github.com/leeprovoost/terraform@v0.6.10-0.20160119085442-96f3f76118e7/builtin/providers/aws/resource_aws_iam_group_membership_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/iam" 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 ) 13 14 func TestAccAWSGroupMembership_basic(t *testing.T) { 15 var group iam.GetGroupOutput 16 17 resource.Test(t, resource.TestCase{ 18 PreCheck: func() { testAccPreCheck(t) }, 19 Providers: testAccProviders, 20 CheckDestroy: testAccCheckAWSGroupMembershipDestroy, 21 Steps: []resource.TestStep{ 22 resource.TestStep{ 23 Config: testAccAWSGroupMemberConfig, 24 Check: resource.ComposeTestCheckFunc( 25 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 26 testAccCheckAWSGroupMembershipAttributes(&group, []string{"test-user"}), 27 ), 28 }, 29 30 resource.TestStep{ 31 Config: testAccAWSGroupMemberConfigUpdate, 32 Check: resource.ComposeTestCheckFunc( 33 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 34 testAccCheckAWSGroupMembershipAttributes(&group, []string{"test-user-two", "test-user-three"}), 35 ), 36 }, 37 38 resource.TestStep{ 39 Config: testAccAWSGroupMemberConfigUpdateDown, 40 Check: resource.ComposeTestCheckFunc( 41 testAccCheckAWSGroupMembershipExists("aws_iam_group_membership.team", &group), 42 testAccCheckAWSGroupMembershipAttributes(&group, []string{"test-user-three"}), 43 ), 44 }, 45 }, 46 }) 47 } 48 49 func testAccCheckAWSGroupMembershipDestroy(s *terraform.State) error { 50 conn := testAccProvider.Meta().(*AWSClient).iamconn 51 52 for _, rs := range s.RootModule().Resources { 53 if rs.Type != "aws_iam_group_membership" { 54 continue 55 } 56 57 group := rs.Primary.Attributes["group"] 58 59 _, err := conn.GetGroup(&iam.GetGroupInput{ 60 GroupName: aws.String(group), 61 }) 62 if err != nil { 63 // Verify the error is what we want 64 if ae, ok := err.(awserr.Error); ok && ae.Code() == "NoSuchEntity" { 65 continue 66 } 67 return err 68 } 69 70 return fmt.Errorf("still exists") 71 } 72 73 return nil 74 } 75 76 func testAccCheckAWSGroupMembershipExists(n string, g *iam.GetGroupOutput) resource.TestCheckFunc { 77 return func(s *terraform.State) error { 78 rs, ok := s.RootModule().Resources[n] 79 if !ok { 80 return fmt.Errorf("Not found: %s", n) 81 } 82 83 if rs.Primary.ID == "" { 84 return fmt.Errorf("No User name is set") 85 } 86 87 conn := testAccProvider.Meta().(*AWSClient).iamconn 88 gn := rs.Primary.Attributes["group"] 89 90 resp, err := conn.GetGroup(&iam.GetGroupInput{ 91 GroupName: aws.String(gn), 92 }) 93 94 if err != nil { 95 return fmt.Errorf("Error: Group (%s) not found", gn) 96 } 97 98 *g = *resp 99 100 return nil 101 } 102 } 103 104 func testAccCheckAWSGroupMembershipAttributes(group *iam.GetGroupOutput, users []string) resource.TestCheckFunc { 105 return func(s *terraform.State) error { 106 if *group.Group.GroupName != "test-group" { 107 return fmt.Errorf("Bad group membership: expected %s, got %s", "test-group", *group.Group.GroupName) 108 } 109 110 uc := len(users) 111 for _, u := range users { 112 for _, gu := range group.Users { 113 if u == *gu.UserName { 114 uc-- 115 } 116 } 117 } 118 119 if uc > 0 { 120 return fmt.Errorf("Bad group membership count, expected (%d), but only (%d) found", len(users), uc) 121 } 122 return nil 123 } 124 } 125 126 const testAccAWSGroupMemberConfig = ` 127 resource "aws_iam_group" "group" { 128 name = "test-group" 129 path = "/" 130 } 131 132 resource "aws_iam_user" "user" { 133 name = "test-user" 134 path = "/" 135 } 136 137 resource "aws_iam_group_membership" "team" { 138 name = "tf-testing-group-membership" 139 users = ["${aws_iam_user.user.name}"] 140 group = "${aws_iam_group.group.name}" 141 } 142 ` 143 144 const testAccAWSGroupMemberConfigUpdate = ` 145 resource "aws_iam_group" "group" { 146 name = "test-group" 147 path = "/" 148 } 149 150 resource "aws_iam_user" "user" { 151 name = "test-user" 152 path = "/" 153 } 154 155 resource "aws_iam_user" "user_two" { 156 name = "test-user-two" 157 path = "/" 158 } 159 160 resource "aws_iam_user" "user_three" { 161 name = "test-user-three" 162 path = "/" 163 } 164 165 resource "aws_iam_group_membership" "team" { 166 name = "tf-testing-group-membership" 167 users = [ 168 "${aws_iam_user.user_two.name}", 169 "${aws_iam_user.user_three.name}", 170 ] 171 group = "${aws_iam_group.group.name}" 172 } 173 ` 174 175 const testAccAWSGroupMemberConfigUpdateDown = ` 176 resource "aws_iam_group" "group" { 177 name = "test-group" 178 path = "/" 179 } 180 181 resource "aws_iam_user" "user_three" { 182 name = "test-user-three" 183 path = "/" 184 } 185 186 resource "aws_iam_group_membership" "team" { 187 name = "tf-testing-group-membership" 188 users = [ 189 "${aws_iam_user.user_three.name}", 190 ] 191 group = "${aws_iam_group.group.name}" 192 } 193 `