github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/aws/resource_aws_flow_log_test.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	"github.com/aws/aws-sdk-go/aws"
     8  	"github.com/aws/aws-sdk-go/service/ec2"
     9  	"github.com/hashicorp/terraform/helper/resource"
    10  	"github.com/hashicorp/terraform/terraform"
    11  )
    12  
    13  func TestAccAWSFlowLog_basic(t *testing.T) {
    14  	var flowLog ec2.FlowLog
    15  
    16  	resource.Test(t, resource.TestCase{
    17  		PreCheck:      func() { testAccPreCheck(t) },
    18  		IDRefreshName: "aws_flow_log.test_flow_log",
    19  		Providers:     testAccProviders,
    20  		CheckDestroy:  testAccCheckFlowLogDestroy,
    21  		Steps: []resource.TestStep{
    22  			resource.TestStep{
    23  				Config: testAccFlowLogConfig_basic,
    24  				Check: resource.ComposeTestCheckFunc(
    25  					testAccCheckFlowLogExists("aws_flow_log.test_flow_log", &flowLog),
    26  					testAccCheckAWSFlowLogAttributes(&flowLog),
    27  				),
    28  			},
    29  		},
    30  	})
    31  }
    32  
    33  func TestAccAWSFlowLog_subnet(t *testing.T) {
    34  	var flowLog ec2.FlowLog
    35  
    36  	resource.Test(t, resource.TestCase{
    37  		PreCheck:      func() { testAccPreCheck(t) },
    38  		IDRefreshName: "aws_flow_log.test_flow_log_subnet",
    39  		Providers:     testAccProviders,
    40  		CheckDestroy:  testAccCheckFlowLogDestroy,
    41  		Steps: []resource.TestStep{
    42  			resource.TestStep{
    43  				Config: testAccFlowLogConfig_subnet,
    44  				Check: resource.ComposeTestCheckFunc(
    45  					testAccCheckFlowLogExists("aws_flow_log.test_flow_log_subnet", &flowLog),
    46  					testAccCheckAWSFlowLogAttributes(&flowLog),
    47  				),
    48  			},
    49  		},
    50  	})
    51  }
    52  
    53  func testAccCheckFlowLogExists(n string, flowLog *ec2.FlowLog) resource.TestCheckFunc {
    54  	return func(s *terraform.State) error {
    55  		rs, ok := s.RootModule().Resources[n]
    56  		if !ok {
    57  			return fmt.Errorf("Not found: %s", n)
    58  		}
    59  
    60  		if rs.Primary.ID == "" {
    61  			return fmt.Errorf("No Flow Log ID is set")
    62  		}
    63  
    64  		conn := testAccProvider.Meta().(*AWSClient).ec2conn
    65  		describeOpts := &ec2.DescribeFlowLogsInput{
    66  			FlowLogIds: []*string{aws.String(rs.Primary.ID)},
    67  		}
    68  		resp, err := conn.DescribeFlowLogs(describeOpts)
    69  		if err != nil {
    70  			return err
    71  		}
    72  
    73  		if len(resp.FlowLogs) > 0 {
    74  			*flowLog = *resp.FlowLogs[0]
    75  			return nil
    76  		}
    77  		return fmt.Errorf("No Flow Logs found for id (%s)", rs.Primary.ID)
    78  	}
    79  }
    80  
    81  func testAccCheckAWSFlowLogAttributes(flowLog *ec2.FlowLog) resource.TestCheckFunc {
    82  	return func(s *terraform.State) error {
    83  		if flowLog.FlowLogStatus != nil && *flowLog.FlowLogStatus == "ACTIVE" {
    84  			return nil
    85  		}
    86  		if flowLog.FlowLogStatus == nil {
    87  			return fmt.Errorf("Flow Log status is not ACTIVE, is nil")
    88  		} else {
    89  			return fmt.Errorf("Flow Log status is not ACTIVE, got: %s", *flowLog.FlowLogStatus)
    90  		}
    91  	}
    92  }
    93  
    94  func testAccCheckFlowLogDestroy(s *terraform.State) error {
    95  	for _, rs := range s.RootModule().Resources {
    96  		if rs.Type != "aws_flow_log" {
    97  			continue
    98  		}
    99  
   100  		return nil
