github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_elb_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "math/rand" 6 "reflect" 7 "regexp" 8 "sort" 9 "testing" 10 "time" 11 12 "github.com/aws/aws-sdk-go/aws" 13 "github.com/aws/aws-sdk-go/aws/awserr" 14 "github.com/aws/aws-sdk-go/service/elb" 15 "github.com/hashicorp/terraform/helper/acctest" 16 "github.com/hashicorp/terraform/helper/resource" 17 "github.com/hashicorp/terraform/terraform" 18 ) 19 20 func TestAccAWSELB_basic(t *testing.T) { 21 var conf elb.LoadBalancerDescription 22 23 resource.Test(t, resource.TestCase{ 24 PreCheck: func() { testAccPreCheck(t) }, 25 IDRefreshName: "aws_elb.bar", 26 Providers: testAccProviders, 27 CheckDestroy: testAccCheckAWSELBDestroy, 28 Steps: []resource.TestStep{ 29 resource.TestStep{ 30 Config: testAccAWSELBConfig, 31 Check: resource.ComposeTestCheckFunc( 32 testAccCheckAWSELBExists("aws_elb.bar", &conf), 33 testAccCheckAWSELBAttributes(&conf), 34 resource.TestCheckResourceAttr( 35 "aws_elb.bar", "availability_zones.#", "3"), 36 resource.TestCheckResourceAttr( 37 "aws_elb.bar", "availability_zones.2487133097", "us-west-2a"), 38 resource.TestCheckResourceAttr( 39 "aws_elb.bar", "availability_zones.221770259", "us-west-2b"), 40 resource.TestCheckResourceAttr( 41 "aws_elb.bar", "availability_zones.2050015877", "us-west-2c"), 42 resource.TestCheckResourceAttr( 43 "aws_elb.bar", "subnets.#", "3"), 44 // NOTE: Subnet IDs are different across AWS accounts and cannot be checked. 45 resource.TestCheckResourceAttr( 46 "aws_elb.bar", "listener.206423021.instance_port", "8000"), 47 resource.TestCheckResourceAttr( 48 "aws_elb.bar", "listener.206423021.instance_protocol", "http"), 49 resource.TestCheckResourceAttr( 50 "aws_elb.bar", "listener.206423021.lb_port", "80"), 51 resource.TestCheckResourceAttr( 52 "aws_elb.bar", "listener.206423021.lb_protocol", "http"), 53 resource.TestCheckResourceAttr( 54 "aws_elb.bar", "cross_zone_load_balancing", "true"), 55 ), 56 }, 57 }, 58 }) 59 } 60 61 func TestAccAWSELB_fullCharacterRange(t *testing.T) { 62 var conf elb.LoadBalancerDescription 63 64 lbName := fmt.Sprintf("Tf-%d", 65 rand.New(rand.NewSource(time.Now().UnixNano())).Int()) 66 67 resource.Test(t, resource.TestCase{ 68 PreCheck: func() { testAccPreCheck(t) }, 69 IDRefreshName: "aws_elb.foo", 70 Providers: testAccProviders, 71 CheckDestroy: testAccCheckAWSELBDestroy, 72 Steps: []resource.TestStep{ 73 resource.TestStep{ 74 Config: fmt.Sprintf(testAccAWSELBFullRangeOfCharacters, lbName), 75 Check: resource.ComposeTestCheckFunc( 76 testAccCheckAWSELBExists("aws_elb.foo", &conf), 77 resource.TestCheckResourceAttr( 78 "aws_elb.foo", "name", lbName), 79 ), 80 }, 81 }, 82 }) 83 } 84 85 func TestAccAWSELB_AccessLogs_enabled(t *testing.T) { 86 var conf elb.LoadBalancerDescription 87 88 rName := fmt.Sprintf("terraform-access-logs-bucket-%d", acctest.RandInt()) 89 90 resource.Test(t, resource.TestCase{ 91 PreCheck: func() { testAccPreCheck(t) }, 92 IDRefreshName: "aws_elb.foo", 93 Providers: testAccProviders, 94 CheckDestroy: testAccCheckAWSELBDestroy, 95 Steps: []resource.TestStep{ 96 resource.TestStep{ 97 Config: testAccAWSELBAccessLogs, 98 Check: resource.ComposeTestCheckFunc( 99 testAccCheckAWSELBExists("aws_elb.foo", &conf), 100 ), 101 }, 102 103 resource.TestStep{ 104 Config: testAccAWSELBAccessLogsOn(rName), 105 Check: resource.ComposeTestCheckFunc( 106 testAccCheckAWSELBExists("aws_elb.foo", &conf), 107 resource.TestCheckResourceAttr( 108 "aws_elb.foo", "access_logs.