github.com/mohanarpit/terraform@v0.6.16-0.20160909104007-291f29853544/builtin/providers/aws/resource_aws_vpc_endpoint_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "strings" 6 "testing" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/aws/awserr" 10 "github.com/aws/aws-sdk-go/service/ec2" 11 12 "github.com/hashicorp/terraform/helper/resource" 13 "github.com/hashicorp/terraform/terraform" 14 ) 15 16 func TestAccAWSVpcEndpoint_basic(t *testing.T) { 17 var endpoint ec2.VpcEndpoint 18 19 resource.Test(t, resource.TestCase{ 20 PreCheck: func() { testAccPreCheck(t) }, 21 IDRefreshName: "aws_vpc_endpoint.second-private-s3", 22 Providers: testAccProviders, 23 CheckDestroy: testAccCheckVpcEndpointDestroy, 24 Steps: []resource.TestStep{ 25 resource.TestStep{ 26 Config: testAccVpcEndpointWithRouteTableAndPolicyConfig, 27 Check: resource.ComposeTestCheckFunc( 28 testAccCheckVpcEndpointExists("aws_vpc_endpoint.second-private-s3", &endpoint), 29 testAccCheckVpcEndpointPrefixListAvailable("aws_vpc_endpoint.second-private-s3"), 30 ), 31 }, 32 }, 33 }) 34 } 35 36 func TestAccAWSVpcEndpoint_withRouteTableAndPolicy(t *testing.T) { 37 var endpoint ec2.VpcEndpoint 38 var routeTable ec2.RouteTable 39 40 resource.Test(t, resource.TestCase{ 41 PreCheck: func() { testAccPreCheck(t) }, 42 IDRefreshName: "aws_vpc_endpoint.second-private-s3", 43 Providers: testAccProviders, 44 CheckDestroy: testAccCheckVpcEndpointDestroy, 45 Steps: []resource.TestStep{ 46 resource.TestStep{ 47 Config: testAccVpcEndpointWithRouteTableAndPolicyConfig, 48 Check: resource.ComposeTestCheckFunc( 49 testAccCheckVpcEndpointExists("aws_vpc_endpoint.second-private-s3", &endpoint), 50 testAccCheckRouteTableExists("aws_route_table.default", &routeTable), 51 ), 52 }, 53 resource.TestStep{ 54 Config: testAccVpcEndpointWithRouteTableAndPolicyConfigModified, 55 Check: resource.ComposeTestCheckFunc( 56 testAccCheckVpcEndpointExists("aws_vpc_endpoint.second-private-s3", &endpoint), 57 testAccCheckRouteTableExists("aws_route_table.default", &routeTable), 58 ), 59 }, 60 }, 61 }) 62 } 63 64 func testAccCheckVpcEndpointDestroy(s *terraform.State) error { 65 conn := testAccProvider.Meta().(*AWSClient).ec2conn 66 67 for _, rs := range s.RootModule().Resources { 68 if rs.Type != "aws_vpc_endpoint" { 69 continue 70 } 71 72 // Try to find the VPC 73 input := &ec2.DescribeVpcEndpointsInput{ 74 VpcEndpointIds: []*string{aws.String(rs.Primary.ID)}, 75 } 76 resp, err := conn.DescribeVpcEndpoints(input) 77 if err != nil { 78 // Verify the error is what we want 79 if ae, ok := err.(awserr.Error); ok && ae.Code() == "InvalidVpcEndpointId.NotFound" { 80 continue 81 } 82 return err 83 } 84 if len(resp.VpcEndpoints) > 0 { 85 return fmt.Errorf("VPC Endpoints still exist.") 86 } 87 88 return err 89 } 90 91 return nil 92 } 93 94 func testAccCheckVpcEndpointExists(n string, endpoint *ec2.VpcEndpoint) resource.TestCheckFunc { 95 return func(s *terraform.State) error { 96 rs, ok := s.RootModule().Resources[n] 97 if !ok { 98 return fmt.Errorf("Not found: %s", n) 99 } 100 101 if rs.Primary.ID == "" { 102 return fmt.Errorf("No VPC Endpoint ID is set") 103 } 104 105 conn := testAccProvider.Meta().