github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_alb_test.go (about) 1 package aws 2 3 import ( 4 "errors" 5 "fmt" 6 "regexp" 7 "testing" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/service/elbv2" 11 "github.com/hashicorp/errwrap" 12 "github.com/hashicorp/terraform/helper/acctest" 13 "github.com/hashicorp/terraform/helper/resource" 14 "github.com/hashicorp/terraform/terraform" 15 ) 16 17 func TestALBCloudwatchSuffixFromARN(t *testing.T) { 18 cases := []struct { 19 name string 20 arn *string 21 suffix string 22 }{ 23 { 24 name: "valid suffix", 25 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer/app/my-alb/abc123`), 26 suffix: `app/my-alb/abc123`, 27 }, 28 { 29 name: "no suffix", 30 arn: aws.String(`arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer`), 31 suffix: ``, 32 }, 33 { 34 name: "nil ARN", 35 arn: nil, 36 suffix: ``, 37 }, 38 } 39 40 for _, tc := range cases { 41 actual := albSuffixFromARN(tc.arn) 42 if actual != tc.suffix { 43 t.Fatalf("bad suffix: %q\nExpected: %s\n Got: %s", tc.name, tc.suffix, actual) 44 } 45 } 46 } 47 48 func TestAccAWSALB_basic(t *testing.T) { 49 var conf elbv2.LoadBalancer 50 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 51 52 resource.Test(t, resource.TestCase{ 53 PreCheck: func() { testAccPreCheck(t) }, 54 IDRefreshName: "aws_alb.alb_test", 55 Providers: testAccProviders, 56 CheckDestroy: testAccCheckAWSALBDestroy, 57 Steps: []resource.TestStep{ 58 { 59 Config: testAccAWSALBConfig_basic(albName), 60 Check: resource.ComposeAggregateTestCheckFunc( 61 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 62 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 63 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 64 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 65 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 66 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 67 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 68 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 69 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 70 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 71 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 72 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 73 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 74 ), 75 }, 76 }, 77 }) 78 } 79 80 func TestAccAWSALB_generatedName(t *testing.T) { 81 var conf elbv2.LoadBalancer 82 83 resource.Test(t, resource.TestCase{ 84 PreCheck: func() { testAccPreCheck(t) }, 85 IDRefreshName: "aws_alb.alb_test", 86 Providers: testAccProviders, 87 CheckDestroy: testAccCheckAWSALBDestroy, 88 Steps: []resource.TestStep{ 89 { 90 Config: testAccAWSALBConfig_generatedName(), 91 Check: resource.ComposeAggregateTestCheckFunc( 92 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 93 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 94 ), 95 }, 96 }, 97 }) 98 } 99 100 func TestAccAWSALB_namePrefix(t *testing.T) { 101 var conf elbv2.LoadBalancer 102 103 resource.Test(t, resource.TestCase{ 104 PreCheck: func() { testAccPreCheck(t) }, 105 IDRefreshName: "aws_alb.alb_test", 106 Providers: testAccProviders, 107 CheckDestroy: testAccCheckAWSALBDestroy, 108 Steps: []resource.TestStep{ 109 { 110 Config: testAccAWSALBConfig_namePrefix(), 111 Check: resource.ComposeAggregateTestCheckFunc( 112 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 113 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "name"), 114 resource.TestMatchResourceAttr("aws_alb.alb_test", "name", 115 regexp.MustCompile("^tf-lb")), 116 ), 117 }, 118 }, 119 }) 120 } 121 122 func TestAccAWSALB_tags(t *testing.T) { 123 var conf elbv2.LoadBalancer 124 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 125 126 resource.Test(t, resource.TestCase{ 127 PreCheck: func() { testAccPreCheck(t) }, 128 IDRefreshName: "aws_alb.alb_test", 129 Providers: testAccProviders, 130 CheckDestroy: testAccCheckAWSALBDestroy, 131 Steps: []resource.TestStep{ 132 { 133 Config: testAccAWSALBConfig_basic(albName), 134 Check: resource.ComposeAggregateTestCheckFunc( 135 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 136 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 137 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 138 ), 139 }, 140 { 141 Config: testAccAWSALBConfig_updatedTags(albName), 142 Check: resource.ComposeAggregateTestCheckFunc( 143 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 144 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "2"), 145 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Type", "Sample Type Tag"), 146 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.Environment", "Production"), 147 ), 148 }, 149 }, 150 }) 151 } 152 153 func TestAccAWSALB_updatedSecurityGroups(t *testing.T) { 154 var pre, post elbv2.LoadBalancer 155 albName := fmt.Sprintf("testaccawsalb-basic-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 156 157 resource.Test(t, resource.TestCase{ 158 PreCheck: func() { testAccPreCheck(t) }, 159 IDRefreshName: "aws_alb.alb_test", 160 Providers: testAccProviders, 161 CheckDestroy: testAccCheckAWSALBDestroy, 162 Steps: []resource.TestStep{ 163 { 164 Config: testAccAWSALBConfig_basic(albName), 165 Check: resource.ComposeAggregateTestCheckFunc( 166 testAccCheckAWSALBExists("aws_alb.alb_test", &pre), 167 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 168 ), 169 }, 170 { 171 Config: testAccAWSALBConfig_updateSecurityGroups(albName), 172 Check: resource.ComposeAggregateTestCheckFunc( 173 testAccCheckAWSALBExists("aws_alb.alb_test", &post), 174 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "2"), 175 testAccCheckAWSAlbARNs(&pre, &post), 176 ), 177 }, 178 }, 179 }) 180 } 181 182 // TestAccAWSALB_noSecurityGroup regression tests the issue in #8264, 183 // where if an ALB is created without a security group, a default one 184 // is assigned. 185 func TestAccAWSALB_noSecurityGroup(t *testing.T) { 186 var conf elbv2.LoadBalancer 187 albName := fmt.Sprintf("testaccawsalb-nosg-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) 188 189 resource.Test(t, resource.TestCase{ 190 PreCheck: func() { testAccPreCheck(t) }, 191 IDRefreshName: "aws_alb.alb_test", 192 Providers: testAccProviders, 193 CheckDestroy: testAccCheckAWSALBDestroy, 194 Steps: []resource.TestStep{ 195 { 196 Config: testAccAWSALBConfig_nosg(albName), 197 Check: resource.ComposeAggregateTestCheckFunc( 198 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 199 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 200 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 201 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 202 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 203 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 204 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 205 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 206 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 207 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 208 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 209 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 210 ), 211 }, 212 }, 213 }) 214 } 215 216 func TestAccAWSALB_accesslogs(t *testing.T) { 217 var conf elbv2.LoadBalancer 218 bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)) 219 albName := fmt.Sprintf("testaccawsalbaccesslog-%s", acctest.RandStringFromCharSet(4, acctest.CharSetAlpha)) 220 221 resource.Test(t, resource.TestCase{ 222 PreCheck: func() { testAccPreCheck(t) }, 223 IDRefreshName: "aws_alb.alb_test", 224 Providers: testAccProviders, 225 CheckDestroy: testAccCheckAWSALBDestroy, 226 Steps: []resource.TestStep{ 227 { 228 Config: testAccAWSALBConfig_basic(albName), 229 Check: resource.ComposeAggregateTestCheckFunc( 230 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 231 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 232 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 233 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 234 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 235 