github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/aws/resource_aws_opsworks_stack_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/acctest" 8 "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/terraform" 10 11 "github.com/aws/aws-sdk-go/aws" 12 "github.com/aws/aws-sdk-go/aws/awserr" 13 "github.com/aws/aws-sdk-go/service/opsworks" 14 ) 15 16 /////////////////////////////// 17 //// Tests for the No-VPC case 18 /////////////////////////////// 19 20 func TestAccAWSOpsworksStackNoVpc(t *testing.T) { 21 stackName := fmt.Sprintf("tf-opsworks-acc-%d", acctest.RandInt()) 22 resource.Test(t, resource.TestCase{ 23 PreCheck: func() { testAccPreCheck(t) }, 24 Providers: testAccProviders, 25 CheckDestroy: testAccCheckAwsOpsworksStackDestroy, 26 Steps: []resource.TestStep{ 27 resource.TestStep{ 28 Config: testAccAwsOpsworksStackConfigNoVpcCreate(stackName), 29 Check: testAccAwsOpsworksStackCheckResourceAttrsCreate("us-east-1a", stackName), 30 }, 31 // resource.TestStep{ 32 // Config: testAccAWSOpsworksStackConfigNoVpcUpdate(stackName), 33 // Check: testAccAwsOpsworksStackCheckResourceAttrsUpdate("us-east-1c", stackName), 34 // }, 35 }, 36 }) 37 } 38 39 func TestAccAWSOpsworksStackVpc(t *testing.T) { 40 stackName := fmt.Sprintf("tf-opsworks-acc-%d", acctest.RandInt()) 41 resource.Test(t, resource.TestCase{ 42 PreCheck: func() { testAccPreCheck(t) }, 43 Providers: testAccProviders, 44 CheckDestroy: testAccCheckAwsOpsworksStackDestroy, 45 Steps: []resource.TestStep{ 46 resource.TestStep{ 47 Config: testAccAwsOpsworksStackConfigVpcCreate(stackName), 48 Check: testAccAwsOpsworksStackCheckResourceAttrsCreate("us-west-2a", stackName), 49 }, 50 resource.TestStep{ 51 Config: testAccAWSOpsworksStackConfigVpcUpdate(stackName), 52 Check: resource.ComposeTestCheckFunc( 53 testAccAwsOpsworksStackCheckResourceAttrsUpdate("us-west-2a", stackName), 54 testAccAwsOpsworksCheckVpc, 55 ), 56 }, 57 }, 58 }) 59 } 60 61 //////////////////////////// 62 //// Checkers and Utilities 63 //////////////////////////// 64 65 func testAccAwsOpsworksStackCheckResourceAttrsCreate(zone, stackName string) resource.TestCheckFunc { 66 return resource.ComposeTestCheckFunc( 67 resource.TestCheckResourceAttr( 68 "aws_opsworks_stack.tf-acc", 69 "name", 70 stackName, 71 ), 72 resource.TestCheckResourceAttr( 73 "aws_opsworks_stack.tf-acc", 74 "default_availability_zone", 75 zone, 76 ), 77 resource.TestCheckResourceAttr( 78 "aws_opsworks_stack.tf-acc", 79 "default_os", 80 "Amazon Linux 2014.09", 81 ), 82 resource.TestCheckResourceAttr( 83 "aws_opsworks_stack.tf-acc", 84 "default_root_device_type", 85 "ebs", 86 ), 87 resource.TestCheckResourceAttr( 88 "aws_opsworks_stack.tf-acc", 89 "custom_json", 90 `{"key": "value"}`, 91 ), 92 resource.TestCheckResourceAttr( 93 "aws_opsworks_stack.tf-acc", 94 "configuration_manager_version", 95 "11.10", 96 ), 97 resource.TestCheckResourceAttr( 98 "aws_opsworks_stack.tf-acc", 99 "use_opsworks_security_groups", 100 "false", 101 ), 102 ) 103 } 104 105 func