github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/aws/resource_aws_redshift_security_group_test.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	"github.com/aws/aws-sdk-go/aws"
     8  	"github.com/aws/aws-sdk-go/aws/awserr"
     9  	"github.com/aws/aws-sdk-go/service/redshift"
    10  	"github.com/hashicorp/terraform/helper/resource"
    11  	"github.com/hashicorp/terraform/terraform"
    12  )
    13  
    14  func TestAccAWSRedshiftSecurityGroup_ingressCidr(t *testing.T) {
    15  	var v redshift.ClusterSecurityGroup
    16  
    17  	resource.Test(t, resource.TestCase{
    18  		PreCheck:     func() { testAccPreCheck(t) },
    19  		Providers:    testAccProviders,
    20  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
    21  		Steps: []resource.TestStep{
    22  			resource.TestStep{
    23  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidr,
    24  				Check: resource.ComposeTestCheckFunc(
    25  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    26  					resource.TestCheckResourceAttr(
    27  						"aws_redshift_security_group.bar", "name", "redshift-sg-terraform"),
    28  					resource.TestCheckResourceAttr(
    29  						"aws_redshift_security_group.bar", "description", "Managed by Terraform"),
    30  					resource.TestCheckResourceAttr(
    31  						"aws_redshift_security_group.bar", "ingress.2735652665.cidr", "10.0.0.1/24"),
    32  					resource.TestCheckResourceAttr(
    33  						"aws_redshift_security_group.bar", "ingress.#", "1"),
    34  				),
    35  			},
    36  		},
    37  	})
    38  }
    39  
    40  func TestAccAWSRedshiftSecurityGroup_updateIngressCidr(t *testing.T) {
    41  	var v redshift.ClusterSecurityGroup
    42  
    43  	resource.Test(t, resource.TestCase{
    44  		PreCheck:     func() { testAccPreCheck(t) },
    45  		Providers:    testAccProviders,
    46  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
    47  		Steps: []resource.TestStep{
    48  			resource.TestStep{
    49  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidr,
    50  				Check: resource.ComposeTestCheckFunc(
    51  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    52  					resource.TestCheckResourceAttr(
    53  						"aws_redshift_security_group.bar", "ingress.#", "1"),
    54  				),
    55  			},
    56  
    57  			resource.TestStep{
    58  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidrAdd,
    59  				Check: resource.ComposeTestCheckFunc(
    60  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    61  					resource.TestCheckResourceAttr(
    62  						"aws_redshift_security_group.bar", "ingress.#", "3"),
    63  				),
    64  			},
    65  
    66  			resource.TestStep{
    67  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidrReduce,
    68  				Check: resource.ComposeTestCheckFunc(
    69  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    70  					resource.TestCheckResourceAttr(
    71  						"aws_redshift_security_group.bar", "ingress.#", "2"),
    72  				),
    73  			},
    74  		},
    75  	})
    76  }
    77  
    78  func TestAccAWSRedshiftSecurityGroup_ingressSecurityGroup(t *testing.T) {
    79  	var v redshift.ClusterSecurityGroup
    80  
    81  	resource.Test(t, resource.TestCase{
    82  		PreCheck:     func() { testAccPreCheck(t) },
    83  		Providers:    testAccProviders,
    84  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
    85  		Steps: []resource.TestStep{
    86  			resource.TestStep{
    87  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgId,
    88  				Check: resource.ComposeTestCheckFunc(
    89  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
    90  					resource.TestCheckResourceAttr(
    91  						"aws_redshift_security_group.bar", "name", "redshift-sg-terraform"),
    92  					resource.TestCheckResourceAttr(
    93  						"aws_redshift_security_group.bar", "description", "this is a description"),
    94  					resource.TestCheckResourceAttr(
    95  						"aws_redshift_security_group.bar", "ingress.#", "1"),
    96  					resource.TestCheckResourceAttr(
    97  						"aws_redshift_security_group.bar", "ingress.2230908922.security_group_name", "terraform_redshift_acceptance_test"),
    98  				),
    99  			},
   100  		},
   101  	})
   102  }
   103  
   104  func TestAccAWSRedshiftSecurityGroup_updateIngressSecurityGroup(t *testing.T) {
   105  	var v redshift.ClusterSecurityGroup
   106  
   107  	resource.Test(t, resource.TestCase{
   108  		PreCheck:     func() { testAccPreCheck(t) },
   109  		Providers:    testAccProviders,
   110  		CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy,
   111  		Steps: []resource.TestStep{
   112  			resource.TestStep{
   113  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgId,
   114  				Check: resource.ComposeTestCheckFunc(