   101  	}
   102  
   103  	return nil
   104  }
   105  
   106  var testAccFlowLogConfig_basic = `
   107  resource "aws_vpc" "default" {
   108          cidr_block = "10.0.0.0/16"
   109          tags {
   110                  Name = "tf-flow-log-test"
   111          }
   112  }
   113  
   114  resource "aws_subnet" "test_subnet" {
   115          vpc_id = "${aws_vpc.default.id}"
   116          cidr_block = "10.0.1.0/24"
   117  
   118          tags {
   119                  Name = "tf-flow-test"
   120          }
   121  }
   122  
   123  resource "aws_iam_role" "test_role" {
   124      name = "test_role"
   125      assume_role_policy = <<EOF
   126  {
   127    "Version": "2012-10-17",
   128    "Statement": [
   129      {
   130        "Effect": "Allow",
   131        "Principal": {
   132          "Service": [
   133            "ec2.amazonaws.com"
   134          ]
   135        },
   136        "Action": [
   137          "sts:AssumeRole"
   138        ]
   139      }
   140    ]
   141  }
   142  EOF
   143  }
   144  
   145  resource "aws_cloudwatch_log_group" "foobar" {
   146      name = "foo-bar"
   147  }
   148  resource "aws_flow_log" "test_flow_log" {
   149          # log_group_name needs to exist before hand
   150          # until we have a CloudWatch Log Group Resource
   151          log_group_name = "tf-test-log-group"
   152          iam_role_arn = "${aws_iam_role.test_role.arn}"
   153          vpc_id = "${aws_vpc.default.id}"
   154          traffic_type = "ALL"
   155  }
   156  
   157  resource "aws_flow_log" "test_flow_log_subnet" {
   158          # log_group_name needs to exist before hand
   159          # until we have a CloudWatch Log Group Resource
   160          log_group_name = "${aws_cloudwatch_log_group.foobar.name}"
   161          iam_role_arn = "${aws_iam_role.test_role.arn}"
   162          subnet_id = "${aws_subnet.test_subnet.id}"
   163          traffic_type = "ALL"
   164  }
   165  `
   166  
   167  var testAccFlowLogConfig_subnet = `
   168  resource "aws_vpc" "default" {
   169          cidr_block = "10.0.0.0/16"
   170          tags {
   171                  Name = "tf-flow-log-test"
   172          }
   173  }
   174  
   175  resource "aws_subnet" "test_subnet" {
   176          vpc_id = "${aws_vpc.default.id}"
   177          cidr_block = "10.0.1.0/24"
   178  
   179          tags {
   180                  Name = "tf-flow-test"
   181          }
   182  }
   183  
   184  resource "aws_iam_role" "test_role" {
   185      name = "test_role"
   186      assume_role_policy = <<EOF
   187  {
   188    "Version": "2012-10-17",
   189    "Statement": [
   190      {
   191        "Effect": "Allow",
   192        "Principal": {
   193          "Service": [
   194            "ec2.amazonaws.com"
   195          ]
   196        },
   197        "Action": [
   198          "sts:AssumeRole"
   199        ]
   200      }
   201    ]
   202  }
   203  EOF
   204  }
   205  resource "aws_cloudwatch_log_group" "foobar" {
   206      name = "foo-bar"
   207  }
   208  
   209  resource "aws_flow_log" "test_flow_log_subnet" {
   210          # log_group_name needs to exist before hand
   211          # until we have a CloudWatch Log Group Resource
   212          log_group_name = "${aws_cloudwatch_log_group.foobar.name}"
   213          iam_role_arn = "${aws_iam_role.test_role.arn}"
   214          subnet_id = "${aws_subnet.test_subnet.id}"
   215          traffic_type = "ALL"
   216  }
   217  `