github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/aws/resource_aws_iam_role_policy_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/service/iam" 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/terraform" 11 ) 12 13 func TestAccAWSIAMRolePolicy_basic(t *testing.T) { 14 resource.Test(t, resource.TestCase{ 15 PreCheck: func() { testAccPreCheck(t) }, 16 Providers: testAccProviders, 17 CheckDestroy: testAccCheckIAMRolePolicyDestroy, 18 Steps: []resource.TestStep{ 19 resource.TestStep{ 20 Config: testAccIAMRolePolicyConfig, 21 Check: resource.ComposeTestCheckFunc( 22 testAccCheckIAMRolePolicy( 23 "aws_iam_role.role", 24 "aws_iam_role_policy.foo", 25 ), 26 ), 27 }, 28 resource.TestStep{ 29 Config: testAccIAMRolePolicyConfigUpdate, 30 Check: resource.ComposeTestCheckFunc( 31 testAccCheckIAMRolePolicy( 32 "aws_iam_role.role", 33 "aws_iam_role_policy.bar", 34 ), 35 ), 36 }, 37 }, 38 }) 39 } 40 41 func testAccCheckIAMRolePolicyDestroy(s *terraform.State) error { 42 if len(s.RootModule().Resources) > 0 { 43 return fmt.Errorf("Expected all resources to be gone, but found: %#v", s.RootModule().Resources) 44 } 45 46 return nil 47 } 48 49 func testAccCheckIAMRolePolicy( 50 iamRoleResource string, 51 iamRolePolicyResource string) resource.TestCheckFunc { 52 return func(s *terraform.State) error { 53 rs, ok := s.RootModule().Resources[iamRoleResource] 54 if !ok { 55 return fmt.Errorf("Not Found: %s", iamRoleResource) 56 } 57 58 if rs.Primary.ID == "" { 59 return fmt.Errorf("No ID is set") 60 } 61 62 policy, ok := s.RootModule().Resources[iamRolePolicyResource] 63 if !ok { 64 return fmt.Errorf("Not Found: %s", iamRolePolicyResource) 65 } 66 67 iamconn := testAccProvider.Meta().(*AWSClient).iamconn 68 role, name := resourceAwsIamRolePolicyParseId(policy.Primary.ID) 69 _, err := iamconn.GetRolePolicy(&iam.GetRolePolicyInput{ 70 RoleName: aws.String(role), 71 PolicyName: aws.String(name), 72 }) 73 74 if err != nil { 75 return err 76 } 77 78 return nil 79 } 80 } 81 82 const testAccIAMRolePolicyConfig = ` 83 resource "aws_iam_role" "role" { 84 name = "test_role" 85 path = "/" 86 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Effect\":\"Allow\",\"Sid\":\"\"}]}" 87 } 88 89 resource "aws_iam_role_policy" "foo" { 90 name = "foo_policy" 91 role = "${aws_iam_role.role.name}" 92 policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" 93 } 94 ` 95 96 const testAccIAMRolePolicyConfigUpdate = ` 97 resource "aws_iam_role" "role" { 98 name = "test_role" 99 path = "/" 100 assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Effect\":\"Allow\",\"Sid\":\"\"}]}" 101 } 102 103 resource "aws_iam_role_policy" "foo" { 104 name = "foo_policy" 105 role = "${aws_iam_role.role.name}" 106 policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" 107 } 108 109 resource "aws_iam_role_policy" "bar" { 110 name = "bar_policy" 111 role = "${aws_iam_role.role.name}" 112 policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" 113 } 114 `