github.com/meteor/terraform@v0.6.15-0.20210412225145-79ec4bc057c6/builtin/providers/aws/resource_aws_instance_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "reflect" 6 "regexp" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awserr" 11 "github.com/aws/aws-sdk-go/service/ec2" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/helper/schema" 15 "github.com/hashicorp/terraform/terraform" 16 ) 17 18 func TestAccAWSInstance_basic(t *testing.T) { 19 var v ec2.Instance 20 var vol *ec2.Volume 21 22 testCheck := func(*terraform.State) error { 23 if *v.Placement.AvailabilityZone != "us-west-2a" { 24 return fmt.Errorf("bad availability zone: %#v", *v.Placement.AvailabilityZone) 25 } 26 27 if len(v.SecurityGroups) == 0 { 28 return fmt.Errorf("no security groups: %#v", v.SecurityGroups) 29 } 30 if *v.SecurityGroups[0].GroupName != "tf_test_foo" { 31 return fmt.Errorf("no security groups: %#v", v.SecurityGroups) 32 } 33 34 return nil 35 } 36 37 resource.Test(t, resource.TestCase{ 38 PreCheck: func() { testAccPreCheck(t) }, 39 40 // We ignore security groups because even with EC2 classic 41 // we'll import as VPC security groups, which is fine. We verify 42 // VPC security group import in other tests 43 IDRefreshName: "aws_instance.foo", 44 IDRefreshIgnore: []string{"security_groups", "vpc_security_group_ids"}, 45 46 Providers: testAccProviders, 47 CheckDestroy: testAccCheckInstanceDestroy, 48 Steps: []resource.TestStep{ 49 // Create a volume to cover #1249 50 { 51 // Need a resource in this config so the provisioner will be available 52 Config: testAccInstanceConfig_pre, 53 Check: func(*terraform.State) error { 54 conn := testAccProvider.Meta().(*AWSClient).ec2conn 55 var err error 56 vol, err = conn.CreateVolume(&ec2.CreateVolumeInput{ 57 AvailabilityZone: aws.String("us-west-2a"), 58 Size: aws.Int64(int64(5)), 59 }) 60 return err 61 }, 62 }, 63 64 { 65 Config: testAccInstanceConfig, 66 Check: resource.ComposeTestCheckFunc( 67 testAccCheckInstanceExists( 68 "aws_instance.foo", &v), 69 testCheck, 70 resource.TestCheckResourceAttr( 71 "aws_instance.foo", 72 "user_data", 73 "3dc39dda39be1205215e776bad998da361a5955d"), 74 resource.TestCheckResourceAttr( 75 "aws_instance.foo", "ebs_block_device.#", "0"), 76 ), 77 }, 78 79 // We repeat the exact same test so that we can be sure 80 // that the user data hash stuff is working without generating 81 // an incorrect diff. 82 { 83 Config: testAccInstanceConfig, 84 Check: resource.ComposeTestCheckFunc( 85 testAccCheckInstanceExists( 86 "aws_instance.foo", &v), 87 testCheck, 88 resource.TestCheckResourceAttr( 89 "aws_instance.foo", 90 "user_data", 91 "3dc39dda39be1205215e776bad998da361a5955d"), 92 resource.TestCheckResourceAttr( 93 "aws_instance.foo", "ebs_block_device.#", "0"), 94 ), 95 }, 96 97 // Clean up volume created above 98 { 99 Config: testAccInstanceConfig, 100 Check: func(*terraform.State) error { 101 conn := testAccProvider.Meta().(*AWSClient).ec2conn 102 _, err := conn.DeleteVolume(&ec2.DeleteVolumeInput{VolumeId: vol.VolumeId}) 103 return err 104 }, 105 }, 106 }, 107 }) 108 } 109 110 func TestAccAWSInstance_GP2IopsDevice(t *testing.T) { 111 var v ec2.Instance 112 113 testCheck := func() resource.TestCheckFunc { 114 return func(*terraform.State) error { 115 116 // Map out the block devices by name, which should be unique. 117 blockDevices := make(map[string]*ec2.InstanceBlockDeviceMapping) 118 for _, blockDevice := range v.BlockDeviceMappings { 119 blockDevices[*blockDevice.DeviceName] = blockDevice 120 } 121 122 // Check if the root block device exists. 123 if _, ok := blockDevices["/dev/sda1"]; !ok { 124 return fmt.Errorf("block device doesn't exist: /dev/sda1") 125 } 126 127 return nil 128 } 129 } 130 131 resource.Test(t, resource.TestCase{ 132 PreCheck: func() { testAccPreCheck(t) }, 133 IDRefreshName: "aws_instance.foo", 134 IDRefreshIgnore: []string{ 135 "ephemeral_block_device", "user_data", "security_groups", "vpc_security_groups"}, 136 Providers: testAccProviders, 137 CheckDestroy: testAccCheckInstanceDestroy, 138 Steps: []resource.TestStep{ 139 { 140 Config: testAccInstanceGP2IopsDevice, 141 //Config: testAccInstanceConfigBlockDevices, 142 Check: resource.ComposeTestCheckFunc( 143 testAccCheckInstanceExists( 144 "aws_instance.foo", &v), 145 resource.TestCheckResourceAttr( 146 "aws_instance.foo", "root_block_device.#", "1"), 147 resource.TestCheckResourceAttr( 148 "aws_instance.foo", "root_block_device.0.volume_size", "11"), 149 resource.TestCheckResourceAttr( 150 "aws_instance.foo", "root_block_device.0.volume_type", "gp2"), 151 resource.TestCheckResourceAttr( 152 "aws_instance.foo", "root_block_device.0.iops", "100"), 153 testCheck(), 154 ), 155 }, 156 }, 157 }) 158 } 159 160 func TestAccAWSInstance_blockDevices(t *testing.T) { 161 var v ec2.Instance 162 163 testCheck := func() resource.TestCheckFunc { 164 return func(*terraform.State) error { 165 166 // Map out the block devices by name, which should be unique. 167 blockDevices := make(map[string]*ec2.InstanceBlockDeviceMapping) 168 for _, blockDevice := range v.BlockDeviceMappings { 169 blockDevices[*blockDevice.DeviceName] = blockDevice 170 } 171 172 // Check if the root block device exists. 173 if _, ok := blockDevices["/dev/sda1"]; !ok { 174 return fmt.Errorf("block device doesn't exist: /dev/sda1") 175 } 176 177 // Check if the secondary block device exists. 178 if _, ok := blockDevices["/dev/sdb"]; !ok { 179 return fmt.Errorf("block device doesn't exist: /dev/sdb") 180 } 181 182 // Check if the third block device exists. 183 if _, ok := blockDevices["/dev/sdc"]; !ok { 184 return fmt.Errorf("block device doesn't exist: /dev/sdc") 185 } 186 187 // Check if the encrypted block device exists 188 if _, ok := blockDevices["/dev/sdd"]; !ok { 189 return fmt.Errorf("block device doesn't exist: /dev/sdd") 190 } 191 192 return nil 193 } 194 } 195 196 resource.Test(t, resource.TestCase{ 197 PreCheck: func() { testAccPreCheck(t) }, 198 IDRefreshName: "aws_instance.foo", 199 IDRefreshIgnore: []string{ 200 "ephemeral_block_device", "security_groups", "vpc_security_groups"}, 201 Providers: testAccProviders, 202 CheckDestroy: testAccCheckInstanceDestroy, 203 Steps: []resource.TestStep{ 204 { 205 Config: testAccInstanceConfigBlockDevices, 206 Check: resource.ComposeTestCheckFunc( 207 testAccCheckInstanceExists( 208 "aws_instance.foo", &v), 209 resource.TestCheckResourceAttr( 210 "aws_instance.foo", "root_block_device.#", "1"), 211 resource.TestCheckResourceAttr( 212 "aws_instance.foo", "root_block_device.0.volume_size", "11"), 213 resource.TestCheckResourceAttr( 214 "aws_instance.foo", "root_block_device.0.volume_type", "gp2"), 215 resource.TestCheckResourceAttr( 216 "aws_instance.foo", "ebs_block_device.#", "3"), 217 resource.TestCheckResourceAttr( 218 "aws_instance.foo", "ebs_block_device.2576023345.device_name", "/dev/sdb"), 219 resource.TestCheckResourceAttr( 220 "aws_instance.foo", "ebs_block_device.2576023345.volume_size", "9"), 221 resource.TestCheckResourceAttr( 222 "aws_instance.foo", "ebs_block_device.2576023345.volume_type", "standard"), 223 resource.TestCheckResourceAttr( 224 "aws_instance.foo", "ebs_block_device.2554893574.device_name", "/dev/sdc"), 225 resource.TestCheckResourceAttr( 226 "aws_instance.foo", "ebs_block_device.2554893574.volume_size", "10"), 227 resource.TestCheckResourceAttr( 228 "aws_instance.foo", "ebs_block_device.2554893574.volume_type", "io1"), 229 resource.TestCheckResourceAttr( 230 "aws_instance.foo", "ebs_block_device.2554893574.iops", "100"), 231 resource.TestCheckResourceAttr( 232 "aws_instance.foo", "ebs_block_device.2634515331.device_name", "/dev/sdd"), 233 resource.TestCheckResourceAttr( 234 "aws_instance.foo", "ebs_block_device.2634515331.encrypted", "true"), 235 resource.TestCheckResourceAttr( 236 "aws_instance.foo", "ebs_block_device.2634515331.volume_size", "12"), 237 resource.TestCheckResourceAttr( 238 "aws_instance.foo", "ephemeral_block_device.