#", "1"), 109 resource.TestCheckResourceAttr( 110 "aws_elb.foo", "access_logs.0.bucket", rName), 111 resource.TestCheckResourceAttr( 112 "aws_elb.foo", "access_logs.0.interval", "5"), 113 resource.TestCheckResourceAttr( 114 "aws_elb.foo", "access_logs.0.enabled", "true"), 115 ), 116 }, 117 118 resource.TestStep{ 119 Config: testAccAWSELBAccessLogs, 120 Check: resource.ComposeTestCheckFunc( 121 testAccCheckAWSELBExists("aws_elb.foo", &conf), 122 resource.TestCheckResourceAttr( 123 "aws_elb.foo", "access_logs.#", "0"), 124 ), 125 }, 126 }, 127 }) 128 } 129 130 func TestAccAWSELB_AccessLogs_disabled(t *testing.T) { 131 var conf elb.LoadBalancerDescription 132 133 rName := fmt.Sprintf("terraform-access-logs-bucket-%d", acctest.RandInt()) 134 135 resource.Test(t, resource.TestCase{ 136 PreCheck: func() { testAccPreCheck(t) }, 137 IDRefreshName: "aws_elb.foo", 138 Providers: testAccProviders, 139 CheckDestroy: testAccCheckAWSELBDestroy, 140 Steps: []resource.TestStep{ 141 resource.TestStep{ 142 Config: testAccAWSELBAccessLogs, 143 Check: resource.ComposeTestCheckFunc( 144 testAccCheckAWSELBExists("aws_elb.foo", &conf), 145 ), 146 }, 147 148 resource.TestStep{ 149 Config: testAccAWSELBAccessLogsDisabled(rName), 150 Check: resource.ComposeTestCheckFunc( 151 testAccCheckAWSELBExists("aws_elb.foo", &conf), 152 resource.TestCheckResourceAttr( 153 "aws_elb.foo", "access_logs.#", "1"), 154 resource.TestCheckResourceAttr( 155 "aws_elb.foo", "access_logs.0.bucket", rName), 156 resource.TestCheckResourceAttr( 157 "aws_elb.foo", "access_logs.0.interval", "5"), 158 resource.TestCheckResourceAttr( 159 "aws_elb.foo", "access_logs.0.enabled", "false"), 160 ), 161 }, 162 163 resource.TestStep{ 164 Config: testAccAWSELBAccessLogs, 165 Check: resource.ComposeTestCheckFunc( 166 testAccCheckAWSELBExists("aws_elb.foo", &conf), 167 resource.TestCheckResourceAttr( 168 "aws_elb.foo", "access_logs.#", "0"), 169 ), 170 }, 171 }, 172 }) 173 } 174 175 func TestAccAWSELB_generatedName(t *testing.T) { 176 var conf elb.LoadBalancerDescription 177 generatedNameRegexp := regexp.MustCompile("^tf-lb-") 178 179 resource.Test(t, resource.TestCase{ 180 PreCheck: func() { testAccPreCheck(t) }, 181 IDRefreshName: "aws_elb.foo", 182 Providers: testAccProviders, 183 CheckDestroy: testAccCheckAWSELBDestroy, 184 Steps: []resource.TestStep{ 185 resource.TestStep{ 186 Config: testAccAWSELBGeneratedName, 187 Check: resource.ComposeTestCheckFunc( 188 testAccCheckAWSELBExists("aws_elb.foo", &conf), 189 resource.TestMatchResourceAttr( 190 "aws_elb.foo", "name", generatedNameRegexp), 191 ), 192 }, 193 }, 194 }) 195 } 196 197 func TestAccAWSELB_availabilityZones(t *testing.T) { 198 var conf elb.LoadBalancerDescription 199 200 resource.Test(t, resource.TestCase{ 201 PreCheck: func() { testAccPreCheck(t) }, 202 IDRefreshName: "aws_elb.bar", 203 Providers: testAccProviders, 204 CheckDestroy: testAccCheckAWSELBDestroy, 205 Steps: []resource.TestStep{ 206 resource.TestStep{ 207 Config: testAccAWSELBConfig, 208 Check: resource.ComposeTestCheckFunc( 209 testAccCheckAWSELBExists("aws_elb.bar", &conf), 210 resource.TestCheckResourceAttr( 211 "aws_elb.bar", "availability_zones.