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 236 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"), 237 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 238 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"), 239 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 240 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 241 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 242 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 243 ), 244 }, 245 { 246 Config: testAccAWSALBConfig_accessLogs(true, albName, bucketName), 247 Check: resource.ComposeAggregateTestCheckFunc( 248 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 249 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 250 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 251 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 252 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 253 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 254 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 255 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 256 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 257 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 258 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 259 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 260 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 261 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.bucket", bucketName), 262 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.prefix", "testAccAWSALBConfig_accessLogs"), 263 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "true"), 264 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 265 ), 266 }, 267 { 268 Config: testAccAWSALBConfig_accessLogs(false, albName, bucketName), 269 Check: resource.ComposeAggregateTestCheckFunc( 270 testAccCheckAWSALBExists("aws_alb.alb_test", &conf), 271 resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName), 272 resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "true"), 273 resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"), 274 resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"), 275 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"), 276 resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic1"), 277 resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"), 278 resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "50"), 279 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"), 280 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"), 281 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"), 282 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.#", "1"), 283 resource.TestCheckResourceAttr("aws_alb.alb_test", "access_logs.0.enabled", "false"), 284 resource.TestCheckResourceAttrSet("aws_alb.alb_test", "arn"), 285 ), 286 }, 287 }, 288 }) 289 } 290 291 func testAccCheckAWSAlbARNs(pre, post *elbv2.LoadBalancer) resource.TestCheckFunc { 292 return func(s *terraform.State) error { 293 if *pre.LoadBalancerArn != *post.LoadBalancerArn { 294 return errors.New("ALB has been recreated. ARNs are different") 295 } 296 297 return nil 298 } 299 } 300 301 func testAccCheckAWSALBExists(n string, res *elbv2.LoadBalancer) resource.TestCheckFunc { 302 return func(s *terraform.State) error { 303 rs, ok := s.RootModule().Resources[n] 304 if !ok { 305 return fmt.Errorf("Not found: %s", n) 306 } 307 308 if rs.Primary.ID == "" { 309 return errors.New("No ALB ID is set") 310 } 311 312 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 313 314 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 315 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 316 }) 317 318 if err != nil { 319 return err 320 } 321 322 if len(describe.LoadBalancers) != 1 || 323 *describe.LoadBalancers[0].LoadBalancerArn != rs.Primary.ID { 324 return errors.New("ALB not found") 325 } 326 327 *res = *describe.LoadBalancers[0] 328 return nil 329 } 330 } 331 332 func testAccCheckAWSALBDestroy(s *terraform.State) error { 333 conn := testAccProvider.Meta().