github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/aws/resource_aws_alb_test.go (about) 1 package aws 2 3 import ( 4 "errors" 5 "fmt" 6 "regexp" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/service/elbv2" 11 "github.com/hashicorp/errwrap" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/terraform" 15 ) 16 17 func TestALBCloudwatchSuffixFromARN(t *testing.T) { 18 cases := []struct { 19 name string 20 arn *string 21 suffix string 22 }{ 23 { 24 name: "valid suffix", 25 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer/app/my-alb/abc123`), 26 suffix: `app/my-alb/abc123`, 27 }, 28 { 29 name: "no suffix", 30 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer`), 31 suffix: ``, 32 }, 33 { 34 name: "nil ARN", 35 arn: nil, 36 suffix: ``, 37 }, 38 } 39 40 for _, tc := range cases { 41 actual := albSuffixFromARN(tc.arn) 42 if actual != tc.suffix { 43 t.Fatalf("bad suffix: %q\nExpected: %s\n Got: %s", tc.name, tc.suffix, actual) 44 } 45 } 46 } 47 48 func TestAccAWSALB_basic(t *testing.T) { 49 var conf elbv2.LoadBalancer 50 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 51 52 resource.Test(t, resource.TestCase{ 53 PreCheck: func() { testAccPreCheck(t) }, 54 IDRefreshName: "aws_alb.alb_test", 55 Providers: testAccProviders, 56 CheckDestroy: testAccCheckAWSALBDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAWSALBConfig_basic(albName), 60 Check: resource.ComposeAggregateTestCheckFunc( 61 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 62 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 63 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 64 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 65 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 66 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 67 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 68 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 69 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 70 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 71 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 72 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 73 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 74 ), 75 }, 76 }, 77 }) 78 } 79 80 func TestAccAWSALB_generatedName(t *testing.T) { 81 var conf elbv2.LoadBalancer 82 83 resource.Test(t, resource.TestCase{ 84 PreCheck: func() { testAccPreCheck(t) }, 85 IDRefreshName: "aws_alb.alb_test", 86 Providers: testAccProviders, 87 CheckDestroy: testAccCheckAWSALBDestroy, 88 Steps: []resource.TestStep{ 89 { 90 Config: testAccAWSALBConfig_generatedName(), 91 Check: resource.ComposeAggregateTestCheckFunc( 92 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 93 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 94 ), 95 }, 96 }, 97 }) 98 } 99 100 func TestAccAWSALB_namePrefix(t *testing.T) { 101 var conf elbv2.LoadBalancer 102 103 resource.Test(t, resource.TestCase{ 104 PreCheck: func() { testAccPreCheck(t) }, 105 IDRefreshName: "aws_alb.alb_test", 106 Providers: testAccProviders, 107 CheckDestroy: testAccCheckAWSALBDestroy, 108 Steps: []resource.TestStep{ 109 { 110 Config: testAccAWSALBConfig_namePrefix(), 111 Check: resource.ComposeAggregateTestCheckFunc( 112 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 113 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 114 resource.TestMatchResourceAttr("aws_alb.alb_test", "name", 115 regexp.MustCompile("^tf-lb")), 116 ), 117 }, 118 }, 119 }) 120 } 121 122 func TestAccAWSALB_tags(t *testing.T) { 123 var conf elbv2.LoadBalancer 124 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 125 126 resource.Test(t, resource.TestCase{ 127 PreCheck: func() { testAccPreCheck(t) }, 128 IDRefreshName: "aws_alb.alb_test", 129 Providers: testAccProviders, 130 CheckDestroy: testAccCheckAWSALBDestroy, 131 Steps: []resource.TestStep{ 132 { 133 Config: testAccAWSALBConfig_basic(albName), 134 Check: resource.ComposeAggregateTestCheckFunc( 135 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 136 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 137 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 