#", "3"), 212 resource.TestCheckResourceAttr( 213 "aws_elb.bar", "availability_zones.2487133097", "us-west-2a"), 214 resource.TestCheckResourceAttr( 215 "aws_elb.bar", "availability_zones.221770259", "us-west-2b"), 216 resource.TestCheckResourceAttr( 217 "aws_elb.bar", "availability_zones.2050015877", "us-west-2c"), 218 ), 219 }, 220 221 resource.TestStep{ 222 Config: testAccAWSELBConfig_AvailabilityZonesUpdate, 223 Check: resource.ComposeTestCheckFunc( 224 testAccCheckAWSELBExists("aws_elb.bar", &conf), 225 resource.TestCheckResourceAttr( 226 "aws_elb.bar", "availability_zones.#", "2"), 227 resource.TestCheckResourceAttr( 228 "aws_elb.bar", "availability_zones.2487133097", "us-west-2a"), 229 resource.TestCheckResourceAttr( 230 "aws_elb.bar", "availability_zones.221770259", "us-west-2b"), 231 ), 232 }, 233 }, 234 }) 235 } 236 237 func TestAccAWSELB_tags(t *testing.T) { 238 var conf elb.LoadBalancerDescription 239 var td elb.TagDescription 240 241 resource.Test(t, resource.TestCase{ 242 PreCheck: func() { testAccPreCheck(t) }, 243 IDRefreshName: "aws_elb.bar", 244 Providers: testAccProviders, 245 CheckDestroy: testAccCheckAWSELBDestroy, 246 Steps: []resource.TestStep{ 247 resource.TestStep{ 248 Config: testAccAWSELBConfig, 249 Check: resource.ComposeTestCheckFunc( 250 testAccCheckAWSELBExists("aws_elb.bar", &conf), 251 testAccCheckAWSELBAttributes(&conf), 252 testAccLoadTags(&conf, &td), 253 testAccCheckELBTags(&td.Tags, "bar", "baz"), 254 ), 255 }, 256 257 resource.TestStep{ 258 Config: testAccAWSELBConfig_TagUpdate, 259 Check: resource.ComposeTestCheckFunc( 260 testAccCheckAWSELBExists("aws_elb.bar", &conf), 261 testAccCheckAWSELBAttributes(&conf), 262 testAccLoadTags(&conf, &td), 263 testAccCheckELBTags(&td.Tags, "foo", "bar"), 264 testAccCheckELBTags(&td.Tags, "new", "type"), 265 ), 266 }, 267 }, 268 }) 269 } 270 271 func TestAccAWSELB_iam_server_cert(t *testing.T) { 272 var conf elb.LoadBalancerDescription 273 // var td elb.TagDescription 274 testCheck := func(*terraform.State) error { 275 if len(conf.ListenerDescriptions) != 1 { 276 return fmt.Errorf( 277 "TestAccAWSELB_iam_server_cert expected 1 listener, got %d", 278 len(conf.ListenerDescriptions)) 279 } 280 return nil 281 } 282 resource.Test(t, resource.TestCase{ 283 PreCheck: func() { testAccPreCheck(t) }, 284 IDRefreshName: "aws_elb.bar", 285 Providers: testAccProviders, 286 CheckDestroy: testAccCheckAWSELBDestroy, 287 Steps: []resource.TestStep{ 288 resource.TestStep{ 289 Config: testAccELBIAMServerCertConfig( 290 fmt.Sprintf("tf-acctest-%s", acctest.RandString(10))), 291 Check: resource.ComposeTestCheckFunc( 292 testAccCheckAWSELBExists("aws_elb.bar", &conf), 293 testCheck, 294 ), 295 }, 296 }, 297 }) 298 } 299 300 func TestAccAWSELB_swap_subnets(t *testing.T) { 301 var conf elb.LoadBalancerDescription 302 303 resource.Test(t, resource.TestCase{ 304 PreCheck: func() { testAccPreCheck(t) }, 305 IDRefreshName: "aws_elb.ourapp", 306 Providers: testAccProviders, 307 CheckDestroy: testAccCheckAWSELBDestroy, 308 Steps: []resource.TestStep{ 309 resource.TestStep{ 310 Config: testAccAWSELBConfig_subnets, 311 Check: resource.ComposeTestCheckFunc( 312 testAccCheckAWSELBExists("aws_elb.ourapp", &conf), 313 resource.TestCheckResourceAttr( 314 "aws_elb.ourapp", "subnets.