github.com/memsql/terraform@v0.7.0-rc2.0.20160706152241-21e2173e0a32/builtin/providers/aws/resource_aws_vpc_endpoint_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/ec2" 10 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 ) 14 15 func TestAccAWSVpcEndpoint_basic(t *testing.T) { 16 var endpoint ec2.VpcEndpoint 17 18 resource.Test(t, resource.TestCase{ 19 PreCheck: func() { testAccPreCheck(t) }, 20 IDRefreshName: "aws_vpc_endpoint.second-private-s3", 21 Providers: testAccProviders, 22 CheckDestroy: testAccCheckVpcEndpointDestroy, 23 Steps: []resource.TestStep{ 24 resource.TestStep{ 25 Config: testAccVpcEndpointWithRouteTableAndPolicyConfig, 26 Check: resource.ComposeTestCheckFunc( 27 testAccCheckVpcEndpointExists("aws_vpc_endpoint.second-private-s3", &endpoint), 28 ), 29 }, 30 }, 31 }) 32 } 33 34 func TestAccAWSVpcEndpoint_withRouteTableAndPolicy(t *testing.T) { 35 var endpoint ec2.VpcEndpoint 36 var routeTable ec2.RouteTable 37 38 resource.Test(t, resource.TestCase{ 39 PreCheck: func() { testAccPreCheck(t) }, 40 IDRefreshName: "aws_vpc_endpoint.second-private-s3", 41 Providers: testAccProviders, 42 CheckDestroy: testAccCheckVpcEndpointDestroy, 43 Steps: []resource.TestStep{ 44 resource.TestStep{ 45 Config: testAccVpcEndpointWithRouteTableAndPolicyConfig, 46 Check: resource.ComposeTestCheckFunc( 47 testAccCheckVpcEndpointExists("aws_vpc_endpoint.second-private-s3", &endpoint), 48 testAccCheckRouteTableExists("aws_route_table.default", &routeTable), 49 ), 50 }, 51 resource.TestStep{ 52 Config: testAccVpcEndpointWithRouteTableAndPolicyConfigModified, 53 Check: resource.ComposeTestCheckFunc( 54 testAccCheckVpcEndpointExists("aws_vpc_endpoint.second-private-s3", &endpoint), 55 testAccCheckRouteTableExists("aws_route_table.default", &routeTable), 56 ), 57 }, 58 }, 59 }) 60 } 61 62 func testAccCheckVpcEndpointDestroy(s *terraform.State) error { 63 conn := testAccProvider.Meta().(*AWSClient).ec2conn 64 65 for _, rs := range s.RootModule().Resources { 66 if rs.Type != "aws_vpc_endpoint" { 67 continue 68 } 69 70 // Try to find the VPC 71 input := &ec2.DescribeVpcEndpointsInput{ 72 VpcEndpointIds: []*string{aws.String(rs.Primary.ID)}, 73 } 74 resp, err := conn.DescribeVpcEndpoints(input) 75 if err != nil { 76 // Verify the error is what we want 77 if ae, ok := err.(awserr.Error); ok && ae.Code() == "InvalidVpcEndpointId.NotFound" { 78 continue 79 } 80 return err 81 } 82 if len(resp.VpcEndpoints) > 0 { 83 return fmt.Errorf("VPC Endpoints still exist.") 84 } 85 86 return err 87 } 88 89 return nil 90 } 91 92 func testAccCheckVpcEndpointExists(n string, endpoint *ec2.VpcEndpoint) resource.TestCheckFunc { 93 return func(s *terraform.State) error { 94 rs, ok := s.RootModule().Resources[n] 95 if !ok { 96 return fmt.Errorf("Not found: %s", n) 97 } 98 99 if rs.Primary.ID == "" { 100 return fmt.Errorf("No VPC Endpoint ID is set") 101 } 102 103 conn := testAccProvider.Meta().(*AWSClient).ec2conn 104 input := &ec2.DescribeVpcEndpointsInput{ 105 VpcEndpointIds: []*string{aws.String(rs.Primary.ID)}, 106 } 107 resp, err := conn.DescribeVpcEndpoints(input) 108 if err != nil { 109 return err 110 } 111 if len(resp.VpcEndpoints) == 0 { 112 return fmt.Errorf("VPC Endpoint not found") 113 } 114 115 *endpoint = *resp.VpcEndpoints[0] 116 117 return nil 118 } 119 } 120 121 const testAccVpcEndpointWithRouteTableAndPolicyConfig = ` 122 resource "aws_vpc" "foo" { 123 cidr_block = "10.0.0.0/16" 124 } 125 126 resource "aws_subnet" "foo" { 127 vpc_id = "${aws_vpc.foo.id}" 128 cidr_block = "10.0.1.0/24" 129 } 130 131 resource "aws_vpc_endpoint" "second-private-s3" { 132 vpc_id = "${aws_vpc.foo.id}" 133 service_name = "com.amazonaws.us-west-2.s3" 134 route_table_ids = ["${aws_route_table.default.id}"] 135 policy = <<POLICY 136 { 137 "Version": "2012-10-17", 138 "Statement": [ 139 { 140 "Sid":"AllowAll", 141 "Effect":"Allow", 142 "Principal":"*", 143 "Action":"*", 144 "Resource":"*" 145 } 146 ] 147 } 148 POLICY 149 } 150 151 resource "aws_route_table" "default" { 152 vpc_id = "${aws_vpc.foo.id}" 153 } 154 155 resource "aws_route_table_association" "main" { 156 subnet_id = "${aws_subnet.foo.id}" 157 route_table_id = "${aws_route_table.default.id}" 158 } 159 ` 160 161 const testAccVpcEndpointWithRouteTableAndPolicyConfigModified = ` 162 resource "aws_vpc" "foo" { 163 cidr_block = "10.0.0.0/16" 164 } 165 166 resource "aws_subnet" "foo" { 167 vpc_id = "${aws_vpc.foo.id}" 168 cidr_block = "10.0.1.0/24" 169 } 170 171 resource "aws_vpc_endpoint" "second-private-s3" { 172 vpc_id = "${aws_vpc.foo.id}" 173 service_name = "com.amazonaws.us-west-2.s3" 174 route_table_ids = ["${aws_route_table.default.id}"] 175 policy = <<POLICY 176 { 177 "Version": "2012-10-17", 178 "Statement": [ 179 { 180 "Sid":"AllowAll", 181 "Effect":"Allow", 182 "Principal":"*", 183 "Action":"*", 184 "Resource":"*" 185 } 186 ] 187 } 188 POLICY 189 } 190 191 resource "aws_internet_gateway" "gw" { 192 vpc_id = "${aws_vpc.foo.id}" 193 } 194 195 resource "aws_route_table" "default" { 196 vpc_id = "${aws_vpc.foo.id}" 197 198 route { 199 cidr_block = "0.0.0.0/0" 200 gateway_id = "${aws_internet_gateway.gw.id}" 201 } 202 } 203 204 resource "aws_route_table_association" "main" { 205 subnet_id = "${aws_subnet.foo.id}" 206 route_table_id = "${aws_route_table.default.id}" 207 } 208 `