(*AWSClient).elbv2conn 334 335 for _, rs := range s.RootModule().Resources { 336 if rs.Type != "aws_alb" { 337 continue 338 } 339 340 describe, err := conn.DescribeLoadBalancers(&elbv2.DescribeLoadBalancersInput{ 341 LoadBalancerArns: []*string{aws.String(rs.Primary.ID)}, 342 }) 343 344 if err == nil { 345 if len(describe.LoadBalancers) != 0 && 346 *describe.LoadBalancers[0].LoadBalancerArn == rs.Primary.ID { 347 return fmt.Errorf("ALB %q still exists", rs.Primary.ID) 348 } 349 } 350 351 // Verify the error 352 if isLoadBalancerNotFound(err) { 353 return nil 354 } else { 355 return errwrap.Wrapf("Unexpected error checking ALB destroyed: {{err}}", err) 356 } 357 } 358 359 return nil 360 } 361 362 func testAccAWSALBConfig_basic(albName string) string { 363 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 364 name = "%s" 365 internal = true 366 security_groups = ["${aws_security_group.alb_test.id}"] 367 subnets = ["${aws_subnet.alb_test.*.id}"] 368 369 idle_timeout = 30 370 enable_deletion_protection = false 371 372 tags { 373 TestName = "TestAccAWSALB_basic" 374 } 375 } 376 377 variable "subnets" { 378 default = ["10.0.1.0/24", "10.0.2.0/24"] 379 type = "list" 380 } 381 382 data "aws_availability_zones" "available" {} 383 384 resource "aws_vpc" "alb_test" { 385 cidr_block = "10.0.0.0/16" 386 387 tags { 388 TestName = "TestAccAWSALB_basic" 389 } 390 } 391 392 resource "aws_subnet" "alb_test" { 393 count = 2 394 vpc_id = "${aws_vpc.alb_test.id}" 395 cidr_block = "${element(var.subnets, count.index)}" 396 map_public_ip_on_launch = true 397 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 398 399 tags { 400 TestName = "TestAccAWSALB_basic" 401 } 402 } 403 404 resource "aws_security_group" "alb_test" { 405 name = "allow_all_alb_test" 406 description = "Used for ALB Testing" 407 vpc_id = "${aws_vpc.alb_test.id}" 408 409 ingress { 410 from_port = 0 411 to_port = 0 412 protocol = "-1" 413 cidr_blocks = ["0.0.0.0/0"] 414 } 415 416 egress { 417 from_port = 0 418 to_port = 0 419 protocol = "-1" 420 cidr_blocks = ["0.0.0.0/0"] 421 } 422 423 tags { 424 TestName = "TestAccAWSALB_basic" 425 } 426 }`, albName) 427 } 428 429 func testAccAWSALBConfig_generatedName() string { 430 return fmt.Sprintf(` 431 resource "aws_alb" "alb_test" { 432 internal = true 433 security_groups = ["${aws_security_group.alb_test.id}"] 434 subnets = ["${aws_subnet.alb_test.*.id}"] 435 436 idle_timeout = 30 437 enable_deletion_protection = false 438 439 tags { 440 TestName = "TestAccAWSALB_basic" 441 } 442 } 443 444 variable "subnets" { 445 default = ["10.0.1.0/24", "10.0.2.0/24"] 446 type = "list" 447 } 448 449 data "aws_availability_zones" "available" {} 450 451 resource "aws_vpc" "alb_test" { 452 cidr_block = "10.0.0.0/16" 453 454 tags { 455 TestName = "TestAccAWSALB_basic" 456 } 457 } 458 459 resource "aws_internet_gateway" "gw" { 460 vpc_id = "${aws_vpc.alb_test.id}" 461 462 tags { 463 Name = "TestAccAWSALB_basic" 464 } 465 } 466 467 resource "aws_subnet" "alb_test" { 468 count = 2 469 vpc_id = "${aws_vpc.alb_test.id}" 470 cidr_block = "${element(var.subnets, count.index)}" 471 map_public_ip_on_launch = true 472 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 473 474 tags { 475 TestName = "TestAccAWSALB_basic" 476 } 477 } 478 479 resource "aws_security_group" "alb_test" { 480 name = "allow_all_alb_test" 481 description = "Used for ALB Testing" 482 vpc_id = "${aws_vpc.alb_test.id}" 483 484 ingress { 485 from_port = 0 486 to_port = 0 487 protocol = "-1" 488 cidr_blocks = ["0.0.0.0/0"] 489 } 490 491 egress { 492 from_port = 0 493 to_port = 0 494 protocol = "-1" 495 cidr_blocks = ["0.0.0.0/0"] 496 } 497 498 tags { 499 TestName = "TestAccAWSALB_basic" 500 } 501 }`) 502 } 503 504 func testAccAWSALBConfig_namePrefix() string { 505 return fmt.Sprintf(` 506 resource "aws_alb" "alb_test" { 507 name_prefix = "tf-lb" 508 internal = true 509 security_groups = ["${aws_security_group.alb_test.id}"] 510 subnets = ["${aws_subnet.alb_test.