#", "2"), 315 ), 316 }, 317 318 resource.TestStep{ 319 Config: testAccAWSELBConfig_subnet_swap, 320 Check: resource.ComposeTestCheckFunc( 321 testAccCheckAWSELBExists("aws_elb.ourapp", &conf), 322 resource.TestCheckResourceAttr( 323 "aws_elb.ourapp", "subnets.#", "2"), 324 ), 325 }, 326 }, 327 }) 328 } 329 330 func testAccLoadTags(conf *elb.LoadBalancerDescription, td *elb.TagDescription) resource.TestCheckFunc { 331 return func(s *terraform.State) error { 332 conn := testAccProvider.Meta().(*AWSClient).elbconn 333 334 describe, err := conn.DescribeTags(&elb.DescribeTagsInput{ 335 LoadBalancerNames: []*string{conf.LoadBalancerName}, 336 }) 337 338 if err != nil { 339 return err 340 } 341 if len(describe.TagDescriptions) > 0 { 342 *td = *describe.TagDescriptions[0] 343 } 344 return nil 345 } 346 } 347 348 func TestAccAWSELB_InstanceAttaching(t *testing.T) { 349 var conf elb.LoadBalancerDescription 350 351 testCheckInstanceAttached := func(count int) resource.TestCheckFunc { 352 return func(*terraform.State) error { 353 if len(conf.Instances) != count { 354 return fmt.Errorf("instance count does not match") 355 } 356 return nil 357 } 358 } 359 360 resource.Test(t, resource.TestCase{ 361 PreCheck: func() { testAccPreCheck(t) }, 362 IDRefreshName: "aws_elb.bar", 363 Providers: testAccProviders, 364 CheckDestroy: testAccCheckAWSELBDestroy, 365 Steps: []resource.TestStep{ 366 resource.TestStep{ 367 Config: testAccAWSELBConfig, 368 Check: resource.ComposeTestCheckFunc( 369 testAccCheckAWSELBExists("aws_elb.bar", &conf), 370 testAccCheckAWSELBAttributes(&conf), 371 ), 372 }, 373 374 resource.TestStep{ 375 Config: testAccAWSELBConfigNewInstance, 376 Check: resource.ComposeTestCheckFunc( 377 testAccCheckAWSELBExists("aws_elb.bar", &conf), 378 testCheckInstanceAttached(1), 379 ), 380 }, 381 }, 382 }) 383 } 384 385 func TestAccAWSELBUpdate_Listener(t *testing.T) { 386 var conf elb.LoadBalancerDescription 387 388 resource.Test(t, resource.TestCase{ 389 PreCheck: func() { testAccPreCheck(t) }, 390 IDRefreshName: "aws_elb.bar", 391 Providers: testAccProviders, 392 CheckDestroy: testAccCheckAWSELBDestroy, 393 Steps: []resource.TestStep{ 394 resource.TestStep{ 395 Config: testAccAWSELBConfig, 396 Check: resource.ComposeTestCheckFunc( 397 testAccCheckAWSELBExists("aws_elb.bar", &conf), 398 testAccCheckAWSELBAttributes(&conf), 399 resource.TestCheckResourceAttr( 400 "aws_elb.bar", "listener.206423021.instance_port", "8000"), 401 ), 402 }, 403 404 resource.TestStep{ 405 Config: testAccAWSELBConfigListener_update, 406 Check: resource.ComposeTestCheckFunc( 407 testAccCheckAWSELBExists("aws_elb.bar", &conf), 408 resource.TestCheckResourceAttr( 409 "aws_elb.bar", "listener.3931999347.instance_port", "8080"), 410 ), 411 }, 412 }, 413 }) 414 } 415 416 func TestAccAWSELB_HealthCheck(t *testing.T) { 417 var conf elb.LoadBalancerDescription 418 419 resource.Test(t, resource.TestCase{ 420 PreCheck: func() { testAccPreCheck(t) }, 421 IDRefreshName: "aws_elb.bar", 422 Providers: testAccProviders, 423 CheckDestroy: testAccCheckAWSELBDestroy, 