github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/aws/resource_aws_emr_instance_group_test.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  	"testing"
     7  
     8  	"github.com/aws/aws-sdk-go/aws"
     9  	"github.com/aws/aws-sdk-go/aws/awserr"
    10  	"github.com/aws/aws-sdk-go/service/emr"
    11  	"github.com/hashicorp/terraform/helper/acctest"
    12  	"github.com/hashicorp/terraform/helper/resource"
    13  	"github.com/hashicorp/terraform/terraform"
    14  )
    15  
    16  func TestAccAWSEMRInstanceGroup_basic(t *testing.T) {
    17  	var ig emr.InstanceGroup
    18  	rInt := acctest.RandInt()
    19  	resource.Test(t, resource.TestCase{
    20  		PreCheck:     func() { testAccPreCheck(t) },
    21  		Providers:    testAccProviders,
    22  		CheckDestroy: testAccCheckAWSEmrInstanceGroupDestroy,
    23  		Steps: []resource.TestStep{
    24  			resource.TestStep{
    25  				Config: testAccAWSEmrInstanceGroupConfig(rInt),
    26  				Check:  testAccCheckAWSEmrInstanceGroupExists("aws_emr_instance_group.task", &ig),
    27  			},
    28  		},
    29  	})
    30  }
    31  
    32  func testAccCheckAWSEmrInstanceGroupDestroy(s *terraform.State) error {
    33  	conn := testAccProvider.Meta().(*AWSClient).emrconn
    34  
    35  	for _, rs := range s.RootModule().Resources {
    36  		if rs.Type != "aws_emr_cluster" {
    37  			continue
    38  		}
    39  
    40  		params := &emr.DescribeClusterInput{
    41  			ClusterId: aws.String(rs.Primary.ID),
    42  		}
    43  
    44  		describe, err := conn.DescribeCluster(params)
    45  
    46  		if err == nil {
    47  			if describe.Cluster != nil &&
    48  				*describe.Cluster.Status.State == "WAITING" {
    49  				return fmt.Errorf("EMR Cluster still exists")
    50  			}
    51  		}
    52  
    53  		providerErr, ok := err.(awserr.Error)
    54  		if !ok {
    55  			return err
    56  		}
    57  
    58  		log.Printf("[ERROR] %v", providerErr)
    59  	}
    60  
    61  	return nil
    62  }
    63  
    64  func testAccCheckAWSEmrInstanceGroupExists(n string, v *emr.InstanceGroup) resource.TestCheckFunc {
    65  	return func(s *terraform.State) error {
    66  		rs, ok := s.RootModule().Resources[n]
    67  		if !ok {
    68  			return fmt.Errorf("Not found: %s", n)
    69  		}
    70  		if rs.Primary.ID == "" {
    71  			return fmt.Errorf("No task group id set")
    72  		}
    73  		meta := testAccProvider.Meta()
    74  		g, err := fetchEMRInstanceGroup(meta, rs.Primary.Attributes["cluster_id"], rs.Primary.ID)
    75  		if err != nil {
    76  			return fmt.Errorf("EMR error: %v", err)
    77  		}
    78  
    79  		if g == nil {
    80  			return fmt.Errorf("No match found for (%s)", n)
    81  		}
    82  
    83  		v = g
    84  		return nil
    85  	}
    86  }
    87  
    88  func testAccAWSEmrInstanceGroupConfig(r int) string {
    89  	return fmt.Sprintf(`
    90  provider "aws" {
    91    region = "us-west-2"
    92  }
    93  
    94  resource "aws_emr_cluster" "tf-test-cluster" {
    95    name          = "tf-test-emr-%d"
    96    release_label = "emr-4.6.0"
    97    applications  = ["Spark"]
    98  
    99    ec2_attributes {
   100      subnet_id                         = "${aws_subnet.main.id}"
   101      emr_managed_master_security_group = "${aws_security_group.allow_all.id}"
   102      emr_managed_slave_security_group  = "${aws_security_group.allow_all.id}"
   103      instance_profile                  = "${aws_iam_instance_profile.emr_profile.arn}"
   104    }
   105  
   106    master_instance_type = "m3.xlarge"
   107    core_instance_type   = "m3.xlarge"
   108    core_instance_count  = 2
   109  
   110    tags {
   111      role     = "rolename"
   112      dns_zone = "env_zone"
   113      env      = "env"
   114      name     = "name-env"
   115    }
   116  
   117    bootstrap_action {
   118      path = "s3://elasticmapreduce/bootstrap-actions/run-if"