138 ), 139 }, 140 { 141 Config: testAccAWSALBConfig_updatedTags(albName), 142 Check: resource.ComposeAggregateTestCheckFunc( 143 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 144 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "2"), 145 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Type", "Sample Type Tag"), 146 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Environment", "Production"), 147 ), 148 }, 149 }, 150 }) 151 } 152 153 // TestAccAWSALB_noSecurityGroup regression tests the issue in #8264, 154 // where if an ALB is created without a security group, a default one 155 // is assigned. 156 func TestAccAWSALB_noSecurityGroup(t *testing.T) { 157 var conf elbv2.LoadBalancer 158 albName := fmt.Sprintf("testaccawsalb-nosg-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 159 160 resource.Test(t, resource.TestCase{ 161 PreCheck: func() { testAccPreCheck(t) }, 162 IDRefreshName: "aws_alb.alb_test", 163 Providers: testAccProviders, 164 CheckDestroy: testAccCheckAWSALBDestroy, 165 Steps: []resource.TestStep{ 166 { 167 Config: testAccAWSALBConfig_nosg(albName), 168 Check: resource.ComposeAggregateTestCheckFunc( 169 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 170 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 171 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 172 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 173 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 174 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 175 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 176 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 177 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 178 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 179 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 180 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 181 ), 182 }, 183 }, 184 }) 185 } 186 187 func TestAccAWSALB_accesslogs(t *testing.T) { 188 var conf elbv2.LoadBalancer 189 bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)) 190 albName := fmt.Sprintf("testaccawsalbaccesslog-%s", acctest.RandStringFromCharSet(4, acctest.CharSetAlpha)) 191 192 resource.Test(t, resource.TestCase{ 193 PreCheck: func() { testAccPreCheck(t) }, 194 IDRefreshName: "aws_alb.alb_test", 195 Providers: testAccProviders, 196 CheckDestroy: testAccCheckAWSALBDestroy, 197 Steps: []resource.TestStep{ 198 { 199 Config: testAccAWSALBConfig_basic(albName), 200 Check: resource.ComposeAggregateTestCheckFunc( 201 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 202 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 203 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 204 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 205 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 206 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 207 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 208 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 209 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 210 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 211 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 212 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 213 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 214 ), 215 }, 216 { 217 Config: testAccAWSALBConfig_accessLogs(true, albName, bucketName), 218 Check: resource.ComposeAggregateTestCheckFunc( 219 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 220 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 221 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 222 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 223 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 224 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 225 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 226 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 227 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 228 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 229 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 230 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 231 