github.com/ns1/terraform@v0.7.10-0.20161109153551-8949419bef40/builtin/providers/aws/resource_aws_alb_test.go (about) 1 package aws 2 3 import ( 4 "errors" 5 "fmt" 6 "regexp" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/service/elbv2" 11 "github.com/hashicorp/errwrap" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/terraform" 15 ) 16 17 func TestALBCloudwatchSuffixFromARN(t *testing.T) { 18 cases := []struct { 19 name string 20 arn *string 21 suffix string 22 }{ 23 { 24 name: "valid suffix", 25 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer/app/my-alb/abc123`), 26 suffix: `app/my-alb/abc123`, 27 }, 28 { 29 name: "no suffix", 30 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer`), 31 suffix: ``, 32 }, 33 { 34 name: "nil ARN", 35 arn: nil, 36 suffix: ``, 37 }, 38 } 39 40 for _, tc := range cases { 41 actual := albSuffixFromARN(tc.arn) 42 if actual != tc.suffix { 43 t.Fatalf("bad suffix: %q\nExpected: %s\n Got: %s", tc.name, tc.suffix, actual) 44 } 45 } 46 } 47 48 func TestAccAWSALB_basic(t *testing.T) { 49 var conf elbv2.LoadBalancer 50 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 51 52 resource.Test(t, resource.TestCase{ 53 PreCheck: func() { testAccPreCheck(t) }, 54 IDRefreshName: "aws_alb.alb_test", 55 Providers: testAccProviders, 56 CheckDestroy: testAccCheckAWSALBDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAWSALBConfig_basic(albName), 60 Check: resource.ComposeAggregateTestCheckFunc( 61 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 62 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 63 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 64 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 65 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 66 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 67 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 68 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 69 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 70 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 71 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 72 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 73 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 74 ), 75 }, 76 }, 77 }) 78 } 79 80 func TestAccAWSALB_generatedName(t *testing.T) { 81 var conf elbv2.LoadBalancer 82 83 resource.Test(t, resource.TestCase{ 84 PreCheck: func() { testAccPreCheck(t) }, 85 IDRefreshName: "aws_alb.alb_test", 86 Providers: testAccProviders, 87 CheckDestroy: testAccCheckAWSALBDestroy, 88 Steps: []resource.TestStep{ 89 { 90 Config: testAccAWSALBConfig_generatedName(), 91 Check: resource.ComposeAggregateTestCheckFunc( 92 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 93 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 94 ), 95 }, 96 }, 97 }) 98 } 99 100 func TestAccAWSALB_namePrefix(t *testing.T) { 101 var conf elbv2.LoadBalancer 102 103 resource.Test(t, resource.TestCase{ 104 PreCheck: func() { testAccPreCheck(t) }, 105 IDRefreshName: "aws_alb.alb_test", 106 Providers: testAccProviders, 107 CheckDestroy: testAccCheckAWSALBDestroy, 108 Steps: []resource.TestStep{ 109 { 110 Config: testAccAWSALBConfig_namePrefix(), 111 Check: resource.ComposeAggregateTestCheckFunc( 112 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 113 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 114 resource.TestMatchResourceAttr("aws_alb.alb_test", "name", 115 regexp.MustCompile("^tf-lb")), 116 ), 117 }, 118 }, 119 }) 120 } 121 122 func TestAccAWSALB_tags(t *testing.T) { 123 var conf elbv2.LoadBalancer 124 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 125 126 resource.Test(t, resource.TestCase{ 127 PreCheck: func() { testAccPreCheck(t) }, 128 IDRefreshName: "aws_alb.alb_test", 129 Providers: testAccProviders, 130 CheckDestroy: testAccCheckAWSALBDestroy, 131 Steps: []resource.TestStep{ 132 { 133 Config: testAccAWSALBConfig_basic(albName), 134 Check: resource.ComposeAggregateTestCheckFunc( 