424 Steps: []resource.TestStep{ 425 resource.TestStep{ 426 Config: testAccAWSELBConfigHealthCheck, 427 Check: resource.ComposeTestCheckFunc( 428 testAccCheckAWSELBExists("aws_elb.bar", &conf), 429 testAccCheckAWSELBAttributesHealthCheck(&conf), 430 resource.TestCheckResourceAttr( 431 "aws_elb.bar", "health_check.0.healthy_threshold", "5"), 432 resource.TestCheckResourceAttr( 433 "aws_elb.bar", "health_check.0.unhealthy_threshold", "5"), 434 resource.TestCheckResourceAttr( 435 "aws_elb.bar", "health_check.0.target", "HTTP:8000/"), 436 resource.TestCheckResourceAttr( 437 "aws_elb.bar", "health_check.0.timeout", "30"), 438 resource.TestCheckResourceAttr( 439 "aws_elb.bar", "health_check.0.interval", "60"), 440 ), 441 }, 442 }, 443 }) 444 } 445 446 func TestAccAWSELBUpdate_HealthCheck(t *testing.T) { 447 resource.Test(t, resource.TestCase{ 448 PreCheck: func() { testAccPreCheck(t) }, 449 IDRefreshName: "aws_elb.bar", 450 Providers: testAccProviders, 451 CheckDestroy: testAccCheckAWSELBDestroy, 452 Steps: []resource.TestStep{ 453 resource.TestStep{ 454 Config: testAccAWSELBConfigHealthCheck, 455 Check: resource.ComposeTestCheckFunc( 456 resource.TestCheckResourceAttr( 457 "aws_elb.bar", "health_check.0.healthy_threshold", "5"), 458 ), 459 }, 460 resource.TestStep{ 461 Config: testAccAWSELBConfigHealthCheck_update, 462 Check: resource.ComposeTestCheckFunc( 463 resource.TestCheckResourceAttr( 464 "aws_elb.bar", "health_check.0.healthy_threshold", "10"), 465 ), 466 }, 467 }, 468 }) 469 } 470 471 func TestAccAWSELB_Timeout(t *testing.T) { 472 var conf elb.LoadBalancerDescription 473 474 resource.Test(t, resource.TestCase{ 475 PreCheck: func() { testAccPreCheck(t) }, 476 IDRefreshName: "aws_elb.bar", 477 Providers: testAccProviders, 478 CheckDestroy: testAccCheckAWSELBDestroy, 479 Steps: []resource.TestStep{ 480 resource.TestStep{ 481 Config: testAccAWSELBConfigIdleTimeout, 482 Check: resource.ComposeTestCheckFunc( 483 testAccCheckAWSELBExists("aws_elb.bar", &conf), 484 resource.TestCheckResourceAttr( 485 "aws_elb.bar", "idle_timeout", "200", 486 ), 487 ), 488 }, 489 }, 490 }) 491 } 492 493 func TestAccAWSELBUpdate_Timeout(t *testing.T) { 494 resource.Test(t, resource.TestCase{ 495 PreCheck: func() { testAccPreCheck(t) }, 496 IDRefreshName: "aws_elb.bar", 497 Providers: testAccProviders, 498 CheckDestroy: testAccCheckAWSELBDestroy, 499 Steps: []resource.TestStep{ 500 resource.TestStep{ 501 Config: testAccAWSELBConfigIdleTimeout, 502 Check: resource.ComposeTestCheckFunc( 503 resource.TestCheckResourceAttr( 504 "aws_elb.bar", "idle_timeout", "200", 505 ), 506 ), 507 }, 508 resource.TestStep{ 509 Config: testAccAWSELBConfigIdleTimeout_update, 510 Check: resource.ComposeTestCheckFunc( 511 resource.TestCheckResourceAttr( 512 "aws_elb.bar", "idle_timeout", "400", 513 ), 514 ), 515 }, 516 }, 517 }) 518 } 519 520 func TestAccAWSELB_ConnectionDraining(t *testing.T) { 521 resource.Test(t, resource.TestCase{ 522 PreCheck: func() { testAccPreCheck(t) }, 523 IDRefreshName: "aws_elb.bar", 524 Providers: testAccProviders, 525 CheckDestroy: testAccCheckAWSELBDestroy, 526 Steps: []resource.TestStep{ 527 resource.TestStep{ 528 Config: testAccAWSELBConfigConnectionDraining, 529 Check: resource.ComposeTestCheckFunc( 530 