#", "1"), 239 resource.TestCheckResourceAttr( 240 "aws_instance.foo", "ephemeral_block_device.1692014856.device_name", "/dev/sde"), 241 resource.TestCheckResourceAttr( 242 "aws_instance.foo", "ephemeral_block_device.1692014856.virtual_name", "ephemeral0"), 243 testCheck(), 244 ), 245 }, 246 }, 247 }) 248 } 249 250 func TestAccAWSInstance_rootInstanceStore(t *testing.T) { 251 var v ec2.Instance 252 253 resource.Test(t, resource.TestCase{ 254 PreCheck: func() { testAccPreCheck(t) }, 255 IDRefreshName: "aws_instance.foo", 256 Providers: testAccProviders, 257 CheckDestroy: testAccCheckInstanceDestroy, 258 Steps: []resource.TestStep{ 259 { 260 Config: ` 261 resource "aws_instance" "foo" { 262 # us-west-2 263 # Amazon Linux HVM Instance Store 64-bit (2016.09.0) 264 # https://aws.amazon.com/amazon-linux-ami 265 ami = "ami-44c36524" 266 267 # Only certain instance types support ephemeral root instance stores. 268 # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html 269 instance_type = "m3.medium" 270 }`, 271 Check: resource.ComposeTestCheckFunc( 272 testAccCheckInstanceExists( 273 "aws_instance.foo", &v), 274 resource.TestCheckResourceAttr( 275 "aws_instance.foo", "ami", "ami-44c36524"), 276 resource.TestCheckResourceAttr( 277 "aws_instance.foo", "ebs_block_device.#", "0"), 278 resource.TestCheckResourceAttr( 279 "aws_instance.foo", "ebs_optimized", "false"), 280 resource.TestCheckResourceAttr( 281 "aws_instance.foo", "instance_type", "m3.medium"), 282 resource.TestCheckResourceAttr( 283 "aws_instance.foo", "root_block_device.#", "0"), 284 ), 285 }, 286 }, 287 }) 288 } 289 290 func TestAcctABSInstance_noAMIEphemeralDevices(t *testing.T) { 291 var v ec2.Instance 292 293 testCheck := func() resource.TestCheckFunc { 294 return func(*terraform.State) error { 295 296 // Map out the block devices by name, which should be unique. 297 blockDevices := make(map[string]*ec2.InstanceBlockDeviceMapping) 298 for _, blockDevice := range v.BlockDeviceMappings { 299 blockDevices[*blockDevice.DeviceName] = blockDevice 300 } 301 302 // Check if the root block device exists. 303 if _, ok := blockDevices["/dev/sda1"]; !ok { 304 return fmt.Errorf("block device doesn't exist: /dev/sda1") 305 } 306 307 // Check if the secondary block not exists. 308 if _, ok := blockDevices["/dev/sdb"]; ok { 309 return fmt.Errorf("block device exist: /dev/sdb") 310 } 311 312 // Check if the third block device not exists. 313 if _, ok := blockDevices["/dev/sdc"]; ok { 314 return fmt.Errorf("block device exist: /dev/sdc") 315 } 316 return nil 317 } 318 } 319 320 resource.Test(t, resource.TestCase{ 321 PreCheck: func() { testAccPreCheck(t) }, 322 IDRefreshName: "aws_instance.foo", 323 IDRefreshIgnore: []string{ 324 "ephemeral_block_device", "security_groups", "vpc_security_groups"}, 325 Providers: testAccProviders, 326 CheckDestroy: testAccCheckInstanceDestroy, 327 Steps: []resource.TestStep{ 328 { 329 Config: ` 330 resource "aws_instance" "foo" { 331 # us-west-2 332 ami = "ami-01f05461" // This AMI (Ubuntu) contains two ephemerals 333 334 instance_type = "c3.large" 335 336 root_block_device { 337 volume_type = "gp2" 338 volume_size = 11 339 } 340 ephemeral_block_device { 341 device_name = "/dev/sdb" 342 no_device = true 343 } 344 ephemeral_block_device { 345 device_name = "/dev/sdc" 346 no_device = true 347 } 348 }`, 349 Check: resource.ComposeTestCheckFunc( 350 testAccCheckInstanceExists( 351 "aws_instance.foo", &v), 352 resource.TestCheckResourceAttr( 353 "aws_instance.foo", "ami", "ami-01f05461"), 354 resource.TestCheckResourceAttr( 355 "aws_instance.foo", "ebs_optimized", "false"), 356 resource.TestCheckResourceAttr( 357 "aws_instance.foo", "instance_type", "c3.large"), 358 resource.TestCheckResourceAttr( 359 "aws_instance.foo", "root_block_device.#", "1"), 360 resource.TestCheckResourceAttr( 361 "aws_instance.foo", "root_block_device.0.volume_size", "11"), 362 resource.TestCheckResourceAttr( 363 "aws_instance.foo", "root_block_device.0.volume_type", "gp2"), 364 resource.TestCheckResourceAttr( 365 "aws_instance.foo", "ebs_block_device.#", "0"), 366 resource.TestCheckResourceAttr( 367 "aws_instance.foo", "ephemeral_block_device.#", "2"), 368 resource.TestCheckResourceAttr( 369 "aws_instance.foo", "ephemeral_block_device.172787947.device_name", "/dev/sdb"), 370 resource.TestCheckResourceAttr( 371 "aws_instance.foo", "ephemeral_block_device.172787947.no_device", "true"), 372 resource.TestCheckResourceAttr( 373 "aws_instance.foo", "ephemeral_block_device.3336996981.device_name", "/dev/sdc"), 374 resource.TestCheckResourceAttr( 375 "aws_instance.foo", "ephemeral_block_device.3336996981.no_device", "true"), 376 testCheck(), 377 ), 378 }, 379 }, 380 }) 381 } 382 383 func TestAccAWSInstance_sourceDestCheck(t *testing.T) { 384 var v ec2.Instance 385 386 testCheck := func(enabled bool) resource.TestCheckFunc { 387 return func(*terraform.State) error { 388 if v.SourceDestCheck == nil { 389 return fmt.Errorf("bad source_dest_check: got nil") 390 } 391 if *v.SourceDestCheck != enabled { 392 return fmt.Errorf("bad source_dest_check: %#v", *v.SourceDestCheck) 393 } 394 395 return nil 396 } 397 } 398 399 resource.Test(t, resource.TestCase{ 400 PreCheck: func() { testAccPreCheck(t) }, 401 IDRefreshName: "aws_instance.foo", 402 Providers: testAccProviders, 403 CheckDestroy: testAccCheckInstanceDestroy, 404 Steps: []resource.TestStep{ 405 { 406 Config: testAccInstanceConfigSourceDestDisable, 407 Check: resource.ComposeTestCheckFunc( 408 testAccCheckInstanceExists("aws_instance.foo", &v), 409 testCheck(false), 410 ), 411 }, 412 413 { 414 Config: testAccInstanceConfigSourceDestEnable, 415 Check: resource.ComposeTestCheckFunc( 416 testAccCheckInstanceExists("aws_instance.foo", &v), 417 testCheck(true), 418 ), 419 }, 420 421 { 422 Config: testAccInstanceConfigSourceDestDisable, 423 Check: resource.ComposeTestCheckFunc( 424 testAccCheckInstanceExists("aws_instance.foo", &v), 425 testCheck(false), 426 ), 427 }, 428 }, 429 }) 430 } 431 432 func TestAccAWSInstance_disableApiTermination(t *testing.T) { 433 var v ec2.Instance 434 435 checkDisableApiTermination := func(expected bool) resource.TestCheckFunc { 436 return func(*terraform.State) error { 437 conn := testAccProvider.Meta().