github.com/mohanarpit/terraform@v0.6.16-0.20160909104007-291f29853544/builtin/providers/aws/resource_aws_alb_test.go (about) 1 package aws 2 3 import ( 4 "errors" 5 "fmt" 6 "testing" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/service/elbv2" 10 "github.com/hashicorp/errwrap" 11 "github.com/hashicorp/terraform/helper/acctest" 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestAccAWSALB_basic(t *testing.T) { 17 var conf elbv2.LoadBalancer 18 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 19 20 resource.Test(t, resource.TestCase{ 21 PreCheck: func() { testAccPreCheck(t) }, 22 IDRefreshName: "aws_alb.alb_test", 23 Providers: testAccProviders, 24 CheckDestroy: testAccCheckAWSALBDestroy, 25 Steps: []resource.TestStep{ 26 { 27 Config: testAccAWSALBConfig_basic(albName), 28 Check: resource.ComposeAggregateTestCheckFunc( 29 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 30 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 31 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 32 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 33 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 34 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 35 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 36 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 37 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 38 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 39 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 40 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 41 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 42 ), 43 }, 44 }, 45 }) 46 } 47 48 func TestAccAWSALB_tags(t *testing.T) { 49 var conf elbv2.LoadBalancer 50 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 51 52 resource.Test(t, resource.TestCase{ 53 PreCheck: func() { testAccPreCheck(t) }, 54 IDRefreshName: "aws_alb.alb_test", 55 Providers: testAccProviders, 56 CheckDestroy: testAccCheckAWSALBDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAWSALBConfig_basic(albName), 60 Check: resource.ComposeAggregateTestCheckFunc( 61 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 62 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 63 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 64 ), 65 }, 66 { 67 Config: testAccAWSALBConfig_updatedTags(albName), 68 Check: resource.ComposeAggregateTestCheckFunc( 69 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 70 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "2"), 71 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Type", "Sample Type Tag"), 72 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Environment", "Production"), 73 ), 74 }, 75 }, 76 }) 77 } 78 79 // TestAccAWSALB_noSecurityGroup regression tests the issue in #8264, 80 // where if an ALB is created without a security group, a default one 81 // is assigned. 82 func TestAccAWSALB_noSecurityGroup(t *testing.T) { 83 var conf elbv2.LoadBalancer 84 albName := fmt.Sprintf("testaccawsalb-nosg-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 85 86 resource.Test(t, resource.TestCase{ 87 PreCheck: func() { testAccPreCheck(t) }, 88 IDRefreshName: "aws_alb.alb_test", 89 Providers: testAccProviders, 90 CheckDestroy: testAccCheckAWSALBDestroy, 91 Steps: []resource.TestStep{ 92 { 93 Config: testAccAWSALBConfig_nosg(albName), 94 Check: resource.ComposeAggregateTestCheckFunc( 95 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 96 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 97 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 98 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 99 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 100 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 101 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 102 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 103 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 104 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 105 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 106 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 107 ), 108 }, 109 }, 110 }) 111 } 112 113 func TestAccAWSALB_accesslogs(t *testing.T) { 114 var conf elbv2.LoadBalancer 115 bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)) 116 albName := fmt.Sprintf("testaccawsalbaccesslog-%s", acctest.RandStringFromCharSet(4, acctest.CharSetAlpha)) 117 118 resource.Test(t, resource.TestCase{ 119 PreCheck: func() { testAccPreCheck(t) }, 120 IDRefreshName: "aws_alb.alb_test", 121 Providers: testAccProviders, 122 CheckDestroy: testAccCheckAWSALBDestroy, 123 Steps: []resource.TestStep{ 124 { 125 Config: testAccAWSALBConfig_basic(albName), 126 Check: resource.ComposeAggregateTestCheckFunc( 127 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 128 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 129 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 