github.com/recobe182/terraform@v0.8.5-0.20170117231232-49ab22a935b7/builtin/providers/aws/resource_aws_sns_topic_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/sns" 10 "github.com/hashicorp/terraform/helper/acctest" 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 "github.com/jen20/awspolicyequivalence" 14 ) 15 16 func TestAccAWSSNSTopic_basic(t *testing.T) { 17 resource.Test(t, resource.TestCase{ 18 PreCheck: func() { testAccPreCheck(t) }, 19 IDRefreshName: "aws_sns_topic.test_topic", 20 Providers: testAccProviders, 21 CheckDestroy: testAccCheckAWSSNSTopicDestroy, 22 Steps: []resource.TestStep{ 23 resource.TestStep{ 24 Config: testAccAWSSNSTopicConfig, 25 Check: resource.ComposeTestCheckFunc( 26 testAccCheckAWSSNSTopicExists("aws_sns_topic.test_topic"), 27 ), 28 }, 29 }, 30 }) 31 } 32 33 func TestAccAWSSNSTopic_policy(t *testing.T) { 34 rName := acctest.RandString(10) 35 expectedPolicy := `{"Statement":[{"Sid":"Stmt1445931846145","Effect":"Allow","Principal":{"AWS":"*"},"Action":"sns:Publish","Resource":"arn:aws:sns:us-west-2::example"}],"Version":"2012-10-17","Id":"Policy1445931846145"}` 36 resource.Test(t, resource.TestCase{ 37 PreCheck: func() { testAccPreCheck(t) }, 38 IDRefreshName: "aws_sns_topic.test_topic", 39 Providers: testAccProviders, 40 CheckDestroy: testAccCheckAWSSNSTopicDestroy, 41 Steps: []resource.TestStep{ 42 resource.TestStep{ 43 Config: testAccAWSSNSTopicWithPolicy(rName), 44 Check: resource.ComposeTestCheckFunc( 45 testAccCheckAWSSNSTopicExists("aws_sns_topic.test_topic"), 46 testAccCheckAWSNSTopicHasPolicy("aws_sns_topic.test_topic", expectedPolicy), 47 ), 48 }, 49 }, 50 }) 51 } 52 53 func TestAccAWSSNSTopic_withIAMRole(t *testing.T) { 54 resource.Test(t, resource.TestCase{ 55 PreCheck: func() { testAccPreCheck(t) }, 56 IDRefreshName: "aws_sns_topic.test_topic", 57 Providers: testAccProviders, 58 CheckDestroy: testAccCheckAWSSNSTopicDestroy, 59 Steps: []resource.TestStep{ 60 resource.TestStep{ 61 Config: testAccAWSSNSTopicConfig_withIAMRole, 62 Check: resource.ComposeTestCheckFunc( 63 testAccCheckAWSSNSTopicExists("aws_sns_topic.test_topic"), 64 ), 65 }, 66 }, 67 }) 68 } 69 70 func testAccCheckAWSNSTopicHasPolicy(n string, expectedPolicyText string) resource.TestCheckFunc { 71 return func(s *terraform.State) error { 72 rs, ok := s.RootModule().Resources[n] 73 if !ok { 74 return fmt.Errorf("Not found: %s", n) 75 } 76 77 if rs.Primary.ID == "" { 78 return fmt.Errorf("No Queue URL specified!") 79 } 80 81 if !ok { 82 return fmt.Errorf("Not found: %s", n) 83 } 84 85 if rs.Primary.ID == "" { 86 return fmt.Errorf("No SNS topic with that ARN exists") 87 } 88 89 conn := testAccProvider.Meta().(*AWSClient).snsconn 90 91 params := &sns.GetTopicAttributesInput{ 92 TopicArn: aws.String(rs.Primary.ID), 93 } 94 resp, err := conn.GetTopicAttributes(params) 95 if err != nil { 96 return err 97 } 98 99 var actualPolicyText string 100 for k, v := range resp.Attributes { 101 if k == "Policy" { 102 actualPolicyText = *v 103 break 104 } 105 } 106 107 equivalent, err := awspolicy.PoliciesAreEquivalent(actualPolicyText, expectedPolicyText) 108 if err != nil { 109 return fmt.Errorf("Error testing policy equivalence: %s", err) 110 } 111 if !equivalent { 112 return fmt.Errorf("Non-equivalent policy error:\n\nexpected: %s\n\n got: %s\n", 113 expectedPolicyText, actualPolicyText) 114 } 115 116 return nil 117 } 118 } 119 120 func testAccCheckAWSSNSTopicDestroy(s *terraform.State) error { 121 conn := testAccProvider.Meta().