(*AWSClient).ec2conn 438 r, err := conn.DescribeInstanceAttribute(&ec2.DescribeInstanceAttributeInput{ 439 InstanceId: v.InstanceId, 440 Attribute: aws.String("disableApiTermination"), 441 }) 442 if err != nil { 443 return err 444 } 445 got := *r.DisableApiTermination.Value 446 if got != expected { 447 return fmt.Errorf("expected: %t, got: %t", expected, got) 448 } 449 return nil 450 } 451 } 452 453 resource.Test(t, resource.TestCase{ 454 PreCheck: func() { testAccPreCheck(t) }, 455 IDRefreshName: "aws_instance.foo", 456 Providers: testAccProviders, 457 CheckDestroy: testAccCheckInstanceDestroy, 458 Steps: []resource.TestStep{ 459 { 460 Config: testAccInstanceConfigDisableAPITermination(true), 461 Check: resource.ComposeTestCheckFunc( 462 testAccCheckInstanceExists("aws_instance.foo", &v), 463 checkDisableApiTermination(true), 464 ), 465 }, 466 467 { 468 Config: testAccInstanceConfigDisableAPITermination(false), 469 Check: resource.ComposeTestCheckFunc( 470 testAccCheckInstanceExists("aws_instance.foo", &v), 471 checkDisableApiTermination(false), 472 ), 473 }, 474 }, 475 }) 476 } 477 478 func TestAccAWSInstance_vpc(t *testing.T) { 479 var v ec2.Instance 480 481 resource.Test(t, resource.TestCase{ 482 PreCheck: func() { testAccPreCheck(t) }, 483 IDRefreshName: "aws_instance.foo", 484 IDRefreshIgnore: []string{"associate_public_ip_address"}, 485 Providers: testAccProviders, 486 CheckDestroy: testAccCheckInstanceDestroy, 487 Steps: []resource.TestStep{ 488 { 489 Config: testAccInstanceConfigVPC, 490 Check: resource.ComposeTestCheckFunc( 491 testAccCheckInstanceExists( 492 "aws_instance.foo", &v), 493 resource.TestCheckResourceAttr( 494 "aws_instance.foo", 495 "user_data", 496 "562a3e32810edf6ff09994f050f12e799452379d"), 497 ), 498 }, 499 }, 500 }) 501 } 502 503 func TestAccAWSInstance_ipv6_supportAddressCount(t *testing.T) { 504 var v ec2.Instance 505 506 resource.Test(t, resource.TestCase{ 507 PreCheck: func() { testAccPreCheck(t) }, 508 Providers: testAccProviders, 509 CheckDestroy: testAccCheckInstanceDestroy, 510 Steps: []resource.TestStep{ 511 { 512 Config: testAccInstanceConfigIpv6Support, 513 Check: resource.ComposeTestCheckFunc( 514 testAccCheckInstanceExists( 515 "aws_instance.foo", &v), 516 resource.TestCheckResourceAttr( 517 "aws_instance.foo", 518 "ipv6_address_count", 519 "1"), 520 ), 521 }, 522 }, 523 }) 524 } 525 526 func TestAccAWSInstance_ipv6AddressCountAndSingleAddressCausesError(t *testing.T) { 527 528 resource.Test(t, resource.TestCase{ 529 PreCheck: func() { testAccPreCheck(t) }, 530 Providers: testAccProviders, 531 CheckDestroy: testAccCheckInstanceDestroy, 532 Steps: []resource.TestStep{ 533 { 534 Config: testAccInstanceConfigIpv6ErrorConfig, 535 ExpectError: regexp.MustCompile("Only 1 of `ipv6_address_count` or `ipv6_addresses` can be specified"), 536 }, 537 }, 538 }) 539 } 540 541 func TestAccAWSInstance_multipleRegions(t *testing.T) { 542 var v ec2.Instance 543 544 // record the initialized providers so that we can use them to 545 // check for the instances in each region 546 var providers []*schema.Provider 547 providerFactories := map[string]terraform.ResourceProviderFactory{ 548 "aws": func() (terraform.ResourceProvider, error) { 549 p := Provider() 550 providers = append(providers, p.(*schema.Provider)) 551 return p, nil 552 }, 553 } 554 555 resource.Test(t, resource.TestCase{ 556 PreCheck: func() { testAccPreCheck(t) }, 557 ProviderFactories: providerFactories, 558 CheckDestroy: testAccCheckInstanceDestroyWithProviders(&providers), 559 Steps: []resource.TestStep{ 560 { 561 Config: testAccInstanceConfigMultipleRegions, 562 Check: resource.ComposeTestCheckFunc( 563 testAccCheckInstanceExistsWithProviders( 564 "aws_instance.foo", &v, &providers), 565 testAccCheckInstanceExistsWithProviders( 566 "aws_instance.bar", &v, &providers), 567 ), 568 }, 569 }, 570 }) 571 } 572 573 func TestAccAWSInstance_NetworkInstanceSecurityGroups(t *testing.T) { 574 var v ec2.Instance 575 576 resource.Test(t, resource.TestCase{ 577 PreCheck: func() { testAccPreCheck(t) }, 578 IDRefreshName: "aws_instance.foo_instance", 579 IDRefreshIgnore: []string{"associate_public_ip_address"}, 580 Providers: testAccProviders, 581 CheckDestroy: testAccCheckInstanceDestroy, 582 Steps: []resource.TestStep{ 583 { 584 Config: testAccInstanceNetworkInstanceSecurityGroups, 585 Check: resource.ComposeTestCheckFunc( 586 testAccCheckInstanceExists( 587 "aws_instance.foo_instance", &v), 588 ), 589 }, 590 }, 591 }) 592 } 593 594 func TestAccAWSInstance_NetworkInstanceVPCSecurityGroupIDs(t *testing.T) { 595 var v ec2.Instance 596 597 resource.Test(t, resource.TestCase{ 598 PreCheck: func() { testAccPreCheck(t) }, 599 IDRefreshName: "aws_instance.foo_instance", 600 Providers: testAccProviders, 601 CheckDestroy: testAccCheckInstanceDestroy, 602 Steps: []resource.TestStep{ 603 { 604 Config: testAccInstanceNetworkInstanceVPCSecurityGroupIDs, 605 Check: resource.ComposeTestCheckFunc( 606 testAccCheckInstanceExists( 607 "aws_instance.foo_instance", &v), 608 resource.TestCheckResourceAttr( 609 "aws_instance.foo_instance", "security_groups.#", "0"), 610 resource.TestCheckResourceAttr( 611 "aws_instance.foo_instance", "vpc_security_group_ids.#", "1"), 612 ), 613 }, 614 }, 615 }) 616 } 617 618 func TestAccAWSInstance_tags(t *testing.T) { 619 var v ec2.Instance 620 621 resource.Test(t, resource.TestCase{ 622 PreCheck: func() { testAccPreCheck(t) }, 623 Providers: testAccProviders, 624 CheckDestroy: testAccCheckInstanceDestroy, 625 Steps: []resource.TestStep{ 626 { 627 Config: testAccCheckInstanceConfigTags, 628 Check: resource.ComposeTestCheckFunc( 629 testAccCheckInstanceExists("aws_instance.foo", &v), 630 testAccCheckTags(&v.Tags, "foo", "bar"), 631 // Guard against regression of https://github.com/hashicorp/terraform/issues/914 632 testAccCheckTags(&v.Tags, "#", ""), 633 ), 634 }, 635 { 636 Config: testAccCheckInstanceConfigTagsUpdate, 637 Check: resource.ComposeTestCheckFunc( 638 testAccCheckInstanceExists("aws_instance.foo", &v), 639 testAccCheckTags(&v.Tags, "foo", ""), 640 testAccCheckTags(&v.Tags, "bar", "baz"), 641 ), 642 }, 643 }, 644 }) 645 } 646 647 func TestAccAWSInstance_volumeTags(t *testing.T) { 648 var v ec2.Instance 649 650 resource.Test(t, resource.TestCase{ 651 PreCheck: func() { testAccPreCheck(t) }, 652 Providers: testAccProviders, 653 CheckDestroy: testAccCheckInstanceDestroy, 654 Steps: []resource.TestStep{ 655 { 656 Config: testAccCheckInstanceConfigNoVolumeTags, 657 Check: resource.ComposeTestCheckFunc( 658 testAccCheckInstanceExists("aws_instance.foo", &v), 659 resource.TestCheckNoResourceAttr( 660 "aws_instance.foo", "volume_tags"), 661 ), 662 }, 663 { 664 Config: testAccCheckInstanceConfigWithVolumeTags, 665 Check: resource.ComposeTestCheckFunc( 666 testAccCheckInstanceExists("aws_instance.foo", &v), 667 resource.TestCheckResourceAttr( 668 "aws_instance.foo", "volume_tags.%", "1"), 669 resource.TestCheckResourceAttr( 670 "aws_instance.foo", "volume_tags.Name", "acceptance-test-volume-tag"), 671 ), 672 }, 673 { 674 Config: testAccCheckInstanceConfigWithVolumeTagsUpdate, 675 Check: resource.ComposeTestCheckFunc( 676 testAccCheckInstanceExists("aws_instance.foo", &v), 677 resource.TestCheckResourceAttr( 678 "aws_instance.foo", "volume_tags.%", "2"), 679 resource.TestCheckResourceAttr( 680 "aws_instance.foo", "volume_tags.Name", "acceptance-test-volume-tag"), 681 resource.TestCheckResourceAttr( 682 "aws_instance.foo", "volume_tags.Environment", "dev"), 683 ), 684 }, 685 { 686 Config: testAccCheckInstanceConfigNoVolumeTags, 687 Check: resource.ComposeTestCheckFunc( 688 testAccCheckInstanceExists("aws_instance.foo", &v), 689 resource.TestCheckNoResourceAttr( 690 "aws_instance.foo", "volume_tags"), 691 ), 692 }, 693 }, 694 }) 695 } 696 697 func TestAccAWSInstance_volumeTagsComputed(t *testing.T) { 698 var v ec2.Instance 699 700 resource.Test(t, resource.TestCase{ 701 PreCheck: func() { testAccPreCheck(t) }, 702 Providers: testAccProviders, 703 CheckDestroy: testAccCheckInstanceDestroy, 704 Steps: []resource.TestStep{ 705 { 706 Config: testAccCheckInstanceConfigWithAttachedVolume, 707 Check: resource.ComposeTestCheckFunc( 708 testAccCheckInstanceExists("aws_instance.foo", &v), 709 ), 710 ExpectNonEmptyPlan: false, 711 }, 712 }, 713 }) 714 } 715 716 func TestAccAWSInstance_instanceProfileChange(t *testing.T) { 717 var v ec2.Instance 718 rName := acctest.RandString(5) 719 720 testCheckInstanceProfile := func() resource.TestCheckFunc { 721 return func(*terraform.State) error { 722 if v.IamInstanceProfile == nil { 723 return fmt.Errorf("Instance Profile is nil - we expected an InstanceProfile associated with the Instance") 724 } 725 726 return nil 727 } 728 } 729 730 resource.Test(t, resource.TestCase{ 