github.com/recobe182/terraform@v0.8.5-0.20170117231232-49ab22a935b7/builtin/providers/aws/resource_aws_vpn_connection_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/ec2" 10 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 ) 14 15 func TestAccAWSVpnConnection_basic(t *testing.T) { 16 resource.Test(t, resource.TestCase{ 17 PreCheck: func() { testAccPreCheck(t) }, 18 IDRefreshName: "aws_vpn_connection.foo", 19 Providers: testAccProviders, 20 CheckDestroy: testAccAwsVpnConnectionDestroy, 21 Steps: []resource.TestStep{ 22 { 23 Config: testAccAwsVpnConnectionConfig, 24 Check: resource.ComposeTestCheckFunc( 25 testAccAwsVpnConnection( 26 "aws_vpc.vpc", 27 "aws_vpn_gateway.vpn_gateway", 28 "aws_customer_gateway.customer_gateway", 29 "aws_vpn_connection.foo", 30 ), 31 ), 32 }, 33 { 34 Config: testAccAwsVpnConnectionConfigUpdate, 35 Check: resource.ComposeTestCheckFunc( 36 testAccAwsVpnConnection( 37 "aws_vpc.vpc", 38 "aws_vpn_gateway.vpn_gateway", 39 "aws_customer_gateway.customer_gateway", 40 "aws_vpn_connection.foo", 41 ), 42 ), 43 }, 44 }, 45 }) 46 } 47 48 func TestAccAWSVpnConnection_withoutStaticRoutes(t *testing.T) { 49 resource.Test(t, resource.TestCase{ 50 PreCheck: func() { testAccPreCheck(t) }, 51 IDRefreshName: "aws_vpn_connection.foo", 52 Providers: testAccProviders, 53 CheckDestroy: testAccAwsVpnConnectionDestroy, 54 Steps: []resource.TestStep{ 55 { 56 Config: testAccAwsVpnConnectionConfigUpdate, 57 Check: resource.ComposeTestCheckFunc( 58 testAccAwsVpnConnection( 59 "aws_vpc.vpc", 60 "aws_vpn_gateway.vpn_gateway", 61 "aws_customer_gateway.customer_gateway", 62 "aws_vpn_connection.foo", 63 ), 64 resource.TestCheckResourceAttr("aws_vpn_connection.foo", "static_routes_only", "false"), 65 ), 66 }, 67 }, 68 }) 69 } 70 71 func testAccAwsVpnConnectionDestroy(s *terraform.State) error { 72 conn := testAccProvider.Meta().(*AWSClient).ec2conn 73 for _, rs := range s.RootModule().Resources { 74 if rs.Type != "aws_vpn_connection" { 75 continue 76 } 77 78 resp, err := conn.DescribeVpnConnections(&ec2.DescribeVpnConnectionsInput{ 79 VpnConnectionIds: []*string{aws.String(rs.Primary.ID)}, 80 }) 81 82 if err != nil { 83 if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVpnConnectionID.NotFound" { 84 // not found 85 return nil 86 } 87 return err 88 } 89 90 var vpn *ec2.VpnConnection 91 for _, v := range resp.VpnConnections { 92 if v.VpnConnectionId != nil && *v.VpnConnectionId == rs.Primary.ID { 93 vpn = v 94 } 95 } 96 97 if vpn == nil { 98 // vpn connection not found 99 return nil 100 } 101 102 if vpn.State != nil && *vpn.State == "deleted" { 103 return nil 104 } 105 106 } 107 108 return nil 109 } 110 111 func testAccAwsVpnConnection( 112 vpcResource string, 113 vpnGatewayResource string, 114 customerGatewayResource string, 115 vpnConnectionResource string) resource.TestCheckFunc { 116 return func(s *terraform.State) error { 117 rs, ok := s.RootModule().Resources[vpnConnectionResource] 118 if !ok { 119 return fmt.Errorf("Not found: %s", vpnConnectionResource) 120 } 121 122 if rs.Primary.ID == "" { 123 return fmt.Errorf("No ID is set") 124 } 125 connection, ok := s.RootModule().Resources[vpnConnectionResource] 126 if !ok { 127 return fmt.Errorf("Not found: %s", vpnConnectionResource) 128 } 129 130 ec2conn := testAccProvider.Meta().