testAccAwsOpsworksStackCheckResourceAttrsUpdate(zone, stackName string) resource.TestCheckFunc { 106 return resource.ComposeTestCheckFunc( 107 resource.TestCheckResourceAttr( 108 "aws_opsworks_stack.tf-acc", 109 "name", 110 stackName, 111 ), 112 resource.TestCheckResourceAttr( 113 "aws_opsworks_stack.tf-acc", 114 "default_availability_zone", 115 zone, 116 ), 117 resource.TestCheckResourceAttr( 118 "aws_opsworks_stack.tf-acc", 119 "default_os", 120 "Amazon Linux 2014.09", 121 ), 122 resource.TestCheckResourceAttr( 123 "aws_opsworks_stack.tf-acc", 124 "default_root_device_type", 125 "ebs", 126 ), 127 resource.TestCheckResourceAttr( 128 "aws_opsworks_stack.tf-acc", 129 "custom_json", 130 `{"key": "value"}`, 131 ), 132 resource.TestCheckResourceAttr( 133 "aws_opsworks_stack.tf-acc", 134 "configuration_manager_version", 135 "11.10", 136 ), 137 resource.TestCheckResourceAttr( 138 "aws_opsworks_stack.tf-acc", 139 "use_opsworks_security_groups", 140 "false", 141 ), 142 resource.TestCheckResourceAttr( 143 "aws_opsworks_stack.tf-acc", 144 "use_custom_cookbooks", 145 "true", 146 ), 147 resource.TestCheckResourceAttr( 148 "aws_opsworks_stack.tf-acc", 149 "manage_berkshelf", 150 "true", 151 ), 152 resource.TestCheckResourceAttr( 153 "aws_opsworks_stack.tf-acc", 154 "custom_cookbooks_source.0.type", 155 "git", 156 ), 157 resource.TestCheckResourceAttr( 158 "aws_opsworks_stack.tf-acc", 159 "custom_cookbooks_source.0.revision", 160 "master", 161 ), 162 resource.TestCheckResourceAttr( 163 "aws_opsworks_stack.tf-acc", 164 "custom_cookbooks_source.0.url", 165 "https://github.com/aws/opsworks-example-cookbooks.git", 166 ), 167 ) 168 } 169 170 func testAccAwsOpsworksCheckVpc(s *terraform.State) error { 171 rs, ok := s.RootModule().Resources["aws_opsworks_stack.tf-acc"] 172 if !ok { 173 return fmt.Errorf("Not found: %s", "aws_opsworks_stack.tf-acc") 174 } 175 if rs.Primary.ID == "" { 176 return fmt.Errorf("No ID is set") 177 } 178 179 p := rs.Primary 180 181 opsworksconn := testAccProvider.Meta().(*AWSClient).opsworksconn 182 describeOpts := &opsworks.DescribeStacksInput{ 183 StackIds: []*string{aws.String(p.ID)}, 184 } 185 resp, err := opsworksconn.DescribeStacks(describeOpts) 186 if err != nil { 187 return err 188 } 189 if len(resp.Stacks) == 0 { 190 return fmt.Errorf("No stack %s not found", p.ID) 191 } 192 if p.Attributes["vpc_id"] != *resp.Stacks[0].VpcId { 193 return fmt.Errorf("VPCID Got %s, expected %s", *resp.Stacks[0].VpcId, p.Attributes["vpc_id"]) 194 } 195 if p.Attributes["default_subnet_id"] != *resp.Stacks[0].DefaultSubnetId { 196 return fmt.Errorf("VPCID Got %s, expected %s", *resp.Stacks[0].DefaultSubnetId, p.Attributes["default_subnet_id"]) 197 } 198 return nil 199 } 200 201 func testAccCheckAwsOpsworksStackDestroy(s *terraform.State) error { 202 opsworksconn := testAccProvider.Meta().(*AWSClient).opsworksconn 203 for _, rs := range s.RootModule().Resources { 204 if rs.Type != "aws_opsworks_stack" { 205 continue 206 } 207 208 req := &opsworks.DescribeStacksInput{ 209 StackIds: []*string{ 210 aws.String(rs.Primary.ID), 211 }, 212 } 213 214 _, err := opsworksconn.DescribeStacks(req) 215 if err != nil { 216 if awserr, ok := err.