731 PreCheck: func() { testAccPreCheck(t) }, 732 IDRefreshName: "aws_instance.foo", 733 Providers: testAccProviders, 734 CheckDestroy: testAccCheckInstanceDestroy, 735 Steps: []resource.TestStep{ 736 { 737 Config: testAccInstanceConfigWithoutInstanceProfile(rName), 738 Check: resource.ComposeTestCheckFunc( 739 testAccCheckInstanceExists("aws_instance.foo", &v), 740 ), 741 }, 742 { 743 Config: testAccInstanceConfigWithInstanceProfile(rName), 744 Check: resource.ComposeTestCheckFunc( 745 testAccCheckInstanceExists("aws_instance.foo", &v), 746 testCheckInstanceProfile(), 747 ), 748 }, 749 }, 750 }) 751 } 752 753 func TestAccAWSInstance_withIamInstanceProfile(t *testing.T) { 754 var v ec2.Instance 755 rName := acctest.RandString(5) 756 757 testCheckInstanceProfile := func() resource.TestCheckFunc { 758 return func(*terraform.State) error { 759 if v.IamInstanceProfile == nil { 760 return fmt.Errorf("Instance Profile is nil - we expected an InstanceProfile associated with the Instance") 761 } 762 763 return nil 764 } 765 } 766 767 resource.Test(t, resource.TestCase{ 768 PreCheck: func() { testAccPreCheck(t) }, 769 IDRefreshName: "aws_instance.foo", 770 Providers: testAccProviders, 771 CheckDestroy: testAccCheckInstanceDestroy, 772 Steps: []resource.TestStep{ 773 { 774 Config: testAccInstanceConfigWithInstanceProfile(rName), 775 Check: resource.ComposeTestCheckFunc( 776 testAccCheckInstanceExists("aws_instance.foo", &v), 777 testCheckInstanceProfile(), 778 ), 779 }, 780 }, 781 }) 782 } 783 784 func TestAccAWSInstance_privateIP(t *testing.T) { 785 var v ec2.Instance 786 787 testCheckPrivateIP := func() resource.TestCheckFunc { 788 return func(*terraform.State) error { 789 if *v.PrivateIpAddress != "10.1.1.42" { 790 return fmt.Errorf("bad private IP: %s", *v.PrivateIpAddress) 791 } 792 793 return nil 794 } 795 } 796 797 resource.Test(t, resource.TestCase{ 798 PreCheck: func() { testAccPreCheck(t) }, 799 IDRefreshName: "aws_instance.foo", 800 Providers: testAccProviders, 801 CheckDestroy: testAccCheckInstanceDestroy, 802 Steps: []resource.TestStep{ 803 { 804 Config: testAccInstanceConfigPrivateIP, 805 Check: resource.ComposeTestCheckFunc( 806 testAccCheckInstanceExists("aws_instance.foo", &v), 807 testCheckPrivateIP(), 808 ), 809 }, 810 }, 811 }) 812 } 813 814 func TestAccAWSInstance_associatePublicIPAndPrivateIP(t *testing.T) { 815 var v ec2.Instance 816 817 testCheckPrivateIP := func() resource.TestCheckFunc { 818 return func(*terraform.State) error { 819 if *v.PrivateIpAddress != "10.1.1.42" { 820 return fmt.Errorf("bad private IP: %s", *v.PrivateIpAddress) 821 } 822 823 return nil 824 } 825 } 826 827 resource.Test(t, resource.TestCase{ 828 PreCheck: func() { testAccPreCheck(t) }, 829 IDRefreshName: "aws_instance.foo", 830 IDRefreshIgnore: []string{"associate_public_ip_address"}, 831 Providers: testAccProviders, 832 CheckDestroy: testAccCheckInstanceDestroy, 833 Steps: []resource.TestStep{ 834 { 835 Config: testAccInstanceConfigAssociatePublicIPAndPrivateIP, 836 Check: resource.ComposeTestCheckFunc( 837 testAccCheckInstanceExists("aws_instance.foo", &v), 838 testCheckPrivateIP(), 839 ), 840 }, 841 }, 842 }) 843 } 844 845 // Guard against regression with KeyPairs 846 // https://github.com/hashicorp/terraform/issues/2302 847 func TestAccAWSInstance_keyPairCheck(t *testing.T) { 848 var v ec2.Instance 849 850 testCheckKeyPair := func(keyName string) resource.TestCheckFunc { 851 return func(*terraform.State) error { 852 if v.KeyName == nil { 853 return fmt.Errorf("No Key Pair found, expected(%s)", keyName) 854 } 855 if v.KeyName != nil && *v.KeyName != keyName { 856 return fmt.Errorf("Bad key name, expected (%s), got (%s)", keyName, *v.KeyName) 857 } 858 859 return nil 860 } 861 } 862 863 resource.Test(t, resource.TestCase{ 864 PreCheck: func() { testAccPreCheck(t) }, 865 IDRefreshName: "aws_instance.foo", 866 IDRefreshIgnore: []string{"source_dest_check"}, 867 Providers: testAccProviders, 868 CheckDestroy: testAccCheckInstanceDestroy, 869 Steps: []resource.TestStep{ 870 { 871 Config: testAccInstanceConfigKeyPair, 872 Check: resource.ComposeTestCheckFunc( 873 testAccCheckInstanceExists("aws_instance.foo", &v), 874 testCheckKeyPair("tmp-key"), 875 ), 876 }, 877 }, 878 }) 879 } 880 881 func TestAccAWSInstance_rootBlockDeviceMismatch(t *testing.T) { 882 var v ec2.Instance 883 884 resource.Test(t, resource.TestCase{ 885 PreCheck: func() { testAccPreCheck(t) }, 886 Providers: testAccProviders, 887 CheckDestroy: testAccCheckInstanceDestroy, 888 Steps: []resource.TestStep{ 889 { 890 Config: testAccInstanceConfigRootBlockDeviceMismatch, 891 Check: resource.ComposeTestCheckFunc( 892 testAccCheckInstanceExists("aws_instance.foo", &v), 893 resource.TestCheckResourceAttr( 894 "aws_instance.foo", "root_block_device.0.volume_size", "13"), 895 ), 896 }, 897 }, 898 }) 899 } 900 901 // This test reproduces the bug here: 902 // https://github.com/hashicorp/terraform/issues/1752 903 // 904 // I wish there were a way to exercise resources built with helper.Schema in a 905 // unit context, in which case this test could be moved there, but for now this 906 // will cover the bugfix. 907 // 908 // The following triggers "diffs didn't match during apply" without the fix in to 909 // set NewRemoved on the .# field when it changes to 0. 910 func TestAccAWSInstance_forceNewAndTagsDrift(t *testing.T) { 911 var v ec2.Instance 912 913 resource.Test(t, resource.TestCase{ 914 PreCheck: func() { testAccPreCheck(t) }, 915 IDRefreshName: "aws_instance.foo", 916 Providers: testAccProviders, 917 CheckDestroy: testAccCheckInstanceDestroy, 918 Steps: []resource.TestStep{ 919 { 920 Config: testAccInstanceConfigForceNewAndTagsDrift, 921 Check: resource.ComposeTestCheckFunc( 922 testAccCheckInstanceExists("aws_instance.foo", &v), 923 driftTags(&v), 924 ), 925 ExpectNonEmptyPlan: true, 926 }, 927 { 928 Config: testAccInstanceConfigForceNewAndTagsDrift_Update, 929 Check: resource.ComposeTestCheckFunc( 930 testAccCheckInstanceExists("aws_instance.foo", &v), 931 ), 932 }, 933 }, 934 }) 935 } 936 937 func TestAccAWSInstance_changeInstanceType(t *testing.T) { 938 var before ec2.Instance 939 var after ec2.Instance 940 941 resource.Test(t, resource.TestCase{ 942 PreCheck: func() { testAccPreCheck(t) }, 943 Providers: testAccProviders, 944 CheckDestroy: testAccCheckInstanceDestroy, 945 Steps: []resource.TestStep{ 946 { 947 Config: testAccInstanceConfigWithSmallInstanceType, 948 Check: resource.ComposeTestCheckFunc( 949 testAccCheckInstanceExists("aws_instance.foo", &before), 950 ), 951 }, 952 { 953 Config: testAccInstanceConfigUpdateInstanceType, 954 Check: resource.ComposeTestCheckFunc( 955 testAccCheckInstanceExists("aws_instance.foo", &after), 956 testAccCheckInstanceNotRecreated( 957 t, &before, &after), 958 ), 959 }, 960 }, 961 }) 962 } 963 964 func TestAccAWSInstance_primaryNetworkInterface(t *testing.T) { 965 var instance ec2.Instance 966 var ini ec2.NetworkInterface 967 968 resource.Test(t, resource.TestCase{ 969 PreCheck: func() { testAccPreCheck(t) }, 970 Providers: testAccProviders, 971 CheckDestroy: testAccCheckInstanceDestroy, 972 Steps: []resource.TestStep{ 973 { 974 Config: testAccInstanceConfigPrimaryNetworkInterface, 975 Check: resource.ComposeTestCheckFunc( 976 testAccCheckInstanceExists("aws_instance.foo", &instance), 977 testAccCheckAWSENIExists("aws_network_interface.bar", &ini), 978 resource.TestCheckResourceAttr("aws_instance.foo", "network_interface.