github.com/kwoods/terraform@v0.6.11-0.20160809170336-13497db7138e/builtin/providers/aws/resource_aws_iam_group_membership_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "strings" 6 "testing" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/aws/awserr" 10 "github.com/aws/aws-sdk-go/service/iam" 11 "github.com/hashicorp/terraform/helper/acctest" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestAccAWSGroupMembership_basic(t *testing.T) { 17 var group iam.GetGroupOutput 18 19 rString := acctest.RandStringFromCharSet(10, acctest.CharSetAlpha) 20 configBase := fmt.Sprintf(testAccAWSGroupMemberConfig, rString, rString, rString) 21 configUpdate := fmt.Sprintf(testAccAWSGroupMemberConfigUpdate, rString, rString, rString, rString, rString) 22 configUpdateDown := fmt.Sprintf(testAccAWSGroupMemberConfigUpdateDown, rString, rString, rString) 23 24 testUser := fmt.Sprintf("test-user-%s", rString) 25 testUserTwo := fmt.Sprintf("test-user-two-%s", rString) 26 testUserThree := fmt.Sprintf("test-user-three-%s", rString) 27 28 resource.Test(t, resource.TestCase{ 29 PreCheck: func() { testAccPreCheck(t) }, 30 Providers: testAccProviders, 31 CheckDestroy: testAccCheckAWSGroupMembershipDestroy, 32 Steps: []resource.TestStep{ 33 resource.TestStep{ 34 Config: configBase, 35 Check: resource.ComposeTestCheckFunc( 36 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 37 testAccCheckAWSGroupMembershipAttributes(&group, []string{testUser}), 38 ), 39 }, 40 41 resource.TestStep{ 42 Config: configUpdate, 43 Check: resource.ComposeTestCheckFunc( 44 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 45 testAccCheckAWSGroupMembershipAttributes(&group, []string{testUserTwo, testUserThree}), 46 ), 47 }, 48 49 resource.TestStep{ 50 Config: configUpdateDown, 51 Check: resource.ComposeTestCheckFunc( 52 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 53 testAccCheckAWSGroupMembershipAttributes(&group, []string{testUserThree}), 54 ), 55 }, 56 }, 57 }) 58 } 59 60 func TestAccAWSGroupMembership_paginatedUserList(t *testing.T) { 61 var group iam.GetGroupOutput 62 63 resource.Test(t, resource.TestCase{ 64 PreCheck: func() { testAccPreCheck(t) }, 65 Providers: testAccProviders, 66 CheckDestroy: testAccCheckAWSGroupMembershipDestroy, 67 Steps: []resource.TestStep{ 68 resource.TestStep{ 69 Config: testAccAWSGroupMemberConfigPaginatedUserList, 70 Check: resource.ComposeTestCheckFunc( 71 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 72 resource.TestCheckResourceAttr( 73 "aws_iam_group_membership.team", "users.#", "101"), 74 ), 75 }, 76 }, 77 }) 78 } 79 80 func testAccCheckAWSGroupMembershipDestroy(s *terraform.State) error { 81 conn := testAccProvider.Meta().(*AWSClient).iamconn 82 83 for _, rs := range s.RootModule().Resources { 84 if rs.Type != "aws_iam_group_membership" { 85 continue 86 } 87 88 group := rs.Primary.Attributes["group"] 89 90 _, err := conn.GetGroup(&iam.GetGroupInput{ 91 GroupName: aws.String(group), 92 }) 93 if err != nil { 94 // Verify the error is what we want 95 if ae, ok := err.