135 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 136 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 137 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 138 ), 139 }, 140 { 141 Config: testAccAWSALBConfig_updatedTags(albName), 142 Check: resource.ComposeAggregateTestCheckFunc( 143 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 144 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "2"), 145 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Type", "Sample Type Tag"), 146 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Environment", "Production"), 147 ), 148 }, 149 }, 150 }) 151 } 152 153 func TestAccAWSALB_updatedSecurityGroups(t *testing.T) { 154 var pre, post elbv2.LoadBalancer 155 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 156 157 resource.Test(t, resource.TestCase{ 158 PreCheck: func() { testAccPreCheck(t) }, 159 IDRefreshName: "aws_alb.alb_test", 160 Providers: testAccProviders, 161 CheckDestroy: testAccCheckAWSALBDestroy, 162 Steps: []resource.TestStep{ 163 { 164 Config: testAccAWSALBConfig_basic(albName), 165 Check: resource.ComposeAggregateTestCheckFunc( 166 testAccCheckAWSALBExists("aws_alb.alb_test", &pre), 167 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 168 ), 169 }, 170 { 171 Config: testAccAWSALBConfig_updateSecurityGroups(albName), 172 Check: resource.ComposeAggregateTestCheckFunc( 173 testAccCheckAWSALBExists("aws_alb.alb_test", &post), 174 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "2"), 175 testAccCheckAWSAlbARNs(&pre, &post), 176 ), 177 }, 178 }, 179 }) 180 } 181 182 // TestAccAWSALB_noSecurityGroup regression tests the issue in #8264, 183 // where if an ALB is created without a security group, a default one 184 // is assigned. 185 func TestAccAWSALB_noSecurityGroup(t *testing.T) { 186 var conf elbv2.LoadBalancer 187 albName := fmt.Sprintf("testaccawsalb-nosg-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 188 189 resource.Test(t, resource.TestCase{ 190 PreCheck: func() { testAccPreCheck(t) }, 191 IDRefreshName: "aws_alb.alb_test", 192 Providers: testAccProviders, 193 CheckDestroy: testAccCheckAWSALBDestroy, 194 Steps: []resource.TestStep{ 195 { 196 Config: testAccAWSALBConfig_nosg(albName), 197 Check: resource.ComposeAggregateTestCheckFunc( 198 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 199 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 200 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 201 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 202 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 203 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 204 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 205 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 206 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 207 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 208 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 209 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 210 ), 211 }, 212 }, 213 }) 214 } 215 216 func TestAccAWSALB_accesslogs(t *testing.T) { 217 var conf elbv2.LoadBalancer 218 bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)) 219 albName := fmt.Sprintf("testaccawsalbaccesslog-%s", acctest.RandStringFromCharSet(4, acctest.CharSetAlpha)) 220 221 resource.Test(t, resource.TestCase{ 222 PreCheck: func() { testAccPreCheck(t) }, 223 IDRefreshName: "aws_alb.alb_test", 224 Providers: testAccProviders, 225 CheckDestroy: testAccCheckAWSALBDestroy, 226 Steps: []resource.TestStep{ 227 { 228 Config: testAccAWSALBConfig_basic(albName), 229 Check: resource.ComposeAggregateTestCheckFunc( 230 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 231 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 232 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 233 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 234 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 235 