#", "1"), 979 ), 980 }, 981 }, 982 }) 983 } 984 985 func TestAccAWSInstance_primaryNetworkInterfaceSourceDestCheck(t *testing.T) { 986 var instance ec2.Instance 987 var ini ec2.NetworkInterface 988 989 resource.Test(t, resource.TestCase{ 990 PreCheck: func() { testAccPreCheck(t) }, 991 Providers: testAccProviders, 992 CheckDestroy: testAccCheckInstanceDestroy, 993 Steps: []resource.TestStep{ 994 { 995 Config: testAccInstanceConfigPrimaryNetworkInterfaceSourceDestCheck, 996 Check: resource.ComposeTestCheckFunc( 997 testAccCheckInstanceExists("aws_instance.foo", &instance), 998 testAccCheckAWSENIExists("aws_network_interface.bar", &ini), 999 resource.TestCheckResourceAttr("aws_instance.foo", "source_dest_check", "false"), 1000 ), 1001 }, 1002 }, 1003 }) 1004 } 1005 1006 func TestAccAWSInstance_addSecondaryInterface(t *testing.T) { 1007 var before ec2.Instance 1008 var after ec2.Instance 1009 var iniPrimary ec2.NetworkInterface 1010 var iniSecondary ec2.NetworkInterface 1011 1012 resource.Test(t, resource.TestCase{ 1013 PreCheck: func() { testAccPreCheck(t) }, 1014 Providers: testAccProviders, 1015 CheckDestroy: testAccCheckInstanceDestroy, 1016 Steps: []resource.TestStep{ 1017 { 1018 Config: testAccInstanceConfigAddSecondaryNetworkInterfaceBefore, 1019 Check: resource.ComposeTestCheckFunc( 1020 testAccCheckInstanceExists("aws_instance.foo", &before), 1021 testAccCheckAWSENIExists("aws_network_interface.primary", &iniPrimary), 1022 resource.TestCheckResourceAttr("aws_instance.foo", "network_interface.#", "1"), 1023 ), 1024 }, 1025 { 1026 Config: testAccInstanceConfigAddSecondaryNetworkInterfaceAfter, 1027 Check: resource.ComposeTestCheckFunc( 1028 testAccCheckInstanceExists("aws_instance.foo", &after), 1029 testAccCheckAWSENIExists("aws_network_interface.secondary", &iniSecondary), 1030 resource.TestCheckResourceAttr("aws_instance.foo", "network_interface.#", "1"), 1031 ), 1032 }, 1033 }, 1034 }) 1035 } 1036 1037 // https://github.com/hashicorp/terraform/issues/3205 1038 func TestAccAWSInstance_addSecurityGroupNetworkInterface(t *testing.T) { 1039 var before ec2.Instance 1040 var after ec2.Instance 1041 1042 resource.Test(t, resource.TestCase{ 1043 PreCheck: func() { testAccPreCheck(t) }, 1044 Providers: testAccProviders, 1045 CheckDestroy: testAccCheckInstanceDestroy, 1046 Steps: []resource.TestStep{ 1047 { 1048 Config: testAccInstanceConfigAddSecurityGroupBefore, 1049 Check: resource.ComposeTestCheckFunc( 1050 testAccCheckInstanceExists("aws_instance.foo", &before), 1051 resource.TestCheckResourceAttr("aws_instance.foo", "vpc_security_group_ids.#", "1"), 1052 ), 1053 }, 1054 { 1055 Config: testAccInstanceConfigAddSecurityGroupAfter, 1056 Check: resource.ComposeTestCheckFunc( 1057 testAccCheckInstanceExists("aws_instance.foo", &after), 1058 resource.TestCheckResourceAttr("aws_instance.foo", "vpc_security_group_ids.#", "2"), 1059 ), 1060 }, 1061 }, 1062 }) 1063 } 1064 1065 func testAccCheckInstanceNotRecreated(t *testing.T, 1066 before, after *ec2.Instance) resource.TestCheckFunc { 1067 return func(s *terraform.State) error { 1068 if *before.InstanceId != *after.InstanceId { 1069 t.Fatalf("AWS Instance IDs have changed. Before %s. After %s", *before.InstanceId, *after.InstanceId) 1070 } 1071 return nil 1072 } 1073 } 1074 1075 func testAccCheckInstanceDestroy(s *terraform.State) error { 1076 return testAccCheckInstanceDestroyWithProvider(s, testAccProvider) 1077 } 1078 1079 func testAccCheckInstanceDestroyWithProviders(providers *[]*schema.Provider) resource.TestCheckFunc { 1080 return func(s *terraform.State) error { 1081 for _, provider := range *providers { 1082 if provider.Meta() == nil { 1083 continue 1084 } 1085 if err := testAccCheckInstanceDestroyWithProvider(s, provider); err != nil { 1086 return err 1087 } 1088 } 1089 return nil 1090 } 1091 } 1092 1093 func testAccCheckInstanceDestroyWithProvider(s *terraform.State, provider *schema.Provider) error { 1094 conn := provider.Meta().(*AWSClient).ec2conn 1095 1096 for _, rs := range s.RootModule().Resources { 1097 if rs.Type != "aws_instance" { 1098 continue 1099 } 1100 1101 // Try to find the resource 1102 resp, err := conn.DescribeInstances(&ec2.DescribeInstancesInput{ 1103 InstanceIds: []*string{aws.String(rs.Primary.ID)}, 1104 }) 1105 if err == nil { 1106 for _, r := range resp.Reservations { 1107 for _, i := range r.Instances { 1108 if i.State != nil && *i.State.Name != "terminated" { 1109 return fmt.Errorf("Found unterminated instance: %s", i) 1110 } 1111 } 1112 } 1113 } 1114 1115 // Verify the error is what we want 1116 if ae, ok := err.(awserr.Error); ok && ae.Code() == "InvalidInstanceID.NotFound" { 1117 continue 1118 } 1119 1120 return err 1121 } 1122 1123 return nil 1124 } 1125 1126 func testAccCheckInstanceExists(n string, i *ec2.Instance) resource.TestCheckFunc { 1127 providers := []*schema.Provider{testAccProvider} 1128 return testAccCheckInstanceExistsWithProviders(n, i, &providers) 1129 } 1130 1131 func testAccCheckInstanceExistsWithProviders(n string, i *ec2.Instance, providers *[]*schema.Provider) resource.TestCheckFunc { 1132 return func(s *terraform.State) error { 1133 rs, ok := s.RootModule().Resources[n] 1134 if !ok { 1135 return fmt.Errorf("Not found: %s", n) 1136 } 1137 1138 if rs.Primary.ID == "" { 1139 return fmt.Errorf("No ID is set") 1140 } 1141 for _, provider := range *providers { 1142 // Ignore if Meta is empty, this can happen for validation providers 1143 if provider.Meta() == nil { 1144 continue 1145 } 1146 1147 conn := provider.Meta().(*AWSClient).ec2conn 1148 resp, err := conn.DescribeInstances(&ec2.DescribeInstancesInput{ 1149 InstanceIds: []*string{aws.String(rs.Primary.ID)}, 1150 }) 1151 if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidInstanceID.NotFound" { 1152 continue 1153 } 1154 if err != nil { 1155 return err 1156 } 1157 1158 if len(resp.Reservations) > 0 { 1159 *i = *resp.Reservations[0].Instances[0] 1160 return nil 1161 } 1162 } 1163 1164 return fmt.Errorf("Instance not found") 1165 } 1166 } 1167 1168 func TestInstanceTenancySchema(t *testing.T) { 1169 actualSchema := resourceAwsInstance().Schema["tenancy"] 1170 expectedSchema := &schema.Schema{ 1171 Type: schema.TypeString, 1172 Optional: true, 1173 Computed: true, 1174 ForceNew: true, 1175 } 1176 if !reflect.DeepEqual(actualSchema, expectedSchema) { 1177 t.Fatalf( 1178 "Got:\n\n%#v\n\nExpected:\n\n%#v\n", 1179 actualSchema, 1180 expectedSchema) 1181 } 1182 } 1183 1184 func driftTags(instance *ec2.Instance) resource.TestCheckFunc { 1185 return func(s *terraform.State) error { 1186 conn := testAccProvider.Meta().(*AWSClient).ec2conn 1187 _, err := conn.CreateTags(&ec2.CreateTagsInput{ 1188 Resources: []*string{instance.InstanceId}, 1189 Tags: []*ec2.Tag{ 1190 { 1191 Key: aws.String("Drift"), 1192 Value: aws.String("Happens"), 1193 }, 1194 }, 1195 }) 1196 return err 1197 } 1198 } 1199 1200 const testAccInstanceConfig_pre = ` 1201 resource "aws_security_group" "tf_test_foo" { 1202 name = "tf_test_foo" 1203 description = "foo" 1204 1205 ingress { 1206 protocol = "icmp" 1207 from_port = -1 1208 to_port = -1 1209 cidr_blocks = ["0.0.0.0/0"] 1210 } 1211 } 1212 ` 1213 1214 const testAccInstanceConfig = ` 1215 resource "aws_security_group" "tf_test_foo" { 1216 name = "tf_test_foo" 1217 description = "foo" 1218 1219 ingress { 1220 protocol = "icmp" 1221 from_port = -1 1222 to_port = -1 1223 cidr_blocks = ["0.0.0.0/0"] 1224 } 1225 } 1226 1227 resource "aws_instance" "foo" { 1228 # us-west-2 1229 ami = "ami-4fccb37f" 1230 availability_zone = "us-west-2a" 1231 1232 instance_type = "m1.small" 1233 security_groups = ["${aws_security_group.tf_test_foo.name}"] 1234 user_data = "foo:-with-character's" 1235 } 1236 ` 1237 1238 const testAccInstanceConfigWithSmallInstanceType = ` 1239 resource "aws_instance" "foo" { 1240 # us-west-2 