(*AWSClient).ec2conn 106 input := &ec2.DescribeVpcEndpointsInput{ 107 VpcEndpointIds: []*string{aws.String(rs.Primary.ID)}, 108 } 109 resp, err := conn.DescribeVpcEndpoints(input) 110 if err != nil { 111 return err 112 } 113 if len(resp.VpcEndpoints) == 0 { 114 return fmt.Errorf("VPC Endpoint not found") 115 } 116 117 *endpoint = *resp.VpcEndpoints[0] 118 119 return nil 120 } 121 } 122 123 func testAccCheckVpcEndpointPrefixListAvailable(n string) resource.TestCheckFunc { 124 return func(s *terraform.State) error { 125 rs, ok := s.RootModule().Resources[n] 126 if !ok { 127 return fmt.Errorf("Not found: %s", n) 128 } 129 130 prefixListID := rs.Primary.Attributes["prefix_list_id"] 131 if prefixListID == "" { 132 return fmt.Errorf("Prefix list ID not available") 133 } 134 if !strings.HasPrefix(prefixListID, "pl") { 135 return fmt.Errorf("Prefix list ID does not appear to be a valid value: '%s'", prefixListID) 136 } 137 138 return nil 139 } 140 } 141 142 const testAccVpcEndpointWithRouteTableAndPolicyConfig = ` 143 resource "aws_vpc" "foo" { 144 cidr_block = "10.0.0.0/16" 145 } 146 147 resource "aws_subnet" "foo" { 148 vpc_id = "${aws_vpc.foo.id}" 149 cidr_block = "10.0.1.0/24" 150 } 151 152 resource "aws_vpc_endpoint" "second-private-s3" { 153 vpc_id = "${aws_vpc.foo.id}" 154 service_name = "com.amazonaws.us-west-2.s3" 155 route_table_ids = ["${aws_route_table.default.id}"] 156 policy = <<POLICY 157 { 158 "Version": "2012-10-17", 159 "Statement": [ 160 { 161 "Sid":"AllowAll", 162 "Effect":"Allow", 163 "Principal":"*", 164 "Action":"*", 165 "Resource":"*" 166 } 167 ] 168 } 169 POLICY 170 } 171 172 resource "aws_route_table" "default" { 173 vpc_id = "${aws_vpc.foo.id}" 174 } 175 176 resource "aws_route_table_association" "main" { 177 subnet_id = "${aws_subnet.foo.id}" 178 route_table_id = "${aws_route_table.default.id}" 179 } 180 ` 181 182 const testAccVpcEndpointWithRouteTableAndPolicyConfigModified = ` 183 resource "aws_vpc" "foo" { 184 cidr_block = "10.0.0.0/16" 185 } 186 187 resource "aws_subnet" "foo" { 188 vpc_id = "${aws_vpc.foo.id}" 189 cidr_block = "10.0.1.0/24" 190 } 191 192 resource "aws_vpc_endpoint" "second-private-s3" { 193 vpc_id = "${aws_vpc.foo.id}" 194 service_name = "com.amazonaws.us-west-2.s3" 195 route_table_ids = ["${aws_route_table.default.id}"] 196 policy = <<POLICY 197 { 198 "Version": "2012-10-17", 199 "Statement": [ 200 { 201 "Sid":"AllowAll", 202 "Effect":"Allow", 203 "Principal":"*", 204 "Action":"*", 205 "Resource":"*" 206 } 207 ] 208 } 209 POLICY 210 } 211 212 resource "aws_internet_gateway" "gw" { 213 vpc_id = "${aws_vpc.foo.id}" 214 } 215 216 resource "aws_route_table" "default" { 217 vpc_id = "${aws_vpc.foo.id}" 218 219 route { 220 cidr_block = "0.0.0.0/0" 221 gateway_id = "${aws_internet_gateway.gw.id}" 222 } 223 } 224 225 resource "aws_route_table_association" "main" { 226 subnet_id = "${aws_subnet.foo.id}" 227 route_table_id = "${aws_route_table.default.id}" 228 } 229 `