow" 177 protocol = "Tcp" 178 source_port_range = "*" 179 destination_port_range = "*" 180 source_address_prefix = "*" 181 destination_address_prefix = "*" 182 resource_group_name = "${azurerm_resource_group.test.name}" 183 network_security_group_name = "${azurerm_network_security_group.test.name}" 184 } 185 `, rInt) 186 } 187 188 func testAccAzureRMNetworkSecurityRule_updateBasic(rInt int) string { 189 return fmt.Sprintf(` 190 resource "azurerm_resource_group" "test1" { 191 name = "acctestRG-%d" 192 location = "West US" 193 } 194 195 resource "azurerm_network_security_group" "test1" { 196 name = "acceptanceTestSecurityGroup2" 197 location = "West US" 198 resource_group_name = "${azurerm_resource_group.test1.name}" 199 } 200 201 resource "azurerm_network_security_rule" "test1" { 202 name = "test123" 203 priority = 100 204 direction = "Outbound" 205 access = "Allow" 206 protocol = "Tcp" 207 source_port_range = "*" 208 destination_port_range = "*" 209 source_address_prefix = "*" 210 destination_address_prefix = "*" 211 resource_group_name = "${azurerm_resource_group.test1.name}" 212 network_security_group_name = "${azurerm_network_security_group.test1.name}" 213 } 214 `, rInt) 215 } 216 217 func testAccAzureRMNetworkSecurityRule_updateExtraRule(rInt int) string { 218 return fmt.Sprintf(` 219 resource "azurerm_resource_group" "test1" { 220 name = "acctestRG-%d" 221 location = "West US" 222 } 223 224 resource "azurerm_network_security_group" "test1" { 225 name = "acceptanceTestSecurityGroup2" 226 location = "West US" 227 resource_group_name = "${azurerm_resource_group.test1.name}" 228 } 229 230 resource "azurerm_network_security_rule" "test1" { 231 name = "test123" 232 priority = 100 233 direction = "Outbound" 234 access = "Allow" 235 protocol = "Tcp" 236 source_port_range = "*" 237 destination_port_range = "*" 238 source_address_prefix = "*" 239 destination_address_prefix = "*" 240 resource_group_name = "${azurerm_resource_group.test1.name}" 241 network_security_group_name = "${azurerm_network_security_group.test1.name}" 242 } 243 244 resource "azurerm_network_security_rule" "test2" { 245 name = "testing456" 246 priority = 101 247 direction = "Inbound" 248 access = "Deny" 249 protocol = "Tcp" 250 source_port_range = "*" 251 destination_port_range = "*" 252 source_address_prefix = "*" 253 destination_address_prefix = "*" 254 resource_group_name = "${azurerm_resource_group.test1.name}" 255 network_security_group_name = "${azurerm_network_security_group.test1.name}" 256 } 257 `, rInt) 258 }