1241 ami = "ami-55a7ea65" 1242 availability_zone = "us-west-2a" 1243 1244 instance_type = "m3.medium" 1245 1246 tags { 1247 Name = "tf-acctest" 1248 } 1249 } 1250 ` 1251 1252 const testAccInstanceConfigUpdateInstanceType = ` 1253 resource "aws_instance" "foo" { 1254 # us-west-2 1255 ami = "ami-55a7ea65" 1256 availability_zone = "us-west-2a" 1257 1258 instance_type = "m3.large" 1259 1260 tags { 1261 Name = "tf-acctest" 1262 } 1263 } 1264 ` 1265 1266 const testAccInstanceGP2IopsDevice = ` 1267 resource "aws_instance" "foo" { 1268 # us-west-2 1269 ami = "ami-55a7ea65" 1270 1271 # In order to attach an encrypted volume to an instance you need to have an 1272 # m3.medium or larger. See "Supported Instance Types" in: 1273 # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html 1274 instance_type = "m3.medium" 1275 1276 root_block_device { 1277 volume_type = "gp2" 1278 volume_size = 11 1279 } 1280 } 1281 ` 1282 1283 const testAccInstanceConfigBlockDevices = ` 1284 resource "aws_instance" "foo" { 1285 # us-west-2 1286 ami = "ami-55a7ea65" 1287 1288 # In order to attach an encrypted volume to an instance you need to have an 1289 # m3.medium or larger. See "Supported Instance Types" in: 1290 # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html 1291 instance_type = "m3.medium" 1292 1293 root_block_device { 1294 volume_type = "gp2" 1295 volume_size = 11 1296 } 1297 ebs_block_device { 1298 device_name = "/dev/sdb" 1299 volume_size = 9 1300 } 1301 ebs_block_device { 1302 device_name = "/dev/sdc" 1303 volume_size = 10 1304 volume_type = "io1" 1305 iops = 100 1306 } 1307 1308 # Encrypted ebs block device 1309 ebs_block_device { 1310 device_name = "/dev/sdd" 1311 volume_size = 12 1312 encrypted = true 1313 } 1314 1315 ephemeral_block_device { 1316 device_name = "/dev/sde" 1317 virtual_name = "ephemeral0" 1318 } 1319 } 1320 ` 1321 1322 const testAccInstanceConfigSourceDestEnable = ` 1323 resource "aws_vpc" "foo" { 1324 cidr_block = "10.1.0.0/16" 1325 } 1326 1327 resource "aws_subnet" "foo" { 1328 cidr_block = "10.1.1.0/24" 1329 vpc_id = "${aws_vpc.foo.id}" 1330 } 1331 1332 resource "aws_instance" "foo" { 1333 # us-west-2 1334 ami = "ami-4fccb37f" 1335 instance_type = "m1.small" 1336 subnet_id = "${aws_subnet.foo.id}" 1337 } 1338 ` 1339 1340 const testAccInstanceConfigSourceDestDisable = ` 1341 resource "aws_vpc" "foo" { 1342 cidr_block = "10.1.0.0/16" 1343 } 1344 1345 resource "aws_subnet" "foo" { 1346 cidr_block = "10.1.1.0/24" 1347 vpc_id = "${aws_vpc.foo.id}" 1348 } 1349 1350 resource "aws_instance" "foo" { 1351 # us-west-2 1352 ami = "ami-4fccb37f" 1353 instance_type = "m1.small" 1354 subnet_id = "${aws_subnet.foo.id}" 1355 source_dest_check = false 1356 } 1357 ` 1358 1359 func testAccInstanceConfigDisableAPITermination(val bool) string { 1360 return fmt.Sprintf(` 1361 resource "aws_vpc" "foo" { 1362 cidr_block = "10.1.0.0/16" 1363 } 1364 1365 resource "aws_subnet" "foo" { 1366 cidr_block = "10.1.1.0/24" 1367 vpc_id = "${aws_vpc.foo.id}" 1368 } 1369 1370 resource "aws_instance" "foo" { 1371 # us-west-2 1372 ami = "ami-4fccb37f" 1373 instance_type = "m1.small" 1374 subnet_id = "${aws_subnet.foo.id}" 1375 disable_api_termination = %t 1376 } 1377 `, val) 1378 } 1379 1380 const testAccInstanceConfigVPC = ` 1381 resource "aws_vpc" "foo" { 1382 cidr_block = "10.1.0.0/16" 1383 } 1384 1385 resource "aws_subnet" "foo" { 1386 cidr_block = "10.1.1.0/24" 1387 vpc_id = "${aws_vpc.foo.id}" 1388 } 1389 1390 resource "aws_instance" "foo" { 1391 # us-west-2 1392 ami = "ami-4fccb37f" 1393 instance_type = "m1.small" 1394 subnet_id = "${aws_subnet.foo.id}" 1395 associate_public_ip_address = true 1396 tenancy = "dedicated" 1397 # pre-encoded base64 data 1398 user_data = "3dc39dda39be1205215e776bad998da361a5955d" 1399 } 1400 ` 1401 1402 const testAccInstanceConfigIpv6ErrorConfig = ` 1403 resource "aws_vpc" "foo" { 1404 cidr_block = "10.1.0.0/16" 1405 assign_generated_ipv6_cidr_block = true 1406 tags { 1407 Name = "tf-ipv6-instance-acc-test" 1408 } 1409 } 1410 1411 resource "aws_subnet" "foo" { 1412 cidr_block = "10.1.1.0/24" 1413 vpc_id = "${aws_vpc.foo.id}" 1414 ipv6_cidr_block = "${cidrsubnet(aws_vpc.foo.ipv6_cidr_block, 8, 1)}" 1415 tags { 1416 Name = "tf-ipv6-instance-acc-test" 1417 } 1418 } 1419 1420 resource "aws_instance" "foo" { 1421 # us-west-2 1422 ami = "ami-c5eabbf5" 1423 instance_type = "t2.micro" 1424 subnet_id = "${aws_subnet.foo.id}" 1425 ipv6_addresses = ["2600:1f14:bb2:e501::10"] 1426 ipv6_address_count = 1 1427 tags { 1428 Name = "tf-ipv6-instance-acc-test" 1429 } 1430 } 1431 ` 1432 1433 const testAccInstanceConfigIpv6Support = ` 1434 resource "aws_vpc" "foo" { 1435 cidr_block = "10.1.0.0/16" 1436 assign_generated_ipv6_cidr_block = true 1437 tags { 1438 Name = "tf-ipv6-instance-acc-test" 1439 } 1440 } 1441 1442 resource "aws_subnet" "foo" { 1443 cidr_block = "10.1.1.0/24" 1444 vpc_id = "${aws_vpc.foo.id}" 1445 ipv6_cidr_block = "${cidrsubnet(aws_vpc.foo.ipv6_cidr_block, 8, 1)}" 1446 tags { 1447 Name = "tf-ipv6-instance-acc-test" 1448 } 1449 } 1450 1451 resource "aws_instance" "foo" { 1452 # us-west-2 1453 ami = "ami-c5eabbf5" 1454 instance_type = "t2.micro" 1455 subnet_id = "${aws_subnet.foo.id}" 1456 1457 ipv6_address_count = 1 1458 tags { 1459 Name = "tf-ipv6-instance-acc-test" 1460 } 1461 } 1462 ` 1463 1464 const testAccInstanceConfigMultipleRegions = ` 1465 provider "aws" { 1466 alias = "west" 1467 region = "us-west-2" 1468 } 1469 1470 provider "aws" { 1471 alias = "east" 1472 region = "us-east-1" 1473 } 1474 1475 resource "aws_instance" "foo" { 1476 # us-west-2 1477 provider = "aws.west" 1478 ami = "ami-4fccb37f" 1479 instance_type = "m1.small" 1480 } 1481 1482 resource "aws_instance" "bar" { 1483 # us-east-1 1484 provider = "aws.east" 1485 ami = "ami-8c6ea9e4" 1486 instance_type = "m1.small" 1487 } 1488 ` 1489 1490 const testAccCheckInstanceConfigTags = ` 1491 resource "aws_instance" "foo" { 1492 ami = "ami-4fccb37f" 1493 instance_type = "m1.small" 1494 tags { 1495 foo = "bar" 1496 } 1497 } 1498 ` 1499 1500 const testAccCheckInstanceConfigWithAttachedVolume = ` 1501 data "aws_ami" "debian_jessie_latest" { 1502 most_recent = true 1503 1504 filter { 1505 name = "name" 1506 values = ["debian-jessie-*"] 1507 } 1508 1509 filter { 1510 name = "virtualization-type" 1511 values = ["hvm"] 1512 } 1513 1514 filter { 1515 name = "architecture" 1516 values = ["x86_64"] 1517 } 1518 1519 filter { 1520 name = "root-device-type" 1521 values = ["ebs"] 1522 } 1523 1524 owners = ["379101102735"] # Debian 1525 } 1526 1527 resource "aws_instance" "foo" { 1528 ami = "${data.aws_ami.debian_jessie_latest.id}" 1529 associate_public_ip_address = true 1530 count = 1 1531 instance_type = "t2.medium" 1532 1533 root_block_device { 1534 volume_size = "10" 1535 volume_type = "standard" 1536 delete_on_termination = true 1537 } 1538 1539 tags { 1540 Name = "test-terraform" 1541 } 1542 } 1543 1544 resource "aws_ebs_volume" "test" { 1545 depends_on = ["aws_instance.foo"] 1546 availability_zone = "${aws_instance.foo.availability_zone}" 1547 type = "gp2" 1548 size = "10" 1549 1550 tags { 1551 Name = "test-terraform" 1552 } 1553 } 1554 1555 resource "aws_volume_attachment" "test" { 1556 depends_on = ["aws_ebs_volume.test"] 1557 device_name = "/dev/xvdg" 1558 volume_id = "${aws_ebs_volume.test.id}" 1559 instance_id = "${aws_instance.foo.id}" 1560 } 1561 ` 1562 1563 const testAccCheckInstanceConfigNoVolumeTags = ` 1564 resource "aws_instance" "foo" { 1565 ami = "ami-55a7ea65" 1566 1567 instance_type = "m3.medium" 1568 1569 root_block_device { 1570 volume_type = "gp2" 1571 volume_size = 11 1572 } 1573 ebs_block_device { 1574 device_name = "/dev/sdb" 1575 volume_size = 9 1576 } 1577 ebs_block_device { 1578 device_name = "/dev/sdc" 1579 volume_size = 10 1580 volume_type = "io1" 1581 iops = 100 1582 } 1583 1584 ebs_block_device { 1585 device_name = "/dev/sdd" 1586 volume_size = 12 1587 encrypted = true 1588 } 1589 1590 ephemeral_block_device { 1591 device_name = "/dev/sde" 1592 virtual_name = "ephemeral0" 1593 } 1594 } 1595 ` 1596 1597 const testAccCheckInstanceConfigWithVolumeTags = ` 1598 resource "aws_instance" "foo" { 1599 ami = "ami-55a7ea65" 1600 1601 instance_type = "m3.medium" 1602 1603 root_block_device { 1604 volume_type = "gp2" 1605 volume_size = 11 1606 } 1607 ebs_block_device { 1608 device_name = "/dev/sdb" 1609 volume_size = 9 1610 } 1611 ebs_block_device { 1612 device_name = "/dev/sdc" 1613 volume_size = 10 1614 volume_type = "io1" 1615 iops = 100 1616 } 1617 1618 ebs_block_device { 1619 device_name = "/dev/sdd" 1620 volume_size = 12 1621 encrypted = true 1622 } 1623 1624 ephemeral_block_device { 1625 device_name = "/dev/sde" 1626 virtual_name = "ephemeral0" 1627 } 1628 1629 volume_tags { 1630 Name = "acceptance-test-volume-tag" 1631 } 1632 } 1633 ` 1634 1635 const testAccCheckInstanceConfigWithVolumeTagsUpdate = ` 1636 resource "aws_instance" "foo" { 1637 ami = "ami-55a7ea65" 1638 1639 instance_type = "m3.medium" 1640 1641 root_block_device { 1642 volume_type = "gp2" 1643 volume_size = 11 1644 } 1645 ebs_block_device { 1646 device_name = "/dev/sdb" 1647 volume_size = 9 1648 } 1649 ebs_block_device { 1650 device_name = "/dev/sdc" 1651 volume_size = 10 1652 volume_type = "io1" 1653 iops = 100 1654 } 1655 1656 ebs_block_device { 1657 device_name = "/dev/sdd" 1658 volume_size = 12 1659 encrypted = true 1660 } 1661 1662 ephemeral_block_device { 1663 device_name = "/dev/sde" 1664 virtual_name = "ephemeral0" 1665 } 1666 1667 volume_tags { 1668 Name = "acceptance-test-volume-tag" 1669 Environment = "dev" 1670 } 1671 } 1672 ` 1673 1674 const testAccCheckInstanceConfigTagsUpdate = ` 1675 resource "aws_instance" "foo" { 1676 ami = "ami-4fccb37f" 1677 instance_type = "m1.small" 1678 tags { 1679 bar = "baz" 1680 } 1681 } 1682 ` 1683 1684 func testAccInstanceConfigWithoutInstanceProfile(rName string) string { 1685 return fmt.Sprintf(` 1686 resource "aws_iam_role" "test" { 1687 name = "test-%s" 1688 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 1689 } 1690 1691 resource "aws_iam_instance_profile" "test" { 1692 name = "test-%s" 1693 roles = ["${aws_iam_role.test.name}"] 1694 } 1695 1696 resource "aws_instance" "foo" { 1697 ami = "ami-4fccb37f" 1698 instance_type = "m1.small" 1699 tags { 1700 bar = "baz" 1701 } 1702 }`, rName, rName) 1703 } 1704 1705 func testAccInstanceConfigWithInstanceProfile(rName string) string { 1706 return fmt.Sprintf(` 1707 resource "aws_iam_role" "test" { 1708 name = "test-%s" 1709 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}" 1710 } 1711 1712 resource "aws_iam_instance_profile" "test" { 1713 name = "test-%s" 1714 roles = ["${aws_iam_role.test.name}"] 1715 } 1716 1717 resource "aws_instance" "foo" { 1718 ami = "ami-4fccb37f" 1719 instance_type = "m1.small" 1720 iam_instance_profile = "${aws_iam_instance_profile.test.name}" 1721 tags { 1722 bar = "baz" 1723 } 1724 }`, rName, rName) 1725 } 1726 1727 const testAccInstanceConfigPrivateIP = ` 1728 resource "aws_vpc" "foo" { 1729 cidr_block = "10.1.0.0/16" 1730 } 1731 1732 resource "aws_subnet" "foo" { 1733 cidr_block = "10.1.1.0/24" 1734 vpc_id = "${aws_vpc.foo.id}" 1735 } 1736 1737 resource "aws_instance" "foo" { 1738 ami = "ami-c5eabbf5" 1739 instance_type = "t2.micro" 1740 subnet_id = "${aws_subnet.foo.id}" 1741 private_ip = "10.1.1.42" 1742 } 1743 ` 1744 1745 const testAccInstanceConfigAssociatePublicIPAndPrivateIP = ` 1746 resource "aws_vpc" "foo" { 1747 cidr_block = "10.1.0.0/16" 1748 } 1749 1750 resource "aws_subnet" "foo" { 1751 cidr_block = "10.1.1.0/24" 1752 vpc_id = "${aws_vpc.foo.id}" 1753 } 1754 1755 resource "aws_instance" "foo" { 1756 ami = "ami-c5eabbf5" 1757 instance_type = "t2.micro" 1758 subnet_id = "${aws_subnet.foo.id}" 1759 associate_public_ip_address = true 1760 private_ip = "10.1.1.42" 1761 } 1762 ` 1763 1764 const testAccInstanceNetworkInstanceSecurityGroups = ` 1765 resource "aws_internet_gateway" "gw" { 1766 vpc_id = "${aws_vpc.foo.id}" 1767 } 1768 1769 resource "aws_vpc" "foo" { 1770 cidr_block = "10.1.0.0/16" 1771 tags { 1772 Name = "tf-network-test" 1773 } 1774 } 1775 1776 resource "aws_security_group" "tf_test_foo" { 1777 name = "tf_test_foo" 1778 description = "foo" 1779 vpc_id="${aws_vpc.foo.id}" 1780 1781 ingress { 1782 protocol = "icmp" 1783 from_port = -1 1784 to_port = -1 1785 cidr_blocks = ["0.0.0.0/0"] 1786 } 1787 } 1788 1789 resource "aws_subnet" "foo" { 1790 cidr_block = "10.1.1.0/24" 1791 vpc_id = "${aws_vpc.foo.id}" 1792 } 1793 1794 resource "aws_instance" "foo_instance" { 1795 ami = "ami-21f78e11" 1796 instance_type = "t1.micro" 1797 vpc_security_group_ids = ["${aws_security_group.tf_test_foo.id}"] 1798 subnet_id = "${aws_subnet.foo.id}" 1799 associate_public_ip_address = true 1800 depends_on = ["aws_internet_gateway.gw"] 1801 } 1802 1803 resource "aws_eip" "foo_eip" { 1804 instance = "${aws_instance.foo_instance.id}" 1805 vpc = true 1806 depends_on = ["aws_internet_gateway.gw"] 1807 } 1808 ` 1809 1810 const testAccInstanceNetworkInstanceVPCSecurityGroupIDs = ` 1811 resource "aws_internet_gateway" "gw" { 1812 vpc_id = "${aws_vpc.foo.id}" 1813 } 1814 1815 resource "aws_vpc" "foo" { 1816 cidr_block = "10.1.0.0/16" 1817 tags { 1818 Name = "tf-network-test" 1819 } 1820 } 1821 1822 resource "aws_security_group" "tf_test_foo" { 1823 name = "tf_test_foo" 1824 description = "foo" 1825 vpc_id="${aws_vpc.foo.id}" 1826 1827 ingress { 1828 protocol = "icmp" 1829 from_port = -1 1830 to_port = -1 1831 cidr_blocks = ["0.0.0.0/0"] 1832 } 1833 } 1834 1835 resource "aws_subnet" "foo" { 1836 cidr_block = "10.1.1.0/24" 1837 vpc_id = "${aws_vpc.foo.id}" 1838 } 1839 1840 resource "aws_instance" "foo_instance" { 1841 ami = "ami-21f78e11" 1842 instance_type = "t1.micro" 1843 vpc_security_group_ids = ["${aws_security_group.tf_test_foo.id}"] 1844 subnet_id = "${aws_subnet.foo.id}" 1845 depends_on = ["aws_internet_gateway.gw"] 1846 } 1847 1848 resource "aws_eip" "foo_eip" { 1849 instance = "${aws_instance.foo_instance.id}" 1850 vpc = true 1851 depends_on = ["aws_internet_gateway.gw"] 1852 } 1853 ` 1854 1855 const testAccInstanceConfigKeyPair = ` 1856 provider "aws" { 1857 region = "us-east-1" 1858 } 1859 1860 resource "aws_key_pair" "debugging" { 1861 key_name = "tmp-key" 1862 public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 phodgson@thoughtworks.com" 1863 } 1864 1865 resource "aws_instance" "foo" { 1866 ami = "ami-408c7f28" 1867 instance_type = "t1.micro" 1868 key_name = "${aws_key_pair.debugging.key_name}" 1869 tags { 1870 Name = "testAccInstanceConfigKeyPair_TestAMI" 1871 } 1872 } 1873 ` 1874 1875 const testAccInstanceConfigRootBlockDeviceMismatch = ` 1876 resource "aws_vpc" "foo" { 1877 cidr_block = "10.1.0.0/16" 1878 } 1879 1880 resource "aws_subnet" "foo" { 1881 cidr_block = "10.1.1.0/24" 1882 vpc_id = "${aws_vpc.foo.id}" 1883 } 1884 1885 resource "aws_instance" "foo" { 1886 // This is an AMI with RootDeviceName: "/dev/sda1"; actual root: "/dev/sda" 1887 ami = "ami-ef5b69df" 1888 instance_type = "t1.micro" 1889 subnet_id = "${aws_subnet.foo.id}" 1890 root_block_device { 1891 volume_size = 13 1892 } 1893 } 1894 ` 1895 1896 const testAccInstanceConfigForceNewAndTagsDrift = ` 1897 resource "aws_vpc" "foo" { 1898 cidr_block = "10.1.0.0/16" 1899 } 1900 1901 resource "aws_subnet" "foo" { 1902 cidr_block = "10.1.1.0/24" 