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 236 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 237 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 238 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 239 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 240 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 241 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 242 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 243 ), 244 }, 245 { 246 Config: testAccAWSALBConfig_accessLogs(true, albName, bucketName), 247 Check: resource.ComposeAggregateTestCheckFunc( 248 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 249 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 250 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 251 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 252 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 253 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 254 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 255 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 256 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 257 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 258 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 259 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 260 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 261 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.bucket", bucketName), 262 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.prefix", "testAccAWSALBConfig_accessLogs"), 263 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "true"), 264 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 265 ), 266 }, 267 { 268 Config: testAccAWSALBConfig_accessLogs(false, albName, bucketName), 269 Check: resource.ComposeAggregateTestCheckFunc( 270 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 271 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 272 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"), 273 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 274 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 275 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 276 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 277 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 278 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 279 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 280 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 281 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 282 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 283 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "false"), 284 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 285 ), 286 }, 287 }, 288 }) 289 } 290 291 func testAccCheckAWSAlbARNs(pre, post *elbv2.LoadBalancer) resource.TestCheckFunc { 292 return func(s *terraform.State) error { 293 if *pre.LoadBalancerArn != *post.LoadBalancerArn { 294 return errors.New("ALB has been recreated. ARNs are different") 295 } 296 297 return nil 298 } 299 } 300 301 func testAccCheckAWSALBExists(n string, res *elbv2.LoadBalancer) resource.TestCheckFunc { 302 return func(s *terraform.State) error { 303 rs, ok := s.RootModule().Resources[n] 304 if !ok { 305 return fmt.Errorf("Not found: %s", n) 306 } 307 308 if rs.Primary.ID == "" { 309 return errors.New("No ALB ID is set") 310 } 311 312 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 313 314 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 315 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 316 }) 317 318 if err != nil { 319 return err 320 } 321 322 if len(describe.LoadBalancers) != 1 || 323 *describe.LoadBalancers[0].LoadBalancerArn != rs.Primary.ID { 324 return errors.New("ALB not found") 325 } 326 327 *res = *describe.LoadBalancers[0] 328 return nil 329 } 330 } 331 332 func testAccCheckAWSALBDestroy(s *terraform.State) error { 333 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 334 335 for _, rs := range s.RootModule().Resources { 336 if rs.Type != "aws_alb" { 337 continue 338 } 339 340 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 341 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 342 }) 343 344 if err == nil { 345 if len(describe.LoadBalancers) != 0 && 346 *describe.LoadBalancers[0].LoadBalancerArn == rs.Primary.ID { 347 return fmt.Errorf("ALB %q still exists", rs.Primary.ID) 348 } 349 } 350 351 // Verify the error 352 if isLoadBalancerNotFound(err) { 353 return nil 354 } else { 355 return errwrap.Wrapf("Unexpected error checking ALB destroyed: {{err}}", err) 356 } 357 } 358 359 return nil 360 } 361 362 func testAccAWSALBConfig_basic(albName string) string { 363 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 364 name = "%s" 365 internal = false 366 security_groups = ["${aws_security_group.alb_test.id}"] 367 subnets = ["${aws_subnet.alb_test.*.id}"] 368 369 idle_timeout = 30 370 enable_deletion_protection = false 371 372 tags { 373 TestName = "TestAccAWSALB_basic" 374 } 375 } 376 377 variable "subnets" { 378 default = ["10.0.1.0/24", "10.0.2.0/24"] 379 type = "list" 380 } 381 382 data "aws_availability_zones" "available" {} 383 384 resource "aws_vpc" "alb_test" { 385 cidr_block = "10.0.0.0/16" 386 387 tags { 388 TestName = "TestAccAWSALB_basic" 389 } 390 } 391 392 resource "aws_subnet" "alb_test" { 393 count = 2 394 vpc_id = "${aws_vpc.alb_test.id}" 395 cidr_block = "${element(var.subnets, count.index)}" 396 map_public_ip_on_launch = true 397 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 398 399 tags { 400 TestName = "TestAccAWSALB_basic" 401 } 402 } 403 404 resource "aws_security_group" "alb_test" { 405 name = "allow_all_alb_test" 406 description = "Used for ALB Testing" 407 vpc_id = "${aws_vpc.alb_test.id}" 408 409 ingress { 410 from_port = 0 411 to_port = 0 412 protocol = "-1" 413 cidr_blocks = ["0.0.0.0/0"] 414 } 415 416 egress { 417 from_port = 0 418 to_port = 0 419 protocol = "-1" 420 cidr_blocks = ["0.0.0.0/0"] 421 } 422 423 tags { 424 TestName = "TestAccAWSALB_basic" 425 } 426 }`, albName) 427 } 428 429 func testAccAWSALBConfig_generatedName() string { 430 return fmt.Sprintf(` 431 resource "aws_alb" "alb_test" { 432 internal = false 433 security_groups = ["${aws_security_group.alb_test.id}"] 434 subnets = ["${aws_subnet.alb_test.*.id}"] 435 436 idle_timeout = 30 437 enable_deletion_protection = false 438 439 tags { 440 TestName = "TestAccAWSALB_basic" 441 } 442 } 443 444 variable "subnets" { 445 default = ["10.0.1.0/24", "10.0.2.0/24"] 446 type = "list" 447 } 448 449 data "aws_availability_zones" "available" {} 450 451 resource "aws_vpc" "alb_test" { 452 cidr_block = "10.0.0.0/16" 453 454 tags { 455 TestName = "TestAccAWSALB_basic" 456 } 457 } 458 459 resource "aws_subnet" "alb_test" { 460 count = 2 461 vpc_id = "${aws_vpc.alb_test.id}" 462 cidr_block = "${element(var.subnets, count.index)}" 463 map_public_ip_on_launch = true 464 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 465 466 tags { 467 TestName = "TestAccAWSALB_basic" 468 } 469 } 470 471 resource "aws_security_group" "alb_test" { 472 name = "allow_all_alb_test" 473 description = "Used for ALB Testing" 474 vpc_id = "${aws_vpc.alb_test.id}" 475 476 ingress { 477 from_port = 0 478 to_port = 0 479 protocol = "-1" 480 cidr_blocks = ["0.0.0.0/0"] 481 } 482 483 egress { 484 from_port = 0 485 to_port = 0 486 protocol = "-1" 487 cidr_blocks = ["0.0.0.0/0"] 488 } 489 490 tags { 491 TestName = "TestAccAWSALB_basic" 492 } 493 }`) 494 } 495 496 func testAccAWSALBConfig_namePrefix() string { 497 return fmt.Sprintf(` 498 resource "aws_alb" "alb_test" { 499 name_prefix = "tf-lb" 500 internal = false 501 security_groups = ["${aws_security_group.alb_test.id}"] 502 subnets = ["${aws_subnet.alb_test.