(awserr.Error); ok { 217 if awserr.Code() == "ResourceNotFoundException" { 218 // not found, all good 219 return nil 220 } 221 } 222 return err 223 } 224 } 225 return fmt.Errorf("Fall through error for OpsWorks stack test") 226 } 227 228 ////////////////////////////////////////////////// 229 //// Helper configs for the necessary IAM objects 230 ////////////////////////////////////////////////// 231 232 func testAccAwsOpsworksStackConfigNoVpcCreate(name string) string { 233 return fmt.Sprintf(` 234 resource "aws_opsworks_stack" "tf-acc" { 235 name = "%s" 236 region = "us-east-1" 237 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 238 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 239 default_availability_zone = "us-east-1a" 240 default_os = "Amazon Linux 2014.09" 241 default_root_device_type = "ebs" 242 custom_json = "{\"key\": \"value\"}" 243 configuration_manager_version = "11.10" 244 use_opsworks_security_groups = false 245 } 246 247 resource "aws_iam_role" "opsworks_service" { 248 name = "%s_opsworks_service" 249 assume_role_policy = <<EOT 250 { 251 "Version": "2008-10-17", 252 "Statement": [ 253 { 254 "Sid": "", 255 "Effect": "Allow", 256 "Principal": { 257 "Service": "opsworks.amazonaws.com" 258 }, 259 "Action": "sts:AssumeRole" 260 } 261 ] 262 } 263 EOT 264 } 265 266 resource "aws_iam_role_policy" "opsworks_service" { 267 name = "%s_opsworks_service" 268 role = "${aws_iam_role.opsworks_service.id}" 269 policy = <<EOT 270 { 271 "Statement": [ 272 { 273 "Action": [ 274 "ec2:*", 275 "iam:PassRole", 276 "cloudwatch:GetMetricStatistics", 277 "elasticloadbalancing:*", 278 "rds:*" 279 ], 280 "Effect": "Allow", 281 "Resource": ["*"] 282 } 283 ] 284 } 285 EOT 286 } 287 288 resource "aws_iam_role" "opsworks_instance" { 289 name = "%s_opsworks_instance" 290 assume_role_policy = <<EOT 291 { 292 "Version": "2008-10-17", 293 "Statement": [ 294 { 295 "Sid": "", 296 "Effect": "Allow", 297 "Principal": { 298 "Service": "ec2.amazonaws.com" 299 }, 300 "Action": "sts:AssumeRole" 301 } 302 ] 303 } 304 EOT 305 } 306 307 resource "aws_iam_instance_profile" "opsworks_instance" { 308 name = "%s_opsworks_instance" 309 roles = ["${aws_iam_role.opsworks_instance.name}"] 310 }`, name, name, name, name, name) 311 } 312 313 func testAccAWSOpsworksStackConfigNoVpcUpdate(name string) string { 314 return fmt.Sprintf(` 315 resource "aws_opsworks_stack" "tf-acc" { 316 name = "%s" 317 region = "us-east-1" 318 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 319 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 320 default_availability_zone = "us-east-1a" 321 default_os = "Amazon Linux 2014.09" 322 default_root_device_type = "ebs" 323 custom_json = "{\"key\": \"value\"}" 324 configuration_manager_version = "11.10" 325 use_opsworks_security_groups = false 326 use_custom_cookbooks = true 327 manage_berkshelf = true 328 custom_cookbooks_source { 