resource.TestCheckResourceAttr( 531 "aws_elb.bar", "connection_draining", "true", 532 ), 533 resource.TestCheckResourceAttr( 534 "aws_elb.bar", "connection_draining_timeout", "400", 535 ), 536 ), 537 }, 538 }, 539 }) 540 } 541 542 func TestAccAWSELBUpdate_ConnectionDraining(t *testing.T) { 543 resource.Test(t, resource.TestCase{ 544 PreCheck: func() { testAccPreCheck(t) }, 545 IDRefreshName: "aws_elb.bar", 546 Providers: testAccProviders, 547 CheckDestroy: testAccCheckAWSELBDestroy, 548 Steps: []resource.TestStep{ 549 resource.TestStep{ 550 Config: testAccAWSELBConfigConnectionDraining, 551 Check: resource.ComposeTestCheckFunc( 552 resource.TestCheckResourceAttr( 553 "aws_elb.bar", "connection_draining", "true", 554 ), 555 resource.TestCheckResourceAttr( 556 "aws_elb.bar", "connection_draining_timeout", "400", 557 ), 558 ), 559 }, 560 resource.TestStep{ 561 Config: testAccAWSELBConfigConnectionDraining_update_timeout, 562 Check: resource.ComposeTestCheckFunc( 563 resource.TestCheckResourceAttr( 564 "aws_elb.bar", "connection_draining", "true", 565 ), 566 resource.TestCheckResourceAttr( 567 "aws_elb.bar", "connection_draining_timeout", "600", 568 ), 569 ), 570 }, 571 resource.TestStep{ 572 Config: testAccAWSELBConfigConnectionDraining_update_disable, 573 Check: resource.ComposeTestCheckFunc( 574 resource.TestCheckResourceAttr( 575 "aws_elb.bar", "connection_draining", "false", 576 ), 577 ), 578 }, 579 }, 580 }) 581 } 582 583 func TestAccAWSELB_SecurityGroups(t *testing.T) { 584 resource.Test(t, resource.TestCase{ 585 PreCheck: func() { testAccPreCheck(t) }, 586 IDRefreshName: "aws_elb.bar", 587 Providers: testAccProviders, 588 CheckDestroy: testAccCheckAWSELBDestroy, 589 Steps: []resource.TestStep{ 590 resource.TestStep{ 591 Config: testAccAWSELBConfig, 592 Check: resource.ComposeTestCheckFunc( 593 // ELBs get a default security group 594 resource.TestCheckResourceAttr( 595 "aws_elb.bar", "security_groups.#", "1", 596 ), 597 ), 598 }, 599 resource.TestStep{ 600 Config: testAccAWSELBConfigSecurityGroups, 601 Check: resource.ComposeTestCheckFunc( 602 // Count should still be one as we swap in a custom security group 603 resource.TestCheckResourceAttr( 604 "aws_elb.bar", "security_groups.#", "1", 605 ), 606 ), 607 }, 608 }, 609 }) 610 } 611 612 // Unit test for listeners hash 613 func TestResourceAwsElbListenerHash(t *testing.T) { 614 cases := map[string]struct { 615 Left map[string]interface{} 616 Right map[string]interface{} 617 Match bool 618 }{ 619 "protocols are case insensitive": { 620 map[string]interface{}{ 621 "instance_port": 80, 622 "instance_protocol": "TCP", 623 "lb_port": 80, 624 "lb_protocol": "TCP", 625 }, 626 map[string]interface{}{ 627 "instance_port": 80, 628 "instance_protocol": "Tcp", 629 "lb_port": 80, 630 "lb_protocol": "tcP", 631 }, 632 true, 633 }, 634 } 635 636 for tn, tc := range cases { 637 leftHash := resourceAwsElbListenerHash(tc.Left) 638 rightHash := resourceAwsElbListenerHash(tc.Right) 639 if leftHash == rightHash != tc.Match { 640 t.Fatalf("%s: expected match: %t, but did not get it", tn, tc.Match) 641 } 642 } 643 } 644 645 func TestResourceAWSELB_validateElbNameCannotBeginWithHyphen(t *testing.T) { 646 var elbName = "-Testing123" 647 _, errors := validateElbName(elbName, "SampleKey") 