   115  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
   116  					resource.TestCheckResourceAttr(
   117  						"aws_redshift_security_group.bar", "ingress.#", "1"),
   118  				),
   119  			},
   120  
   121  			resource.TestStep{
   122  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgIdAdd,
   123  				Check: resource.ComposeTestCheckFunc(
   124  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
   125  					resource.TestCheckResourceAttr(
   126  						"aws_redshift_security_group.bar", "ingress.#", "3"),
   127  				),
   128  			},
   129  
   130  			resource.TestStep{
   131  				Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgIdReduce,
   132  				Check: resource.ComposeTestCheckFunc(
   133  					testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v),
   134  					resource.TestCheckResourceAttr(
   135  						"aws_redshift_security_group.bar", "ingress.#", "2"),
   136  				),
   137  			},
   138  		},
   139  	})
   140  }
   141  
   142  func testAccCheckAWSRedshiftSecurityGroupExists(n string, v *redshift.ClusterSecurityGroup) resource.TestCheckFunc {
   143  	return func(s *terraform.State) error {
   144  		rs, ok := s.RootModule().Resources[n]
   145  		if !ok {
   146  			return fmt.Errorf("Not found: %s", n)
   147  		}
   148  
   149  		if rs.Primary.ID == "" {
   150  			return fmt.Errorf("No Redshift Security Group ID is set")
   151  		}
   152  
   153  		conn := testAccProvider.Meta().(*AWSClient).redshiftconn
   154  
   155  		opts := redshift.DescribeClusterSecurityGroupsInput{
   156  			ClusterSecurityGroupName: aws.String(rs.Primary.ID),
   157  		}
   158  
   159  		resp, err := conn.DescribeClusterSecurityGroups(&opts)
   160  
   161  		if err != nil {
   162  			return err
   163  		}
   164  
   165  		if len(resp.ClusterSecurityGroups) != 1 ||
   166  			*resp.ClusterSecurityGroups[0].ClusterSecurityGroupName != rs.Primary.ID {
   167  			return fmt.Errorf("Redshift Security Group not found")
   168  		}
   169  
   170  		*v = *resp.ClusterSecurityGroups[0]
   171  
   172  		return nil
   173  	}
   174  }
   175  
   176  func testAccCheckAWSRedshiftSecurityGroupDestroy(s *terraform.State) error {
   177  	conn := testAccProvider.Meta().(*AWSClient).redshiftconn
   178  
   179  	for _, rs := range s.RootModule().Resources {
   180  		if rs.Type != "aws_redshift_security_group" {
   181  			continue
   182  		}
   183  
   184  		// Try to find the Group
   185  		resp, err := conn.DescribeClusterSecurityGroups(
   186  			&redshift.DescribeClusterSecurityGroupsInput{
   187  				ClusterSecurityGroupName: aws.String(rs.Primary.ID),
   188  			})
   189  
   190  		if err == nil {
   191  			if len(resp.ClusterSecurityGroups) != 0 &&
   192  				*resp.ClusterSecurityGroups[0].ClusterSecurityGroupName == rs.Primary.ID {
   193  				return fmt.Errorf("Redshift Security Group still exists")
   194  			}
   195  		}
   196  
   197  		// Verify the error
   198  		newerr, ok := err.(awserr.Error)
   199  		if !ok {
   200  			return err
   201  		}
   202  		if newerr.Code() != "ClusterSecurityGroupNotFound" {
   203  			return err
   204  		}
   205  	}
   206  
   207  	return nil
   208  }
   209  
   210  func TestResourceAWSRedshiftSecurityGroupNameValidation(t *testing.T) {
   211  	cases := []struct {
   212  		Value    string
   213  		ErrCount int
   214  	}{
   215  		{
   216  			Value:    "default",
   217  			ErrCount: 1,
   218  		},
   219  		{
   220  			Value:    "testing123%%",
   221  			ErrCount: 1,
   222  		},
   223  		{
   224  			Value:    "TestingSG",
   225  			ErrCount: 1,
   226  		},
   227  		{
   228  			Value:    randomString(256),
   229  			ErrCount: 1,
   230  		},
   231  	}
   232  
   233  	for _, tc := range cases {
   234  		_, errors := validateRedshiftSecurityGroupName(tc.Value, "aws_redshift_security_group_name")
   235  
   236  		if len(errors) != tc.ErrCount {
   237  			t.Fatalf("Expected the Redshift Security Group Name to trigger a validation error")
   238  		}
   239  	}
   240  }
   241  
   242  const testAccAWSRedshiftSecurityGroupConfig_ingressCidr = `
   243  provider "aws" {
   244      region = "us-east-1"
   245  }
   246  
   247  resource "aws_redshift_security_group" "bar" {
   248      name = "redshift-sg-terraform"
   249  
   250      ingress {
   251          cidr = "10.0.0.1/24"
   252      }
   253  }`
   254  
   255  const testAccAWSRedshiftSecurityGroupConfig_ingressCidrAdd = `
   256  provider "aws" {
   257      region = "us-east-1"
   258  }
   259  
   260  resource "aws_redshift_security_group" "bar" {
   261      name = "redshift-sg-terraform"
   262      description = "this is a description"
   263  
   264      ingress {
   265          cidr = "10.0.0.1/24"
   266      }
   267  
   268      ingress {