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 232 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.bucket", bucketName), 233 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.prefix", "testAccAWSALBConfig_accessLogs"), 234 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "true"), 235 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 236 ), 237 }, 238 { 239 Config: testAccAWSALBConfig_accessLogs(false, albName, bucketName), 240 Check: resource.ComposeAggregateTestCheckFunc( 241 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 242 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 243 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 244 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 245 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 246 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 247 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 248 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 249 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 250 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 251 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 252 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 253 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 254 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "false"), 255 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 256 ), 257 }, 258 }, 259 }) 260 } 261 262 func testAccCheckAWSALBExists(n string, res *elbv2.LoadBalancer) resource.TestCheckFunc { 263 return func(s *terraform.State) error { 264 rs, ok := s.RootModule().Resources[n] 265 if !ok { 266 return fmt.Errorf("Not found: %s", n) 267 } 268 269 if rs.Primary.ID == "" { 270 return errors.New("No ALB ID is set") 271 } 272 273 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 274 275 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 276 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 277 }) 278 279 if err != nil { 280 return err 281 } 282 283 if len(describe.LoadBalancers) != 1 || 284 *describe.LoadBalancers[0].LoadBalancerArn != rs.Primary.ID { 285 return errors.New("ALB not found") 286 } 287 288 *res = *describe.LoadBalancers[0] 289 return nil 290 } 291 } 292 293 func testAccCheckAWSALBDestroy(s *terraform.State) error { 294 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 295 296 for _, rs := range s.RootModule().Resources { 297 if rs.Type != "aws_alb" { 298 continue 299 } 300 301 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 302 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 303 }) 304 305 if err == nil { 306 if len(describe.LoadBalancers) != 0 && 307 *describe.LoadBalancers[0].LoadBalancerArn == rs.Primary.ID { 308 return fmt.Errorf("ALB %q still exists", rs.Primary.ID) 309 } 310 } 311 312 // Verify the error 313 if isLoadBalancerNotFound(err) { 314 return nil 315 } else { 316 return errwrap.Wrapf("Unexpected error checking ALB destroyed: {{err}}", err) 317 } 318 } 319 320 return nil 321 } 322 323 func testAccAWSALBConfig_basic(albName string) string { 324 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 325 name = "%s" 326 internal = false 327 security_groups = ["${aws_security_group.alb_test.id}"] 328 subnets = ["${aws_subnet.alb_test.*.id}"] 329 330 idle_timeout = 30 331 enable_deletion_protection = false 332 333 tags { 334 TestName = "TestAccAWSALB_basic" 335 } 336 } 337 338 variable "subnets" { 339 default = ["10.0.1.0/24", "10.0.2.0/24"] 340 type = "list" 341 } 342 343 data "aws_availability_zones" "available" {} 344 345 resource "aws_vpc" "alb_test" { 346 cidr_block = "10.0.0.0/16" 347 348 tags { 349 TestName = "TestAccAWSALB_basic" 350 } 351 } 352 353 resource "aws_subnet" "alb_test" { 354 count = 2 355 vpc_id = "${aws_vpc.alb_test.id}" 356 cidr_block = "${element(var.subnets, count.index)}" 357 map_public_ip_on_launch = true 358 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 359 360 tags { 361 TestName = "TestAccAWSALB_basic" 362 } 363 } 364 365 resource "aws_security_group" "alb_test" { 366 name = "allow_all_alb_test" 367 description = "Used for ALB Testing" 368 vpc_id = "${aws_vpc.alb_test.id}" 369 370 ingress { 371 from_port = 0 372 to_port = 0 373 protocol = "-1" 374 cidr_blocks = ["0.0.0.0/0"] 375 } 376 377 egress { 378 from_port = 0 379 to_port = 0 380 protocol = "-1" 381 cidr_blocks = ["0.0.0.0/0"] 382 } 383 384 tags { 385 TestName = "TestAccAWSALB_basic" 386 } 387 }`, albName) 388 } 389 390 func testAccAWSALBConfig_generatedName() string { 391 return fmt.Sprintf(` 392 resource "aws_alb" "alb_test" { 393 internal = false 394 security_groups = ["${aws_security_group.alb_test.id}"] 395 subnets = ["${aws_subnet.alb_test.