329 type = "git" 330 revision = "master" 331 url = "https://github.com/aws/opsworks-example-cookbooks.git" 332 username = "example" 333 password = "example" 334 } 335 resource "aws_iam_role" "opsworks_service" { 336 name = "%s_opsworks_service" 337 assume_role_policy = <<EOT 338 { 339 "Version": "2008-10-17", 340 "Statement": [ 341 { 342 "Sid": "", 343 "Effect": "Allow", 344 "Principal": { 345 "Service": "opsworks.amazonaws.com" 346 }, 347 "Action": "sts:AssumeRole" 348 } 349 ] 350 } 351 EOT 352 } 353 354 resource "aws_iam_role_policy" "opsworks_service" { 355 name = "%s_opsworks_service" 356 role = "${aws_iam_role.opsworks_service.id}" 357 policy = <<EOT 358 { 359 "Statement": [ 360 { 361 "Action": [ 362 "ec2:*", 363 "iam:PassRole", 364 "cloudwatch:GetMetricStatistics", 365 "elasticloadbalancing:*", 366 "rds:*" 367 ], 368 "Effect": "Allow", 369 "Resource": ["*"] 370 } 371 ] 372 } 373 EOT 374 } 375 376 resource "aws_iam_role" "opsworks_instance" { 377 name = "%s_opsworks_instance" 378 assume_role_policy = <<EOT 379 { 380 "Version": "2008-10-17", 381 "Statement": [ 382 { 383 "Sid": "", 384 "Effect": "Allow", 385 "Principal": { 386 "Service": "ec2.amazonaws.com" 387 }, 388 "Action": "sts:AssumeRole" 389 } 390 ] 391 } 392 EOT 393 } 394 395 resource "aws_iam_instance_profile" "opsworks_instance" { 396 name = "%s_opsworks_instance" 397 roles = ["${aws_iam_role.opsworks_instance.name}"] 398 } 399 `, name, name, name, name, name) 400 } 401 402 //////////////////////////// 403 //// Tests for the VPC case 404 //////////////////////////// 405 406 func testAccAwsOpsworksStackConfigVpcCreate(name string) string { 407 return fmt.Sprintf(` 408 resource "aws_vpc" "tf-acc" { 409 cidr_block = "10.3.5.0/24" 410 } 411 resource "aws_subnet" "tf-acc" { 412 vpc_id = "${aws_vpc.tf-acc.id}" 413 cidr_block = "${aws_vpc.tf-acc.cidr_block}" 414 availability_zone = "us-west-2a" 415 } 416 resource "aws_opsworks_stack" "tf-acc" { 417 name = "%s" 418 region = "us-west-2" 419 vpc_id = "${aws_vpc.tf-acc.id}" 420 default_subnet_id = "${aws_subnet.tf-acc.id}" 421 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 422 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 423 default_os = "Amazon Linux 2014.09" 424 default_root_device_type = "ebs" 425 custom_json = "{\"key\": \"value\"}" 426 configuration_manager_version = "11.10" 427 use_opsworks_security_groups = false 428 } 429 430 resource "aws_iam_role" "opsworks_service" { 431 name = "%s_opsworks_service" 432 assume_role_policy = <<EOT 433 { 434 "Version": "2008-10-17", 435 "Statement": [ 436 { 437 "Sid": "", 438 "Effect": "Allow", 439 "Principal": { 440 "Service": "opsworks.amazonaws.com" 441 }, 442 "Action": "sts:AssumeRole" 443 } 444 ] 445 } 446 EOT 447 } 448 449 resource "aws_iam_role_policy" "opsworks_service" { 450 name = "%s_opsworks_service" 451 role = "${aws_iam_role.opsworks_service.id}" 452 policy = <<EOT 453 { 454 "Statement": [ 455 { 456 "Action": [ 457 "ec2:*", 458 "iam:PassRole", 459 "cloudwatch:GetMetricStatistics", 460 "elasticloadbalancing:*", 461 "rds:*" 462 ], 463 "Effect": "Allow", 464 "Resource": ["*"] 465 } 466 ] 467 } 468 EOT 469 } 470 471 resource "aws_iam_role" "opsworks_instance" { 472 name = "%s_opsworks_instance" 473 assume_role_policy = <<EOT 474 { 475 "Version": "2008-10-17", 476 "Statement": [ 477 { 478 "Sid": "", 479 "Effect": "Allow", 480 "Principal": { 481 "Service": "ec2.amazonaws.com" 482 }, 483 "Action": "sts:AssumeRole" 484 } 485 ] 486 } 487 EOT 488 } 489 490 resource "aws_iam_instance_profile" "opsworks_instance" { 491 name = "%s_opsworks_instance" 492 roles = ["${aws_iam_role.opsworks_instance.name}"] 493 } 494 `, name, name, name, name, name) 495 } 496 497 func testAccAWSOpsworksStackConfigVpcUpdate(name string) string { 498 return fmt.Sprintf(` 499 resource "aws_vpc" "tf-acc" { 500 cidr_block = "10.3.5.0/24" 501 } 502 resource "aws_subnet" "tf-acc" { 503 vpc_id = "${aws_vpc.tf-acc.id}" 504 cidr_block = "${aws_vpc.tf-acc.cidr_block}" 505 availability_zone = "us-west-2a" 506 } 507 resource "aws_opsworks_stack" "tf-acc" { 508 name = "%s" 509 region = "us-west-2" 510 vpc_id = "${aws_vpc.tf-acc.id}" 511 default_subnet_id = "${aws_subnet.tf-acc.id}" 512 service_role_arn = "${aws_iam_role.opsworks_service.arn}" 513 default_instance_profile_arn = "${aws_iam_instance_profile.opsworks_instance.arn}" 514 default_os = "Amazon Linux 2014.09" 515 default_root_device_type = "ebs" 516 custom_json = "{\"key\": \"value\"}" 517 configuration_manager_version = "11.10" 518 use_opsworks_security_groups = false 519 use_custom_cookbooks = true 520 manage_berkshelf = true 521 custom_cookbooks_source { 522 type = "git" 523 revision = "master" 524 url = "https://github.com/aws/opsworks-example-cookbooks.git" 525 } 526 } 527 528 resource "aws_iam_role" "opsworks_service" { 529 name = "%s_opsworks_service" 530 assume_role_policy = <<EOT 531 { 532 "Version": "2008-10-17", 533 "Statement": [ 534 { 535 "Sid": "", 536 "Effect": "Allow", 537 "Principal": { 538 "Service": "opsworks.amazonaws.com" 539 }, 540 "Action": "sts:AssumeRole" 541 } 542 ] 543 } 544 EOT 545 } 546 547 resource "aws_iam_role_policy" "opsworks_service" { 548 name = "%s_opsworks_service" 549 role = "${aws_iam_role.opsworks_service.id}" 550 policy = <<EOT 551 { 552 "Statement": [ 553 { 554 "Action": [ 555 "ec2:*", 556 "iam:PassRole", 557 "cloudwatch:GetMetricStatistics", 558 "elasticloadbalancing:*", 559 "rds:*" 560 ], 561 "Effect": "Allow", 562 "Resource": ["*"] 563 } 564 ] 565 } 566 EOT 567 } 568 569 resource "aws_iam_role" "opsworks_instance" { 570 name = "%s_opsworks_instance" 571 assume_role_policy = <<EOT 572 { 573 "Version": "2008-10-17", 574 "Statement": [ 575 { 576 "Sid": "", 577 "Effect": "Allow", 578 "Principal": { 579 "Service": "ec2.amazonaws.com" 580 }, 581 "Action": "sts:AssumeRole" 582 } 583 ] 584 } 585 EOT 586 } 587 588 resource "aws_iam_instance_profile" "opsworks_instance" { 589 name = "%s_opsworks_instance" 590 roles = ["${aws_iam_role.opsworks_instance.name}"] 591 } 592 593 `, name, name, name, name, name) 594 }