*.id}"] 511 512 idle_timeout = 30 513 enable_deletion_protection = false 514 515 tags { 516 TestName = "TestAccAWSALB_basic" 517 } 518 } 519 520 variable "subnets" { 521 default = ["10.0.1.0/24", "10.0.2.0/24"] 522 type = "list" 523 } 524 525 data "aws_availability_zones" "available" {} 526 527 resource "aws_vpc" "alb_test" { 528 cidr_block = "10.0.0.0/16" 529 530 tags { 531 TestName = "TestAccAWSALB_basic" 532 } 533 } 534 535 resource "aws_subnet" "alb_test" { 536 count = 2 537 vpc_id = "${aws_vpc.alb_test.id}" 538 cidr_block = "${element(var.subnets, count.index)}" 539 map_public_ip_on_launch = true 540 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 541 542 tags { 543 TestName = "TestAccAWSALB_basic" 544 } 545 } 546 547 resource "aws_security_group" "alb_test" { 548 name = "allow_all_alb_test" 549 description = "Used for ALB Testing" 550 vpc_id = "${aws_vpc.alb_test.id}" 551 552 ingress { 553 from_port = 0 554 to_port = 0 555 protocol = "-1" 556 cidr_blocks = ["0.0.0.0/0"] 557 } 558 559 egress { 560 from_port = 0 561 to_port = 0 562 protocol = "-1" 563 cidr_blocks = ["0.0.0.0/0"] 564 } 565 566 tags { 567 TestName = "TestAccAWSALB_basic" 568 } 569 }`) 570 } 571 func testAccAWSALBConfig_updatedTags(albName string) string { 572 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 573 name = "%s" 574 internal = true 575 security_groups = ["${aws_security_group.alb_test.id}"] 576 subnets = ["${aws_subnet.alb_test.*.id}"] 577 578 idle_timeout = 30 579 enable_deletion_protection = false 580 581 tags { 582 Environment = "Production" 583 Type = "Sample Type Tag" 584 } 585 } 586 587 variable "subnets" { 588 default = ["10.0.1.0/24", "10.0.2.0/24"] 589 type = "list" 590 } 591 592 data "aws_availability_zones" "available" {} 593 594 resource "aws_vpc" "alb_test" { 595 cidr_block = "10.0.0.0/16" 596 597 tags { 598 TestName = "TestAccAWSALB_basic" 599 } 600 } 601 602 resource "aws_subnet" "alb_test" { 603 count = 2 604 vpc_id = "${aws_vpc.alb_test.id}" 605 cidr_block = "${element(var.subnets, count.index)}" 606 map_public_ip_on_launch = true 607 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 608 609 tags { 610 TestName = "TestAccAWSALB_basic" 611 } 612 } 613 614 resource "aws_security_group" "alb_test" { 615 name = "allow_all_alb_test" 616 description = "Used for ALB Testing" 617 vpc_id = "${aws_vpc.alb_test.id}" 618 619 ingress { 620 from_port = 0 621 to_port = 0 622 protocol = "-1" 623 cidr_blocks = ["0.0.0.0/0"] 624 } 625 626 egress { 627 from_port = 0 628 to_port = 0 629 protocol = "-1" 630 cidr_blocks = ["0.0.0.0/0"] 631 } 632 633 tags { 634 TestName = "TestAccAWSALB_basic" 635 } 636 }`, albName) 637 } 638 639 func testAccAWSALBConfig_accessLogs(enabled bool, albName, bucketName string) string { 640 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 641 name = "%s" 642 internal = true 643 security_groups = ["${aws_security_group.alb_test.id}"] 644 subnets = ["${aws_subnet.alb_test.*.id}"] 645 646 idle_timeout = 50 647 enable_deletion_protection = false 648 649 access_logs { 650 bucket = "${aws_s3_bucket.logs.bucket}" 651 prefix = "${var.bucket_prefix}" 652 enabled = "%t" 653 } 654 655 tags { 656 TestName = "TestAccAWSALB_basic1" 657 } 658 } 659 660 variable "bucket_name" { 661 type = "string" 662 default = "%s" 663 } 664 665 variable "bucket_prefix" { 666 type = "string" 667 default = "testAccAWSALBConfig_accessLogs" 668 } 669 670 resource "aws_s3_bucket" "logs" { 671 bucket = "${var.bucket_name}" 672 policy = "${data.aws_iam_policy_document.logs_bucket.json}" 673 # dangerous, only here for the test... 674 force_destroy = true 675 676 tags { 677 Name = "ALB Logs Bucket Test" 678 } 679 } 680 681 data "aws_caller_identity" "current" {} 682 683 data "aws_elb_service_account" "current" {} 684 685 data "aws_iam_policy_document" "logs_bucket" { 686 statement { 687 actions = ["s3:PutObject"] 688 effect = "Allow" 689 resources = ["arn:aws:s3:::${var.bucket_name}/${var.bucket_prefix}/AWSLogs/${data.aws_caller_identity.current.account_id}/*"] 690 691 