(*AWSClient).snsconn 122 123 for _, rs := range s.RootModule().Resources { 124 if rs.Type != "aws_sns_topic" { 125 continue 126 } 127 128 // Check if the topic exists by fetching its attributes 129 params := &sns.GetTopicAttributesInput{ 130 TopicArn: aws.String(rs.Primary.ID), 131 } 132 _, err := conn.GetTopicAttributes(params) 133 if err == nil { 134 return fmt.Errorf("Topic exists when it should be destroyed!") 135 } 136 137 // Verify the error is an API error, not something else 138 _, ok := err.(awserr.Error) 139 if !ok { 140 return err 141 } 142 } 143 144 return nil 145 } 146 147 func testAccCheckAWSSNSTopicExists(n string) resource.TestCheckFunc { 148 return func(s *terraform.State) error { 149 rs, ok := s.RootModule().Resources[n] 150 if !ok { 151 return fmt.Errorf("Not found: %s", n) 152 } 153 154 if rs.Primary.ID == "" { 155 return fmt.Errorf("No SNS topic with that ARN exists") 156 } 157 158 conn := testAccProvider.Meta().(*AWSClient).snsconn 159 160 params := &sns.GetTopicAttributesInput{ 161 TopicArn: aws.String(rs.Primary.ID), 162 } 163 _, err := conn.GetTopicAttributes(params) 164 165 if err != nil { 166 return err 167 } 168 169 return nil 170 } 171 } 172 173 const testAccAWSSNSTopicConfig = ` 174 resource "aws_sns_topic" "test_topic" { 175 name = "terraform-test-topic" 176 } 177 ` 178 179 func testAccAWSSNSTopicWithPolicy(r string) string { 180 return fmt.Sprintf(` 181 resource "aws_sns_topic" "test_topic" { 182 name = "example-%s" 183 policy = <<EOF 184 { 185 "Statement": [ 186 { 187 "Sid": "Stmt1445931846145", 188 "Effect": "Allow", 189 "Principal": { 190 "AWS": "*" 191 }, 192 "Action": "sns:Publish", 193 "Resource": "arn:aws:sns:us-west-2::example" 194 } 195 ], 196 "Version": "2012-10-17", 197 "Id": "Policy1445931846145" 198 } 199 EOF 200 } 201 `, r) 202 } 203 204 // Test for https://github.com/hashicorp/terraform/issues/3660 205 const testAccAWSSNSTopicConfig_withIAMRole = ` 206 resource "aws_iam_role" "example" { 207 name = "terraform_bug" 208 path = "/test/" 209 assume_role_policy = <<EOF 210 { 211 "Version": "2012-10-17", 212 "Statement": [ 213 { 214 "Action": "sts:AssumeRole", 215 "Principal": { 216 "Service": "ec2.amazonaws.com" 217 }, 218 "Effect": "Allow", 219 "Sid": "" 220 } 221 ] 222 } 223 EOF 224 } 225 226 resource "aws_sns_topic" "test_topic" { 227 name = "example" 228 policy = <<EOF 229 { 230 "Statement": [ 231 { 232 "Sid": "Stmt1445931846145", 233 "Effect": "Allow", 234 "Principal": { 235 "AWS": "${aws_iam_role.example.arn}" 236 }, 237 "Action": "sns:Publish", 238 "Resource": "arn:aws:sns:us-west-2::example" 239 } 240 ], 241 "Version": "2012-10-17", 242 "Id": "Policy1445931846145" 243 } 244 EOF 245 } 246 `