130 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 131 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 132 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 133 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 134 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 135 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 136 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 137 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 138 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 139 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 140 ), 141 }, 142 143 { 144 Config: testAccAWSALBConfig_accessLogs(albName, bucketName), 145 Check: resource.ComposeAggregateTestCheckFunc( 146 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 147 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 148 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 149 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 150 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 151 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 152 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 153 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 154 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 155 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 156 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 157 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 158 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 159 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.bucket", bucketName), 160 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.prefix", "testAccAWSALBConfig_accessLogs"), 161 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 162 ), 163 }, 164 }, 165 }) 166 } 167 168 func testAccCheckAWSALBExists(n string, res *elbv2.LoadBalancer) resource.TestCheckFunc { 169 return func(s *terraform.State) error { 170 rs, ok := s.RootModule().Resources[n] 171 if !ok { 172 return fmt.Errorf("Not found: %s", n) 173 } 174 175 if rs.Primary.ID == "" { 176 return errors.New("No ALB ID is set") 177 } 178 179 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 180 181 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 182 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 183 }) 184 185 if err != nil { 186 return err 187 } 188 189 if len(describe.LoadBalancers) != 1 || 190 *describe.LoadBalancers[0].LoadBalancerArn != rs.Primary.ID { 191 return errors.New("ALB not found") 192 } 193 194 *res = *describe.LoadBalancers[0] 195 return nil 196 } 197 } 198 199 func testAccCheckAWSALBDestroy(s *terraform.State) error { 200 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 201 202 for _, rs := range s.RootModule().Resources { 203 if rs.Type != "aws_alb" { 204 continue 205 } 206 207 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 208 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 209 }) 210 211 if err == nil { 212 if len(describe.LoadBalancers) != 0 && 213 *describe.LoadBalancers[0].LoadBalancerArn == rs.Primary.ID { 214 return fmt.Errorf("ALB %q still exists", rs.Primary.ID) 215 } 216 } 217 218 // Verify the error 219 if isLoadBalancerNotFound(err) { 220 return nil 221 } else { 222 return errwrap.Wrapf("Unexpected error checking ALB destroyed: {{err}}", err) 223 } 224 } 225 226 return nil 227 } 228 229 func testAccAWSALBConfig_basic(albName string) string { 230 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 231 name = "%s" 232 internal = false 233 security_groups = ["${aws_security_group.alb_test.id}"] 234 subnets = ["${aws_subnet.alb_test.*.id}"] 235 236 idle_timeout = 30 237 enable_deletion_protection = false 238 239 tags { 240 TestName = "TestAccAWSALB_basic" 241 } 242 } 243 244 variable "subnets" { 245 default = ["10.0.1.0/24", "10.0.2.0/24"] 246 type = "list" 247 } 248 249 data "aws_availability_zones" "available" {} 250 251 resource "aws_vpc" "alb_test" { 252 cidr_block = "10.0.0.0/16" 253 254 tags { 255 TestName = "TestAccAWSALB_basic" 256 } 257 } 258 259 resource "aws_subnet" "alb_test" { 260 count = 2 261 vpc_id = "${aws_vpc.alb_test.id}" 262 cidr_block = "${element(var.subnets, count.index)}" 263 map_public_ip_on_launch = true 264 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 265 266 tags { 267 TestName = "TestAccAWSALB_basic" 268 } 269 } 270 271 resource "aws_security_group" "alb_test" { 272 name = "allow_all_alb_test" 273 description = "Used for ALB Testing" 274 vpc_id = "${aws_vpc.alb_test.id}" 275 276 ingress { 277 from_port = 0 278 to_port = 0 279 protocol = "-1" 280 cidr_blocks = ["0.0.0.0/0"] 281 } 282 283 egress { 284 from_port = 0 285 to_port = 0 286 protocol = "-1" 287 cidr_blocks = ["0.0.0.0/0"] 288 } 289 290 tags { 291 TestName = "TestAccAWSALB_basic" 292 } 293 }`, albName) 294 } 295 func testAccAWSALBConfig_updatedTags(albName string) string { 296 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 297 name = "%s" 298 internal = false 299 security_groups = ["${aws_security_group.alb_test.id}"] 300 subnets = ["${aws_subnet.alb_test.