(awserr.Error); ok && ae.Code() == "NoSuchEntity" { 96 continue 97 } 98 return err 99 } 100 101 return fmt.Errorf("still exists") 102 } 103 104 return nil 105 } 106 107 func testAccCheckAWSGroupMembershipExists(n string, g *iam.GetGroupOutput) resource.TestCheckFunc { 108 return func(s *terraform.State) error { 109 rs, ok := s.RootModule().Resources[n] 110 if !ok { 111 return fmt.Errorf("Not found: %s", n) 112 } 113 114 if rs.Primary.ID == "" { 115 return fmt.Errorf("No User name is set") 116 } 117 118 conn := testAccProvider.Meta().(*AWSClient).iamconn 119 gn := rs.Primary.Attributes["group"] 120 121 resp, err := conn.GetGroup(&iam.GetGroupInput{ 122 GroupName: aws.String(gn), 123 }) 124 125 if err != nil { 126 return fmt.Errorf("Error: Group (%s) not found", gn) 127 } 128 129 *g = *resp 130 131 return nil 132 } 133 } 134 135 func testAccCheckAWSGroupMembershipAttributes(group *iam.GetGroupOutput, users []string) resource.TestCheckFunc { 136 return func(s *terraform.State) error { 137 if !strings.Contains(*group.Group.GroupName, "test-group") { 138 return fmt.Errorf("Bad group membership: expected %s, got %s", "test-group", *group.Group.GroupName) 139 } 140 141 uc := len(users) 142 for _, u := range users { 143 for _, gu := range group.Users { 144 if u == *gu.UserName { 145 uc-- 146 } 147 } 148 } 149 150 if uc > 0 { 151 return fmt.Errorf("Bad group membership count, expected (%d), but only (%d) found", len(users), uc) 152 } 153 return nil 154 } 155 } 156 157 const testAccAWSGroupMemberConfig = ` 158 resource "aws_iam_group" "group" { 159 name = "test-group-%s" 160 path = "/" 161 } 162 163 resource "aws_iam_user" "user" { 164 name = "test-user-%s" 165 path = "/" 166 } 167 168 resource "aws_iam_group_membership" "team" { 169 name = "tf-testing-group-membership-%s" 170 users = ["${aws_iam_user.user.name}"] 171 group = "${aws_iam_group.group.name}" 172 } 173 ` 174 175 const testAccAWSGroupMemberConfigUpdate = ` 176 resource "aws_iam_group" "group" { 177 name = "test-group-%s" 178 path = "/" 179 } 180 181 resource "aws_iam_user" "user" { 182 name = "test-user-%s" 183 path = "/" 184 } 185 186 resource "aws_iam_user" "user_two" { 187 name = "test-user-two-%s" 188 path = "/" 189 } 190 191 resource "aws_iam_user" "user_three" { 192 name = "test-user-three-%s" 193 path = "/" 194 } 195 196 resource "aws_iam_group_membership" "team" { 197 name = "tf-testing-group-membership-%s" 198 users = [ 199 "${aws_iam_user.user_two.name}", 200 "${aws_iam_user.user_three.name}", 201 ] 202 group = "${aws_iam_group.group.name}" 203 } 204 ` 205 206 const testAccAWSGroupMemberConfigUpdateDown = ` 207 resource "aws_iam_group" "group" { 208 name = "test-group-%s" 209 path = "/" 210 } 211 212 resource "aws_iam_user" "user_three" { 213 name = "test-user-three-%s" 214 path = "/" 215 } 216 217 resource "aws_iam_group_membership" "team" { 218 name = "tf-testing-group-membership-%s" 219 users = [ 220 "${aws_iam_user.user_three.name}", 221 ] 222 group = "${aws_iam_group.group.name}" 223 } 224 ` 225 226 const testAccAWSGroupMemberConfigPaginatedUserList = ` 227 resource "aws_iam_group" "group" { 228 name = "test-paginated-group" 229 path = "/" 230 } 231 232 resource "aws_iam_group_membership" "team" { 233 name = "tf-testing-paginated-group-membership" 234 users = ["${aws_iam_user.user.*.name}"] 235 group = "${aws_iam_group.group.name}" 236 } 237 238 resource "aws_iam_user" "user" { 239 count = 101 240 name = "${format("paged-test-user-%d", count.index + 1)}" 241 path = "/" 242 } 243 `