   269          cidr = "10.0.10.1/24"
   270      }
   271  
   272      ingress {
   273          cidr = "10.0.20.1/24"
   274      }
   275  }`
   276  
   277  const testAccAWSRedshiftSecurityGroupConfig_ingressCidrReduce = `
   278  provider "aws" {
   279      region = "us-east-1"
   280  }
   281  
   282  resource "aws_redshift_security_group" "bar" {
   283      name = "redshift-sg-terraform"
   284      description = "this is a description"
   285  
   286      ingress {
   287          cidr = "10.0.0.1/24"
   288      }
   289  
   290      ingress {
   291          cidr = "10.0.10.1/24"
   292      }
   293  }`
   294  
   295  const testAccAWSRedshiftSecurityGroupConfig_ingressSgId = `
   296  provider "aws" {
   297      region = "us-east-1"
   298  }
   299  
   300  resource "aws_security_group" "redshift" {
   301  	name = "terraform_redshift_acceptance_test"
   302  	description = "Used in the redshift acceptance tests"
   303  
   304  	ingress {
   305  		protocol = "tcp"
   306  		from_port = 22
   307  		to_port = 22
   308  		cidr_blocks = ["10.0.0.0/8"]
   309  	}
   310  }
   311  
   312  resource "aws_redshift_security_group" "bar" {
   313      name = "redshift-sg-terraform"
   314      description = "this is a description"
   315  
   316      ingress {
   317          security_group_name = "${aws_security_group.redshift.name}"
   318          security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   319      }
   320  }`
   321  
   322  const testAccAWSRedshiftSecurityGroupConfig_ingressSgIdAdd = `
   323  provider "aws" {
   324      region = "us-east-1"
   325  }
   326  
   327  resource "aws_security_group" "redshift" {
   328  	name = "terraform_redshift_acceptance_test"
   329  	description = "Used in the redshift acceptance tests"
   330  
   331  	ingress {
   332  		protocol = "tcp"
   333  		from_port = 22
   334  		to_port = 22
   335  		cidr_blocks = ["10.0.0.0/16"]
   336  	}
   337  }
   338  
   339  resource "aws_security_group" "redshift2" {
   340  	name = "terraform_redshift_acceptance_test_2"
   341  	description = "Used in the redshift acceptance tests #2"
   342  
   343  	ingress {
   344  		protocol = "tcp"
   345  		from_port = 22
   346  		to_port = 22
   347  		cidr_blocks = ["10.1.0.0/16"]
   348  	}
   349  }
   350  
   351  resource "aws_security_group" "redshift3" {
   352  	name = "terraform_redshift_acceptance_test_3"
   353  	description = "Used in the redshift acceptance tests #3"
   354  
   355  	ingress {
   356  		protocol = "tcp"
   357  		from_port = 22
   358  		to_port = 22
   359  		cidr_blocks = ["10.2.0.0/16"]
   360  	}
   361  }
   362  
   363  resource "aws_redshift_security_group" "bar" {
   364      name = "redshift-sg-terraform"
   365      description = "this is a description"
   366  
   367      ingress {
   368          security_group_name = "${aws_security_group.redshift.name}"
   369          security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   370      }
   371  
   372      ingress {
   373          security_group_name = "${aws_security_group.redshift2.name}"
   374          security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   375      }
   376  
   377      ingress {
   378          security_group_name = "${aws_security_group.redshift3.name}"
   379          security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   380      }
   381  }`
   382  
   383  const testAccAWSRedshiftSecurityGroupConfig_ingressSgIdReduce = `
   384  provider "aws" {
   385      region = "us-east-1"
   386  }
   387  
   388  resource "aws_security_group" "redshift" {
   389  	name = "terraform_redshift_acceptance_test"
   390  	description = "Used in the redshift acceptance tests"
   391  
   392  	ingress {
   393  		protocol = "tcp"
   394  		from_port = 22
   395  		to_port = 22
   396  		cidr_blocks = ["10.0.0.0/16"]
   397  	}
   398  }
   399  
   400  resource "aws_security_group" "redshift2" {
   401  	name = "terraform_redshift_acceptance_test_2"
   402  	description = "Used in the redshift acceptance tests #2"
   403  
   404  	ingress {
   405  		protocol = "tcp"
   406  		from_port = 22
   407  		to_port = 22
   408  		cidr_blocks = ["10.1.0.0/16"]
   409  	}
   410  }
   411  
   412  resource "aws_redshift_security_group" "bar" {
   413      name = "redshift-sg-terraform"
   414      description = "this is a description"
   415  
   416      ingress {
   417          security_group_name = "${aws_security_group.redshift.name}"
   418          security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   419      }
   420  
   421      ingress {
   422          security_group_name = "${aws_security_group.redshift2.name}"
   423          security_group_owner_id = "${aws_security_group.redshift.owner_id}"
   424      }
   425  }`