(*AWSClient).ec2conn 131 132 _, err := ec2conn.DescribeVpnConnections(&ec2.DescribeVpnConnectionsInput{ 133 VpnConnectionIds: []*string{aws.String(connection.Primary.ID)}, 134 }) 135 136 if err != nil { 137 return err 138 } 139 140 return nil 141 } 142 } 143 144 func TestAWSVpnConnection_xmlconfig(t *testing.T) { 145 tunnelInfo, err := xmlConfigToTunnelInfo(testAccAwsVpnTunnelInfoXML) 146 if err != nil { 147 t.Fatalf("Error unmarshalling XML: %s", err) 148 } 149 if tunnelInfo.Tunnel1Address != "FIRST_ADDRESS" { 150 t.Fatalf("First address from tunnel XML was incorrect.") 151 } 152 if tunnelInfo.Tunnel1PreSharedKey != "FIRST_KEY" { 153 t.Fatalf("First key from tunnel XML was incorrect.") 154 } 155 if tunnelInfo.Tunnel2Address != "SECOND_ADDRESS" { 156 t.Fatalf("Second address from tunnel XML was incorrect.") 157 } 158 if tunnelInfo.Tunnel2PreSharedKey != "SECOND_KEY" { 159 t.Fatalf("Second key from tunnel XML was incorrect.") 160 } 161 } 162 163 const testAccAwsVpnConnectionConfig = ` 164 resource "aws_vpn_gateway" "vpn_gateway" { 165 tags { 166 Name = "vpn_gateway" 167 } 168 } 169 170 resource "aws_customer_gateway" "customer_gateway" { 171 bgp_asn = 65000 172 ip_address = "178.0.0.1" 173 type = "ipsec.1" 174 } 175 176 resource "aws_vpn_connection" "foo" { 177 vpn_gateway_id = "${aws_vpn_gateway.vpn_gateway.id}" 178 customer_gateway_id = "${aws_customer_gateway.customer_gateway.id}" 179 type = "ipsec.1" 180 static_routes_only = true 181 } 182 ` 183 184 // Change static_routes_only to be false, forcing a refresh. 185 const testAccAwsVpnConnectionConfigUpdate = ` 186 resource "aws_vpn_gateway" "vpn_gateway" { 187 tags { 188 Name = "vpn_gateway" 189 } 190 } 191 192 resource "aws_customer_gateway" "customer_gateway" { 193 bgp_asn = 65000 194 ip_address = "178.0.0.1" 195 type = "ipsec.1" 196 } 197 198 resource "aws_vpn_connection" "foo" { 199 vpn_gateway_id = "${aws_vpn_gateway.vpn_gateway.id}" 200 customer_gateway_id = "${aws_customer_gateway.customer_gateway.id}" 201 type = "ipsec.1" 202 static_routes_only = false 203 } 204 ` 205 206 // Test our VPN tunnel config XML parsing 207 const testAccAwsVpnTunnelInfoXML = ` 208 <vpn_connection id="vpn-abc123"> 209 <ipsec_tunnel> 210 <vpn_gateway> 211 <tunnel_outside_address> 212 <ip_address>SECOND_ADDRESS</ip_address> 213 </tunnel_outside_address> 214 </vpn_gateway> 215 <ike> 216 <pre_shared_key>SECOND_KEY</pre_shared_key> 217 </ike> 218 </ipsec_tunnel> 219 <ipsec_tunnel> 220 <vpn_gateway> 221 <tunnel_outside_address> 222 <ip_address>FIRST_ADDRESS</ip_address> 223 </tunnel_outside_address> 224 </vpn_gateway> 225 <ike> 226 <pre_shared_key>FIRST_KEY</pre_shared_key> 227 </ike> 228 </ipsec_tunnel> 229 </vpn_connection> 230 `