*.id}"] 396 397 idle_timeout = 30 398 enable_deletion_protection = false 399 400 tags { 401 TestName = "TestAccAWSALB_basic" 402 } 403 } 404 405 variable "subnets" { 406 default = ["10.0.1.0/24", "10.0.2.0/24"] 407 type = "list" 408 } 409 410 data "aws_availability_zones" "available" {} 411 412 resource "aws_vpc" "alb_test" { 413 cidr_block = "10.0.0.0/16" 414 415 tags { 416 TestName = "TestAccAWSALB_basic" 417 } 418 } 419 420 resource "aws_subnet" "alb_test" { 421 count = 2 422 vpc_id = "${aws_vpc.alb_test.id}" 423 cidr_block = "${element(var.subnets, count.index)}" 424 map_public_ip_on_launch = true 425 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 426 427 tags { 428 TestName = "TestAccAWSALB_basic" 429 } 430 } 431 432 resource "aws_security_group" "alb_test" { 433 name = "allow_all_alb_test" 434 description = "Used for ALB Testing" 435 vpc_id = "${aws_vpc.alb_test.id}" 436 437 ingress { 438 from_port = 0 439 to_port = 0 440 protocol = "-1" 441 cidr_blocks = ["0.0.0.0/0"] 442 } 443 444 egress { 445 from_port = 0 446 to_port = 0 447 protocol = "-1" 448 cidr_blocks = ["0.0.0.0/0"] 449 } 450 451 tags { 452 TestName = "TestAccAWSALB_basic" 453 } 454 }`) 455 } 456 457 func testAccAWSALBConfig_namePrefix() string { 458 return fmt.Sprintf(` 459 resource "aws_alb" "alb_test" { 460 name_prefix = "tf-lb" 461 internal = false 462 security_groups = ["${aws_security_group.alb_test.id}"] 463 subnets = ["${aws_subnet.alb_test.*.id}"] 464 465 idle_timeout = 30 466 enable_deletion_protection = false 467 468 tags { 469 TestName = "TestAccAWSALB_basic" 470 } 471 } 472 473 variable "subnets" { 474 default = ["10.0.1.0/24", "10.0.2.0/24"] 475 type = "list" 476 } 477 478 data "aws_availability_zones" "available" {} 479 480 resource "aws_vpc" "alb_test" { 481 cidr_block = "10.0.0.0/16" 482 483 tags { 484 TestName = "TestAccAWSALB_basic" 485 } 486 } 487 488 resource "aws_subnet" "alb_test" { 489 count = 2 490 vpc_id = "${aws_vpc.alb_test.id}" 491 cidr_block = "${element(var.subnets, count.index)}" 492 map_public_ip_on_launch = true 493 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 494 495 tags { 496 TestName = "TestAccAWSALB_basic" 497 } 498 } 499 500 resource "aws_security_group" "alb_test" { 501 name = "allow_all_alb_test" 502 description = "Used for ALB Testing" 503 vpc_id = "${aws_vpc.alb_test.id}" 504 505 ingress { 506 from_port = 0 507 to_port = 0 508 protocol = "-1" 509 cidr_blocks = ["0.0.0.0/0"] 510 } 511 512 egress { 513 from_port = 0 514 to_port = 0 515 protocol = "-1" 516 cidr_blocks = ["0.0.0.0/0"] 517 } 518 519 tags { 520 TestName = "TestAccAWSALB_basic" 521 } 522 }`) 523 } 524 func testAccAWSALBConfig_updatedTags(albName string) string { 525 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 526 name = "%s" 527 internal = false 528 security_groups = ["${aws_security_group.alb_test.id}"] 529 subnets = ["${aws_subnet.alb_test.*.id}"] 530 531 idle_timeout = 30 532 enable_deletion_protection = false 533 534 tags { 535 Environment = "Production" 536 Type = "Sample Type Tag" 537 } 538 } 539 540 variable "subnets" { 541 default = ["10.0.1.0/24", "10.0.2.0/24"] 542 type = "list" 543 } 544 545 data "aws_availability_zones" "available" {} 546 547 resource "aws_vpc" "alb_test" { 548 cidr_block = "10.0.0.0/16" 549 550 tags { 551 TestName = "TestAccAWSALB_basic" 552 } 553 } 554 555 resource "aws_subnet" "alb_test" { 556 count = 2 557 vpc_id = "${aws_vpc.alb_test.id}" 558 cidr_block = "${element(var.subnets, count.index)}" 559 map_public_ip_on_launch = true 560 