*.id}"] 503 504 idle_timeout = 30 505 enable_deletion_protection = false 506 507 tags { 508 TestName = "TestAccAWSALB_basic" 509 } 510 } 511 512 variable "subnets" { 513 default = ["10.0.1.0/24", "10.0.2.0/24"] 514 type = "list" 515 } 516 517 data "aws_availability_zones" "available" {} 518 519 resource "aws_vpc" "alb_test" { 520 cidr_block = "10.0.0.0/16" 521 522 tags { 523 TestName = "TestAccAWSALB_basic" 524 } 525 } 526 527 resource "aws_subnet" "alb_test" { 528 count = 2 529 vpc_id = "${aws_vpc.alb_test.id}" 530 cidr_block = "${element(var.subnets, count.index)}" 531 map_public_ip_on_launch = true 532 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 533 534 tags { 535 TestName = "TestAccAWSALB_basic" 536 } 537 } 538 539 resource "aws_security_group" "alb_test" { 540 name = "allow_all_alb_test" 541 description = "Used for ALB Testing" 542 vpc_id = "${aws_vpc.alb_test.id}" 543 544 ingress { 545 from_port = 0 546 to_port = 0 547 protocol = "-1" 548 cidr_blocks = ["0.0.0.0/0"] 549 } 550 551 egress { 552 from_port = 0 553 to_port = 0 554 protocol = "-1" 555 cidr_blocks = ["0.0.0.0/0"] 556 } 557 558 tags { 559 TestName = "TestAccAWSALB_basic" 560 } 561 }`) 562 } 563 func testAccAWSALBConfig_updatedTags(albName string) string { 564 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 565 name = "%s" 566 internal = false 567 security_groups = ["${aws_security_group.alb_test.id}"] 568 subnets = ["${aws_subnet.alb_test.*.id}"] 569 570 idle_timeout = 30 571 enable_deletion_protection = false 572 573 tags { 574 Environment = "Production" 575 Type = "Sample Type Tag" 576 } 577 } 578 579 variable "subnets" { 580 default = ["10.0.1.0/24", "10.0.2.0/24"] 581 type = "list" 582 } 583 584 data "aws_availability_zones" "available" {} 585 586 resource "aws_vpc" "alb_test" { 587 cidr_block = "10.0.0.0/16" 588 589 tags { 590 TestName = "TestAccAWSALB_basic" 591 } 592 } 593 594 resource "aws_subnet" "alb_test" { 595 count = 2 596 vpc_id = "${aws_vpc.alb_test.id}" 597 cidr_block = "${element(var.subnets, count.index)}" 598 map_public_ip_on_launch = true 599 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 600 601 tags { 602 TestName = "TestAccAWSALB_basic" 603 } 604 } 605 606 resource "aws_security_group" "alb_test" { 607 name = "allow_all_alb_test" 608 description = "Used for ALB Testing" 609 vpc_id = "${aws_vpc.alb_test.id}" 610 611 ingress { 612 from_port = 0 613 to_port = 0 614 protocol = "-1" 615 cidr_blocks = ["0.0.0.0/0"] 616 } 617 618 egress { 619 from_port = 0 620 to_port = 0 621 protocol = "-1" 622 cidr_blocks = ["0.0.0.0/0"] 623 } 624 625 tags { 626 TestName = "TestAccAWSALB_basic" 627 } 628 }`, albName) 629 } 630 631 func testAccAWSALBConfig_accessLogs(enabled bool, albName, bucketName string) string { 632 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 633 name = "%s" 634 internal = false 635 security_groups = ["${aws_security_group.alb_test.id}"] 636 subnets = ["${aws_subnet.alb_test.*.id}"] 637 638 idle_timeout = 50 639 enable_deletion_protection = false 640 641 access_logs { 642 bucket = "${aws_s3_bucket.logs.bucket}" 643 prefix = "${var.bucket_prefix}" 644 enabled = "%t" 645 } 646 647 tags { 648 TestName = "TestAccAWSALB_basic1" 649 } 650 } 651 652 variable "bucket_name" { 653 type = "string" 654 default = "%s" 655 } 656 657 variable "bucket_prefix" { 658 type = "string" 659 default = "testAccAWSALBConfig_accessLogs" 660 } 661 662 resource "aws_s3_bucket" "logs" { 663 bucket = "${var.bucket_name}" 664 policy = "${data.aws_iam_policy_document.logs_bucket.json}" 665 # dangerous, only here for the test... 666 force_destroy = true 667 668 tags { 669 Name = "ALB Logs Bucket Test" 670 } 671 } 672 673 data "aws_caller_identity" "current" {} 674 675 data "aws_elb_service_account" "current" {} 676 677 data "aws_iam_policy_document" "logs_bucket" { 678 statement { 679 actions = ["s3:PutObject"] 680 effect = "Allow" 681 resources = ["arn:aws:s3:::${var.bucket_name}/${var.bucket_prefix}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"] 682 683 principals = { 684 type = "AWS" 685 identifiers = ["arn:aws:iam::${data.aws_elb_service_account.current.id}:root"] 686 } 687 } 688 } 689 690 variable "subnets" { 691 default = ["10.0.1.0/24", "10.0.2.0/24"] 692 type = "list" 693 } 694 695 data "aws_availability_zones" "available" {} 696 697 resource "aws_vpc" "alb_test" { 698 cidr_block = "10.0.0.0/16" 699 700 tags { 701 TestName = "TestAccAWSALB_basic" 702 } 703 } 704 705 resource "aws_subnet" "alb_test" { 706 count = 2 707 vpc_id = "${aws_vpc.alb_test.id}" 708 cidr_block = "${element(var.subnets, count.index)}" 709 map_public_ip_on_launch = true 710 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 711 712 tags { 713 TestName = "TestAccAWSALB_basic" 714 } 715 } 716 717 resource "aws_security_group" "alb_test" { 718 name = "allow_all_alb_test" 719 description = "Used for ALB Testing" 720 vpc_id = "${aws_vpc.alb_test.id}" 721 722 ingress { 723 from_port = 0 724 to_port = 0 725 protocol = "-1" 726 cidr_blocks = ["0.0.0.0/0"] 727 } 728 729 egress { 730 from_port = 0 731 to_port = 0 732 protocol = "-1" 733 cidr_blocks = ["0.0.0.0/0"] 734 } 735 736 tags { 737 TestName = "TestAccAWSALB_basic" 738 } 739 }`, albName, enabled, bucketName) 740 } 741 742 func testAccAWSALBConfig_nosg(albName string) string { 743 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 744 name = "%s" 745 internal = false 746 subnets = ["${aws_subnet.alb_test.*.id}"] 747 748 idle_timeout = 30 749 enable_deletion_protection = false 750 751 tags { 752 TestName = "TestAccAWSALB_basic" 753 } 754 } 755 756 variable "subnets" { 757 default = ["10.0.1.0/24", "10.0.2.0/24"] 758 type = "list" 759 } 760 761 data "aws_availability_zones" "available" {} 762 763 resource "aws_vpc" "alb_test" { 764 cidr_block = "10.0.0.0/16" 765 766 tags { 767 TestName = "TestAccAWSALB_basic" 768 } 769 } 770 771 resource "aws_subnet" "alb_test" { 772 count = 2 773 vpc_id = "${aws_vpc.alb_test.id}" 774 cidr_block = "${element(var.subnets, count.index)}" 775 map_public_ip_on_launch = true 776 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 777 778 tags { 779 TestName = "TestAccAWSALB_basic" 780 } 781 }`, albName) 782 } 783 784 func testAccAWSALBConfig_updateSecurityGroups(albName string) string { 785 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 786 name = "%s" 787 internal = false 788 security_groups = ["${aws_security_group.alb_test.id}", "${aws_security_group.alb_test_2.id}"] 789 subnets = ["${aws_subnet.alb_test.*.id}"] 790 791 idle_timeout = 30 792 enable_deletion_protection = false 793 794 tags { 795 TestName = "TestAccAWSALB_basic" 796 } 797 } 798 799 variable "subnets" { 800 default = ["10.0.1.0/24", "10.0.2.0/24"] 801 type = "list" 802 } 803 804 data "aws_availability_zones" "available" {} 805 806 resource "aws_vpc" "alb_test" { 807 cidr_block = "10.0.0.0/16" 808 809 tags { 810 TestName = "TestAccAWSALB_basic" 811 } 812 } 813 814 resource "aws_subnet" "alb_test" { 815 count = 2 816 vpc_id = "${aws_vpc.alb_test.id}" 817 cidr_block = "${element(var.subnets, count.index)}" 818 map_public_ip_on_launch = true 819 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 820 821 tags { 822 TestName = "TestAccAWSALB_basic" 823 } 824 } 825 826 resource "aws_security_group" "alb_test_2" { 827 name = "allow_all_alb_test_2" 828 description = "Used for ALB Testing" 829 vpc_id = "${aws_vpc.alb_test.id}" 830 831 ingress { 832 from_port = 80 833 to_port = 80 834 protocol = "TCP" 835 cidr_blocks = ["0.0.0.0/0"] 836 } 837 838 tags { 839 TestName = "TestAccAWSALB_basic_2" 840 } 841 } 842 843 resource "aws_security_group" "alb_test" { 844 name = "allow_all_alb_test" 845 description = "Used for ALB Testing" 846 vpc_id = "${aws_vpc.alb_test.id}" 847 848 ingress { 849 from_port = 0 850 to_port = 0 851 protocol = "-1" 852 cidr_blocks = ["0.0.0.0/0"] 853 } 854 855 egress { 856 from_port = 0 857 to_port = 0 858 protocol = "-1" 859 cidr_blocks = ["0.0.0.0/0"] 860 } 861 862 tags { 863 TestName = "TestAccAWSALB_basic" 864 } 865 }`, albName) 866 }