   119      name = "runif"
   120      args = ["instance.isMaster=true", "echo running on master node"]
   121    }
   122  
   123    configurations = "test-fixtures/emr_configurations.json"
   124    service_role = "${aws_iam_role.iam_emr_default_role.arn}"
   125  
   126    depends_on = ["aws_internet_gateway.gw"]
   127  }
   128  
   129  resource "aws_emr_instance_group" "task" {
   130    cluster_id     = "${aws_emr_cluster.tf-test-cluster.id}"
   131    instance_count = 1
   132    instance_type  = "m3.xlarge"
   133  }
   134  
   135  resource "aws_security_group" "allow_all" {
   136    name        = "allow_all"
   137    description = "Allow all inbound traffic"
   138    vpc_id      = "${aws_vpc.main.id}"
   139  
   140    ingress {
   141      from_port   = 0
   142      to_port     = 0
   143      protocol    = "-1"
   144      cidr_blocks = ["0.0.0.0/0"]
   145    }
   146  
   147    egress {
   148      from_port   = 0
   149      to_port     = 0
   150      protocol    = "-1"
   151      cidr_blocks = ["0.0.0.0/0"]
   152    }
   153  
   154    depends_on = ["aws_subnet.main"]
   155  
   156    lifecycle {
   157      ignore_changes = ["ingress", "egress"]
   158    }
   159  }
   160  
   161  resource "aws_vpc" "main" {
   162    cidr_block           = "168.31.0.0/16"
   163    enable_dns_hostnames = true
   164  }
   165  
   166  resource "aws_subnet" "main" {
   167    vpc_id     = "${aws_vpc.main.id}"
   168    cidr_block = "168.31.0.0/20"
   169  
   170    #  map_public_ip_on_launch = true
   171  }
   172  
   173  resource "aws_internet_gateway" "gw" {
   174    vpc_id = "${aws_vpc.main.id}"
   175  }
   176  
   177  resource "aws_route_table" "r" {
   178    vpc_id = "${aws_vpc.main.id}"
   179  
   180    route {
   181      cidr_block = "0.0.0.0/0"
   182      gateway_id = "${aws_internet_gateway.gw.id}"
   183    }
   184  }
   185  
   186  resource "aws_main_route_table_association" "a" {
   187    vpc_id         = "${aws_vpc.main.id}"
   188    route_table_id = "${aws_route_table.r.id}"
   189  }
   190  
   191  ###
   192  
   193  # IAM role for EMR Service
   194  resource "aws_iam_role" "iam_emr_default_role" {
   195    name = "iam_emr_default_role_%d"
   196  
   197    assume_role_policy = <<EOT
   198  {
   199    "Version": "2008-10-17",
   200    "Statement": [
   201      {
   202        "Sid": "",
   203        "Effect": "Allow",
   204        "Principal": {
   205          "Service": "elasticmapreduce.amazonaws.com"
   206        },
   207        "Action": "sts:AssumeRole"
   208      }
   209    ]
   210  }
   211  EOT
   212  }
   213  
   214  resource "aws_iam_role_policy_attachment" "service-attach" {
   215    role       = "${aws_iam_role.iam_emr_default_role.id}"
   216    policy_arn = "${aws_iam_policy.iam_emr_default_policy.arn}"
   217  }
   218  
   219  resource "aws_iam_policy" "iam_emr_default_policy" {
   220    name = "iam_emr_default_policy_%d"
   221  
   222    policy = <<EOT
   223  {
   224      "Version": "2012-10-17",
   225      "Statement": [{
   226          "Effect": "Allow",
   227          "Resource": "*",
   228          "Action": [
   229              "ec2:AuthorizeSecurityGroupEgress",
   230              "ec2:AuthorizeSecurityGroupIngress",
   231              "ec2:CancelSpotInstanceRequests",
   232              "ec2:CreateNetworkInterface",
   233              "ec2:CreateSecurityGroup",
   234              "ec2:CreateTags",
   235              "ec2:DeleteNetworkInterface",
   236              "ec2:DeleteSecurityGroup",
   237              "ec2:DeleteTags",
   238              "ec2:DescribeAvailabilityZones",
   239              "ec2:DescribeAccountAttributes",
   240              "ec2:DescribeDhcpOptions",
   241              "ec2:DescribeInstanceStatus",
   242              "ec2:DescribeInstances",
   243              "ec2:DescribeKeyPairs",
   244              "ec2:DescribeNetworkAcls",