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 561 562 tags { 563 TestName = "TestAccAWSALB_basic" 564 } 565 } 566 567 resource "aws_security_group" "alb_test" { 568 name = "allow_all_alb_test" 569 description = "Used for ALB Testing" 570 vpc_id = "${aws_vpc.alb_test.id}" 571 572 ingress { 573 from_port = 0 574 to_port = 0 575 protocol = "-1" 576 cidr_blocks = ["0.0.0.0/0"] 577 } 578 579 egress { 580 from_port = 0 581 to_port = 0 582 protocol = "-1" 583 cidr_blocks = ["0.0.0.0/0"] 584 } 585 586 tags { 587 TestName = "TestAccAWSALB_basic" 588 } 589 }`, albName) 590 } 591 592 func testAccAWSALBConfig_accessLogs(enabled bool, albName, bucketName string) string { 593 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 594 name = "%s" 595 internal = false 596 security_groups = ["${aws_security_group.alb_test.id}"] 597 subnets = ["${aws_subnet.alb_test.*.id}"] 598 599 idle_timeout = 50 600 enable_deletion_protection = false 601 602 access_logs { 603 bucket = "${aws_s3_bucket.logs.bucket}" 604 prefix = "${var.bucket_prefix}" 605 enabled = "%t" 606 } 607 608 tags { 609 TestName = "TestAccAWSALB_basic1" 610 } 611 } 612 613 variable "bucket_name" { 614 type = "string" 615 default = "%s" 616 } 617 618 variable "bucket_prefix" { 619 type = "string" 620 default = "testAccAWSALBConfig_accessLogs" 621 } 622 623 resource "aws_s3_bucket" "logs" { 624 bucket = "${var.bucket_name}" 625 policy = "${data.aws_iam_policy_document.logs_bucket.json}" 626 # dangerous, only here for the test... 627 force_destroy = true 628 629 tags { 630 Name = "ALB Logs Bucket Test" 631 } 632 } 633 634 data "aws_caller_identity" "current" {} 635 636 data "aws_elb_service_account" "current" {} 637 638 data "aws_iam_policy_document" "logs_bucket" { 639 statement { 640 actions = ["s3:PutObject"] 641 effect = "Allow" 642 resources = ["arn:aws:s3:::${var.bucket_name}/${var.bucket_prefix}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"] 643 644 principals = { 645 type = "AWS" 646 identifiers = ["arn:aws:iam::${data.aws_elb_service_account.current.id}:root"] 647 } 648 } 649 } 650 651 variable "subnets" { 652 default = ["10.0.1.0/24", "10.0.2.0/24"] 653 type = "list" 654 } 655 656 data "aws_availability_zones" "available" {} 657 658 resource "aws_vpc" "alb_test" { 659 cidr_block = "10.0.0.0/16" 660 661 tags { 662 TestName = "TestAccAWSALB_basic" 663 } 664 } 665 666 resource "aws_subnet" "alb_test" { 667 count = 2 668 vpc_id = "${aws_vpc.alb_test.id}" 669 cidr_block = "${element(var.subnets, count.index)}" 670 map_public_ip_on_launch = true 671 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 672 673 tags { 674 TestName = "TestAccAWSALB_basic" 675 } 676 } 677 678 resource "aws_security_group" "alb_test" { 679 name = "allow_all_alb_test" 680 description = "Used for ALB Testing" 681 vpc_id = "${aws_vpc.alb_test.id}" 682 683 ingress { 684 from_port = 0 685 to_port = 0 686 protocol = "-1" 687 cidr_blocks = ["0.0.0.0/0"] 688 } 689 690 egress { 691 from_port = 0 692 to_port = 0 693 protocol = "-1" 694 cidr_blocks = ["0.0.0.0/0"] 695 } 696 697 tags { 698 TestName = "TestAccAWSALB_basic" 699 } 700 }`, albName, enabled, bucketName) 701 } 702 703 func testAccAWSALBConfig_nosg(albName string) string { 704 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 705 name = "%s" 706 internal = false 707 subnets = ["${aws_subnet.alb_test.*.id}"] 708 709 idle_timeout = 30 710 enable_deletion_protection = false 711 712 tags { 713 TestName = "TestAccAWSALB_basic" 714 } 715 } 716 717 variable "subnets" { 718 default = ["10.0.1.0/24", "10.0.2.0/24"] 719 type = "list" 720 } 721 722 data "aws_availability_zones" "available" {} 723 724 resource "aws_vpc" "alb_test" { 725 cidr_block = "10.0.0.0/16" 726 727 tags { 728 TestName = "TestAccAWSALB_basic" 729 } 730 } 731 732 resource "aws_subnet" "alb_test" { 733 count = 2 734 vpc_id = "${aws_vpc.alb_test.id}" 735 cidr_block = "${element(var.subnets, count.index)}" 736 map_public_ip_on_launch = true 737 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 738 739 tags { 740 TestName = "TestAccAWSALB_basic" 741 } 742 }`, albName) 743 }