*.id}"] 301 302 idle_timeout = 30 303 enable_deletion_protection = false 304 305 tags { 306 Environment = "Production" 307 Type = "Sample Type Tag" 308 } 309 } 310 311 variable "subnets" { 312 default = ["10.0.1.0/24", "10.0.2.0/24"] 313 type = "list" 314 } 315 316 data "aws_availability_zones" "available" {} 317 318 resource "aws_vpc" "alb_test" { 319 cidr_block = "10.0.0.0/16" 320 321 tags { 322 TestName = "TestAccAWSALB_basic" 323 } 324 } 325 326 resource "aws_subnet" "alb_test" { 327 count = 2 328 vpc_id = "${aws_vpc.alb_test.id}" 329 cidr_block = "${element(var.subnets, count.index)}" 330 map_public_ip_on_launch = true 331 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 332 333 tags { 334 TestName = "TestAccAWSALB_basic" 335 } 336 } 337 338 resource "aws_security_group" "alb_test" { 339 name = "allow_all_alb_test" 340 description = "Used for ALB Testing" 341 vpc_id = "${aws_vpc.alb_test.id}" 342 343 ingress { 344 from_port = 0 345 to_port = 0 346 protocol = "-1" 347 cidr_blocks = ["0.0.0.0/0"] 348 } 349 350 egress { 351 from_port = 0 352 to_port = 0 353 protocol = "-1" 354 cidr_blocks = ["0.0.0.0/0"] 355 } 356 357 tags { 358 TestName = "TestAccAWSALB_basic" 359 } 360 }`, albName) 361 } 362 363 func testAccAWSALBConfig_accessLogs(albName, bucketName string) string { 364 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 365 name = "%s" 366 internal = false 367 security_groups = ["${aws_security_group.alb_test.id}"] 368 subnets = ["${aws_subnet.alb_test.*.id}"] 369 370 idle_timeout = 50 371 enable_deletion_protection = false 372 373 access_logs { 374 bucket = "${aws_s3_bucket.logs.bucket}" 375 prefix = "${var.bucket_prefix}" 376 } 377 378 tags { 379 TestName = "TestAccAWSALB_basic1" 380 } 381 } 382 383 variable "bucket_name" { 384 type = "string" 385 default = "%s" 386 } 387 388 variable "bucket_prefix" { 389 type = "string" 390 default = "testAccAWSALBConfig_accessLogs" 391 } 392 393 resource "aws_s3_bucket" "logs" { 394 bucket = "${var.bucket_name}" 395 policy = "${data.aws_iam_policy_document.logs_bucket.json}" 396 # dangerous, only here for the test... 397 force_destroy = true 398 399 tags { 400 Name = "ALB Logs Bucket Test" 401 } 402 } 403 404 data "aws_caller_identity" "current" {} 405 406 data "aws_elb_service_account" "current" {} 407 408 data "aws_iam_policy_document" "logs_bucket" { 409 statement { 410 actions = ["s3:PutObject"] 411 effect = "Allow" 412 resources = ["arn:aws:s3:::${var.bucket_name}/${var.bucket_prefix}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"] 413 414 principals = { 415 type = "AWS" 416 identifiers = ["arn:aws:iam::${data.aws_elb_service_account.current.id}:root"] 417 } 418 } 419 } 420 421 variable "subnets" { 422 default = ["10.0.1.0/24", "10.0.2.0/24"] 423 type = "list" 424 } 425 426 data "aws_availability_zones" "available" {} 427 428 resource "aws_vpc" "alb_test" { 429 cidr_block = "10.0.0.0/16" 430 431 tags { 432 TestName = "TestAccAWSALB_basic" 433 } 434 } 435 436 resource "aws_subnet" "alb_test" { 437 count = 2 438 vpc_id = "${aws_vpc.alb_test.id}" 439 cidr_block = "${element(var.subnets, count.index)}" 440 map_public_ip_on_launch = true 441 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 442 443 tags { 444 TestName = "TestAccAWSALB_basic" 445 } 446 } 447 448 resource "aws_security_group" "alb_test" { 449 name = "allow_all_alb_test" 450 description = "Used for ALB Testing" 451 vpc_id = "${aws_vpc.alb_test.id}" 452 453 ingress { 454 from_port = 0 455 to_port = 0 456 protocol = "-1" 457 cidr_blocks = ["0.0.0.0/0"] 458 } 459 460 egress { 461 from_port = 0 462 to_port = 0 463 protocol = "-1" 464 cidr_blocks = ["0.0.0.0/0"] 465 } 466 467 tags { 468 TestName = "TestAccAWSALB_basic" 469 } 470 }`, albName, bucketName) 471 } 472 473 func testAccAWSALBConfig_nosg(albName string) string { 474 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 475 name = "%s" 476 internal = false 477 subnets = ["${aws_subnet.alb_test.*.id}"] 478 479 idle_timeout = 30 480 enable_deletion_protection = false 481 482 tags { 483 TestName = "TestAccAWSALB_basic" 484 } 485 } 486 487 variable "subnets" { 488 default = ["10.0.1.0/24", "10.0.2.0/24"] 489 type = "list" 490 } 491 492 data "aws_availability_zones" "available" {} 493 494 resource "aws_vpc" "alb_test" { 495 cidr_block = "10.0.0.0/16" 496 497 tags { 498 TestName = "TestAccAWSALB_basic" 499 } 500 } 501 502 resource "aws_subnet" "alb_test" { 503 count = 2 504 vpc_id = "${aws_vpc.alb_test.id}" 505 cidr_block = "${element(var.subnets, count.index)}" 506 map_public_ip_on_launch = true 507 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 508 509 tags { 510 TestName = "TestAccAWSALB_basic" 511 } 512 }`, albName) 513 }