1903 vpc_id = "${aws_vpc.foo.id}" 1904 } 1905 1906 resource "aws_instance" "foo" { 1907 ami = "ami-22b9a343" 1908 instance_type = "t2.nano" 1909 subnet_id = "${aws_subnet.foo.id}" 1910 } 1911 ` 1912 1913 const testAccInstanceConfigForceNewAndTagsDrift_Update = ` 1914 resource "aws_vpc" "foo" { 1915 cidr_block = "10.1.0.0/16" 1916 } 1917 1918 resource "aws_subnet" "foo" { 1919 cidr_block = "10.1.1.0/24" 1920 vpc_id = "${aws_vpc.foo.id}" 1921 } 1922 1923 resource "aws_instance" "foo" { 1924 ami = "ami-22b9a343" 1925 instance_type = "t2.micro" 1926 subnet_id = "${aws_subnet.foo.id}" 1927 } 1928 ` 1929 1930 const testAccInstanceConfigPrimaryNetworkInterface = ` 1931 resource "aws_vpc" "foo" { 1932 cidr_block = "172.16.0.0/16" 1933 tags { 1934 Name = "tf-instance-test" 1935 } 1936 } 1937 1938 resource "aws_subnet" "foo" { 1939 vpc_id = "${aws_vpc.foo.id}" 1940 cidr_block = "172.16.10.0/24" 1941 availability_zone = "us-west-2a" 1942 tags { 1943 Name = "tf-instance-test" 1944 } 1945 } 1946 1947 resource "aws_network_interface" "bar" { 1948 subnet_id = "${aws_subnet.foo.id}" 1949 private_ips = ["172.16.10.100"] 1950 tags { 1951 Name = "primary_network_interface" 1952 } 1953 } 1954 1955 resource "aws_instance" "foo" { 1956 ami = "ami-22b9a343" 1957 instance_type = "t2.micro" 1958 network_interface { 1959 network_interface_id = "${aws_network_interface.bar.id}" 1960 device_index = 0 1961 } 1962 } 1963 ` 1964 1965 const testAccInstanceConfigPrimaryNetworkInterfaceSourceDestCheck = ` 1966 resource "aws_vpc" "foo" { 1967 cidr_block = "172.16.0.0/16" 1968 tags { 1969 Name = "tf-instance-test" 1970 } 1971 } 1972 1973 resource "aws_subnet" "foo" { 1974 vpc_id = "${aws_vpc.foo.id}" 1975 cidr_block = "172.16.10.0/24" 1976 availability_zone = "us-west-2a" 1977 tags { 1978 Name = "tf-instance-test" 1979 } 1980 } 1981 1982 resource "aws_network_interface" "bar" { 1983 subnet_id = "${aws_subnet.foo.id}" 1984 private_ips = ["172.16.10.100"] 1985 source_dest_check = false 1986 tags { 1987 Name = "primary_network_interface" 1988 } 1989 } 1990 1991 resource "aws_instance" "foo" { 1992 ami = "ami-22b9a343" 1993 instance_type = "t2.micro" 1994 network_interface { 1995 network_interface_id = "${aws_network_interface.bar.id}" 1996 device_index = 0 1997 } 1998 } 1999 ` 2000 2001 const testAccInstanceConfigAddSecondaryNetworkInterfaceBefore = ` 2002 resource "aws_vpc" "foo" { 2003 cidr_block = "172.16.0.0/16" 2004 tags { 2005 Name = "tf-instance-test" 2006 } 2007 } 2008 2009 resource "aws_subnet" "foo" { 2010 vpc_id = "${aws_vpc.foo.id}" 2011 cidr_block = "172.16.10.0/24" 2012 availability_zone = "us-west-2a" 2013 tags { 2014 Name = "tf-instance-test" 2015 } 2016 } 2017 2018 resource "aws_network_interface" "primary" { 2019 subnet_id = "${aws_subnet.foo.id}" 2020 private_ips = ["172.16.10.100"] 2021 tags { 2022 Name = "primary_network_interface" 2023 } 2024 } 2025 2026 resource "aws_network_interface" "secondary" { 2027 subnet_id = "${aws_subnet.foo.id}" 2028 private_ips = ["172.16.10.101"] 2029 tags { 2030 Name = "secondary_network_interface" 2031 } 2032 } 2033 2034 resource "aws_instance" "foo" { 2035 ami = "ami-22b9a343" 2036 instance_type = "t2.micro" 2037 network_interface { 2038 network_interface_id = "${aws_network_interface.primary.id}" 2039 device_index = 0 2040 } 2041 } 2042 ` 2043 2044 const testAccInstanceConfigAddSecondaryNetworkInterfaceAfter = ` 2045 resource "aws_vpc" "foo" { 2046 cidr_block = "172.16.0.0/16" 2047 tags { 2048 Name = "tf-instance-test" 2049 } 2050 } 2051 2052 resource "aws_subnet" "foo" { 2053 vpc_id = "${aws_vpc.foo.id}" 2054 cidr_block = "172.16.10.0/24" 2055 availability_zone = "us-west-2a" 2056 tags { 2057 Name = "tf-instance-test" 2058 } 2059 } 2060 2061 resource "aws_network_interface" "primary" { 2062 subnet_id = "${aws_subnet.foo.id}" 2063 private_ips = ["172.16.10.100"] 2064 tags { 2065 Name = "primary_network_interface" 2066 } 2067 } 2068 2069 // Attach previously created network interface, observe no state diff on instance resource 2070 resource "aws_network_interface" "secondary" { 2071 subnet_id = "${aws_subnet.foo.id}" 2072 private_ips = ["172.16.10.101"] 2073 tags { 2074 Name = "secondary_network_interface" 2075 } 2076 attachment { 2077 instance = "${aws_instance.foo.id}" 2078 device_index = 1 2079 } 2080 } 2081 2082 resource "aws_instance" "foo" { 2083 ami = "ami-22b9a343" 2084 instance_type = "t2.micro" 2085 network_interface { 2086 network_interface_id = "${aws_network_interface.primary.id}" 2087 device_index = 0 2088 } 2089 } 2090 ` 2091 2092 const testAccInstanceConfigAddSecurityGroupBefore = ` 2093 resource "aws_vpc" "foo" { 2094 cidr_block = "172.16.0.0/16" 2095 tags { 2096 Name = "tf-eni-test" 2097 } 2098 } 2099 2100 resource "aws_subnet" "foo" { 2101 vpc_id = "${aws_vpc.foo.id}" 2102 cidr_block = "172.16.10.0/24" 2103 availability_zone = "us-west-2a" 2104 tags { 2105 Name = "tf-foo-instance-add-sg-test" 2106 } 2107 } 2108 2109 resource "aws_subnet" "bar" { 2110 vpc_id = "${aws_vpc.foo.id}" 2111 cidr_block = "172.16.11.0/24" 2112 availability_zone = "us-west-2a" 2113 tags { 2114 Name = "tf-bar-instance-add-sg-test" 2115 } 2116 } 2117 2118 resource "aws_security_group" "foo" { 2119 vpc_id = "${aws_vpc.foo.id}" 2120 description = "foo" 2121 name = "foo" 2122 } 2123 2124 resource "aws_security_group" "bar" { 2125 vpc_id = "${aws_vpc.foo.id}" 2126 description = "bar" 2127 name = "bar" 2128 } 2129 2130 resource "aws_instance" "foo" { 2131 ami = "ami-c5eabbf5" 2132 instance_type = "t2.micro" 2133 subnet_id = "${aws_subnet.bar.id}" 2134 associate_public_ip_address = false 2135 vpc_security_group_ids = [ 2136 "${aws_security_group.foo.id}" 2137 ] 2138 tags { 2139 Name = "foo-instance-sg-add-test" 2140 } 2141 } 2142 2143 resource "aws_network_interface" "bar" { 2144 subnet_id = "${aws_subnet.foo.id}" 2145 private_ips = ["172.16.10.100"] 2146 security_groups = ["${aws_security_group.foo.id}"] 2147 attachment { 2148 instance = "${aws_instance.foo.id}" 2149 device_index = 1 2150 } 2151 tags { 2152 Name = "bar_interface" 2153 } 2154 } 2155 ` 2156 2157 const testAccInstanceConfigAddSecurityGroupAfter = ` 2158 resource "aws_vpc" "foo" { 2159 cidr_block = "172.16.0.0/16" 2160 tags { 2161 Name = "tf-eni-test" 2162 } 2163 } 2164 2165 resource "aws_subnet" "foo" { 2166 vpc_id = "${aws_vpc.foo.id}" 2167 cidr_block = "172.16.10.0/24" 2168 availability_zone = "us-west-2a" 2169 tags { 2170 Name = "tf-foo-instance-add-sg-test" 2171 } 2172 } 2173 2174 resource "aws_subnet" "bar" { 2175 vpc_id = "${aws_vpc.foo.id}" 2176 cidr_block = "172.16.11.0/24" 2177 availability_zone = "us-west-2a" 2178 tags { 2179 Name = "tf-bar-instance-add-sg-test" 2180 } 2181 } 2182 2183 resource "aws_security_group" "foo" { 2184 vpc_id = "${aws_vpc.foo.id}" 2185 description = "foo" 2186 name = "foo" 2187 } 2188 2189 resource "aws_security_group" "bar" { 2190 vpc_id = "${aws_vpc.foo.id}" 2191 description = "bar" 2192 name = "bar" 2193 } 2194 2195 resource "aws_instance" "foo" { 2196 ami = "ami-c5eabbf5" 2197 instance_type = "t2.micro" 2198 subnet_id = "${aws_subnet.bar.id}" 2199 associate_public_ip_address = false 2200 vpc_security_group_ids = [ 2201 "${aws_security_group.foo.id}", 2202 "${aws_security_group.bar.id}" 2203 ] 2204 tags { 2205 Name = "foo-instance-sg-add-test" 2206 } 2207 } 2208 2209 resource "aws_network_interface" "bar" { 2210 subnet_id = "${aws_subnet.foo.id}" 2211 private_ips = ["172.16.10.100"] 2212 security_groups = ["${aws_security_group.foo.id}"] 2213 attachment { 2214 instance = "${aws_instance.foo.id}" 2215 device_index = 1 2216 } 2217 tags { 2218 Name = "bar_interface" 2219 } 2220 } 2221 `