principals = { 692 type = "AWS" 693 identifiers = ["arn:aws:iam::${data.aws_elb_service_account.current.id}:root"] 694 } 695 } 696 } 697 698 variable "subnets" { 699 default = ["10.0.1.0/24", "10.0.2.0/24"] 700 type = "list" 701 } 702 703 data "aws_availability_zones" "available" {} 704 705 resource "aws_vpc" "alb_test" { 706 cidr_block = "10.0.0.0/16" 707 708 tags { 709 TestName = "TestAccAWSALB_basic" 710 } 711 } 712 713 resource "aws_subnet" "alb_test" { 714 count = 2 715 vpc_id = "${aws_vpc.alb_test.id}" 716 cidr_block = "${element(var.subnets, count.index)}" 717 map_public_ip_on_launch = true 718 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 719 720 tags { 721 TestName = "TestAccAWSALB_basic" 722 } 723 } 724 725 resource "aws_security_group" "alb_test" { 726 name = "allow_all_alb_test" 727 description = "Used for ALB Testing" 728 vpc_id = "${aws_vpc.alb_test.id}" 729 730 ingress { 731 from_port = 0 732 to_port = 0 733 protocol = "-1" 734 cidr_blocks = ["0.0.0.0/0"] 735 } 736 737 egress { 738 from_port = 0 739 to_port = 0 740 protocol = "-1" 741 cidr_blocks = ["0.0.0.0/0"] 742 } 743 744 tags { 745 TestName = "TestAccAWSALB_basic" 746 } 747 }`, albName, enabled, bucketName) 748 } 749 750 func testAccAWSALBConfig_nosg(albName string) string { 751 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 752 name = "%s" 753 internal = true 754 subnets = ["${aws_subnet.alb_test.*.id}"] 755 756 idle_timeout = 30 757 enable_deletion_protection = false 758 759 tags { 760 TestName = "TestAccAWSALB_basic" 761 } 762 } 763 764 variable "subnets" { 765 default = ["10.0.1.0/24", "10.0.2.0/24"] 766 type = "list" 767 } 768 769 data "aws_availability_zones" "available" {} 770 771 resource "aws_vpc" "alb_test" { 772 cidr_block = "10.0.0.0/16" 773 774 tags { 775 TestName = "TestAccAWSALB_basic" 776 } 777 } 778 779 resource "aws_subnet" "alb_test" { 780 count = 2 781 vpc_id = "${aws_vpc.alb_test.id}" 782 cidr_block = "${element(var.subnets, count.index)}" 783 map_public_ip_on_launch = true 784 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 785 786 tags { 787 TestName = "TestAccAWSALB_basic" 788 } 789 }`, albName) 790 } 791 792 func testAccAWSALBConfig_updateSecurityGroups(albName string) string { 793 return fmt.Sprintf(`resource "aws_alb" "alb_test" { 794 name = "%s" 795 internal = true 796 security_groups = ["${aws_security_group.alb_test.id}", "${aws_security_group.alb_test_2.id}"] 797 subnets = ["${aws_subnet.alb_test.*.id}"] 798 799 idle_timeout = 30 800 enable_deletion_protection = false 801 802 tags { 803 TestName = "TestAccAWSALB_basic" 804 } 805 } 806 807 variable "subnets" { 808 default = ["10.0.1.0/24", "10.0.2.0/24"] 809 type = "list" 810 } 811 812 data "aws_availability_zones" "available" {} 813 814 resource "aws_vpc" "alb_test" { 815 cidr_block = "10.0.0.0/16" 816 817 tags { 818 TestName = "TestAccAWSALB_basic" 819 } 820 } 821 822 resource "aws_subnet" "alb_test" { 823 count = 2 824 vpc_id = "${aws_vpc.alb_test.id}" 825 cidr_block = "${element(var.subnets, count.index)}" 826 map_public_ip_on_launch = true 827 availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}" 828 829 tags { 830 TestName = "TestAccAWSALB_basic" 831 } 832 } 833 834 resource "aws_security_group" "alb_test_2" { 835 name = "allow_all_alb_test_2" 836 description = "Used for ALB Testing" 837 vpc_id = "${aws_vpc.alb_test.id}" 838 839 ingress { 840 from_port = 80 841 to_port = 80 842 protocol = "TCP" 843 cidr_blocks = ["0.0.0.0/0"] 844 } 845 846 tags { 847 TestName = "TestAccAWSALB_basic_2" 848 } 849 } 850 851 resource "aws_security_group" "alb_test" { 852 name = "allow_all_alb_test" 853 description = "Used for ALB Testing" 854 vpc_id = "${aws_vpc.alb_test.id}" 855 856 ingress { 857 from_port = 0 858 to_port = 0 859 protocol = "-1" 860 cidr_blocks = ["0.0.0.0/0"] 861 } 862 863 egress { 864 from_port = 0 865 to_port = 0 866 protocol = "-1" 867 cidr_blocks = ["0.0.0.0/0"] 868 } 869 870 tags { 871 TestName = "TestAccAWSALB_basic" 872 } 873 }`, albName) 874 }