   245              "ec2:DescribeNetworkInterfaces",
   246              "ec2:DescribePrefixLists",
   247              "ec2:DescribeRouteTables",
   248              "ec2:DescribeSecurityGroups",
   249              "ec2:DescribeSpotInstanceRequests",
   250              "ec2:DescribeSpotPriceHistory",
   251              "ec2:DescribeSubnets",
   252              "ec2:DescribeVpcAttribute",
   253              "ec2:DescribeVpcEndpoints",
   254              "ec2:DescribeVpcEndpointServices",
   255              "ec2:DescribeVpcs",
   256              "ec2:DetachNetworkInterface",
   257              "ec2:ModifyImageAttribute",
   258              "ec2:ModifyInstanceAttribute",
   259              "ec2:RequestSpotInstances",
   260              "ec2:RevokeSecurityGroupEgress",
   261              "ec2:RunInstances",
   262              "ec2:TerminateInstances",
   263              "ec2:DeleteVolume",
   264              "ec2:DescribeVolumeStatus",
   265              "ec2:DescribeVolumes",
   266              "ec2:DetachVolume",
   267              "iam:GetRole",
   268              "iam:GetRolePolicy",
   269              "iam:ListInstanceProfiles",
   270              "iam:ListRolePolicies",
   271              "iam:PassRole",
   272              "s3:CreateBucket",
   273              "s3:Get*",
   274              "s3:List*",
   275              "sdb:BatchPutAttributes",
   276              "sdb:Select",
   277              "sqs:CreateQueue",
   278              "sqs:Delete*",
   279              "sqs:GetQueue*",
   280              "sqs:PurgeQueue",
   281              "sqs:ReceiveMessage"
   282          ]
   283      }]
   284  }
   285  EOT
   286  }
   287  
   288  # IAM Role for EC2 Instance Profile
   289  resource "aws_iam_role" "iam_emr_profile_role" {
   290    name = "iam_emr_profile_role_%d"
   291  
   292    assume_role_policy = <<EOT
   293  {
   294    "Version": "2008-10-17",
   295    "Statement": [
   296      {
   297        "Sid": "",
   298        "Effect": "Allow",
   299        "Principal": {
   300          "Service": "ec2.amazonaws.com"
   301        },
   302        "Action": "sts:AssumeRole"
   303      }
   304    ]
   305  }
   306  EOT
   307  }
   308  
   309  resource "aws_iam_instance_profile" "emr_profile" {
   310    name  = "emr_profile_%d"
   311    roles = ["${aws_iam_role.iam_emr_profile_role.name}"]
   312  }
   313  
   314  resource "aws_iam_role_policy_attachment" "profile-attach" {
   315    role       = "${aws_iam_role.iam_emr_profile_role.id}"
   316    policy_arn = "${aws_iam_policy.iam_emr_profile_policy.arn}"
   317  }
   318  
   319  resource "aws_iam_policy" "iam_emr_profile_policy" {
   320    name = "iam_emr_profile_policy_%d"
   321  
   322    policy = <<EOT
   323  {
   324      "Version": "2012-10-17",
   325      "Statement": [{
   326          "Effect": "Allow",
   327          "Resource": "*",
   328          "Action": [
   329              "cloudwatch:*",
   330              "dynamodb:*",
   331              "ec2:Describe*",
   332              "elasticmapreduce:Describe*",
   333              "elasticmapreduce:ListBootstrapActions",
   334              "elasticmapreduce:ListClusters",
   335              "elasticmapreduce:ListInstanceGroups",
   336              "elasticmapreduce:ListInstances",
   337              "elasticmapreduce:ListSteps",
   338              "kinesis:CreateStream",
   339              "kinesis:DeleteStream",
   340              "kinesis:DescribeStream",
   341              "kinesis:GetRecords",
   342              "kinesis:GetShardIterator",
   343              "kinesis:MergeShards",
   344              "kinesis:PutRecord",
   345              "kinesis:SplitShard",
   346              "rds:Describe*",
   347              "s3:*",
   348              "sdb:*",
   349              "sns:*",
   350              "sqs:*"
   351          ]
   352      }]
   353  }
   354  EOT
   355  }`, r, r, r, r, r, r)
   356  }