648 649 if len(errors) != 1 { 650 t.Fatalf("Expected the ELB Name to trigger a validation error") 651 } 652 } 653 654 func TestResourceAWSELB_validateElbNameCannotBeLongerThen32Characters(t *testing.T) { 655 var elbName = "Testing123dddddddddddddddddddvvvv" 656 _, errors := validateElbName(elbName, "SampleKey") 657 658 if len(errors) != 1 { 659 t.Fatalf("Expected the ELB Name to trigger a validation error") 660 } 661 } 662 663 func TestResourceAWSELB_validateElbNameCannotHaveSpecialCharacters(t *testing.T) { 664 var elbName = "Testing123%%" 665 _, errors := validateElbName(elbName, "SampleKey") 666 667 if len(errors) != 1 { 668 t.Fatalf("Expected the ELB Name to trigger a validation error") 669 } 670 } 671 672 func TestResourceAWSELB_validateElbNameCannotEndWithHyphen(t *testing.T) { 673 var elbName = "Testing123-" 674 _, errors := validateElbName(elbName, "SampleKey") 675 676 if len(errors) != 1 { 677 t.Fatalf("Expected the ELB Name to trigger a validation error") 678 } 679 } 680 681 func TestResourceAWSELB_validateAccessLogsInterval(t *testing.T) { 682 type testCases struct { 683 Value int 684 ErrCount int 685 } 686 687 invalidCases := []testCases{ 688 { 689 Value: 0, 690 ErrCount: 1, 691 }, 692 { 693 Value: 10, 694 ErrCount: 1, 695 }, 696 { 697 Value: -1, 698 ErrCount: 1, 699 }, 700 } 701 702 for _, tc := range invalidCases { 703 _, errors := validateAccessLogsInterval(tc.Value, "interval") 704 if len(errors) != tc.ErrCount { 705 t.Fatalf("Expected %q to trigger a validation error.", tc.Value) 706 } 707 } 708 709 } 710 711 func TestResourceAWSELB_validateListenerProtocol(t *testing.T) { 712 type testCases struct { 713 Value string 714 ErrCount int 715 } 716 717 invalidCases := []testCases{ 718 { 719 Value: "", 720 ErrCount: 1, 721 }, 722 { 723 Value: "incorrect", 724 ErrCount: 1, 725 }, 726 { 727 Value: "HTTP:", 728 ErrCount: 1, 729 }, 730 } 731 732 for _, tc := range invalidCases { 733 _, errors := validateListenerProtocol(tc.Value, "protocol") 734 if len(errors) != tc.ErrCount { 735 t.Fatalf("Expected %q to trigger a validation error.", tc.Value) 736 } 737 } 738 739 validCases := []testCases{ 740 { 741 Value: "TCP", 742 ErrCount: 0, 743 }, 744 { 745 Value: "ssl", 746 ErrCount: 0, 747 }, 748 { 749 Value: "HTTP", 750 ErrCount: 0, 751 }, 752 } 753 754 for _, tc := range validCases { 755 _, errors := validateListenerProtocol(tc.Value, "protocol") 756 if len(errors) != tc.ErrCount { 757 t.Fatalf("Expected %q not to trigger a validation error.", tc.Value) 758 } 759 } 760 } 761 762 func TestResourceAWSELB_validateHealthCheckTarget(t *testing.T) { 763 type testCase struct { 764 Value string 765 ErrCount int 766 } 767 768 randomRunes := func(n int) string { 769 rand.Seed(time.Now().UTC().UnixNano()) 770 771 // A complete set of modern Katakana characters. 772 runes := []rune("アイウエオ" + 773 "カキクケコガギグゲゴサシスセソザジズゼゾ" + 774 "タチツテトダヂヅデドナニヌネノハヒフヘホ" + 775 "バビブベボパピプペポマミムメモヤユヨラリ" + 776 "ルレロワヰヱヲン") 777 778 s := make([]rune, n) 779 for i := range s { 780 s[i] = runes[rand.Intn(len(runes))] 781 } 782 return string(s) 783 } 784 785 validCases := []testCase{ 786 { 787 Value: "TCP:1234", 788 ErrCount: 0, 789 }, 790 { 791 Value: "http:80/test", 792 ErrCount: 0, 793 }, 794 { 795 Value: fmt.Sprintf("HTTP:8080/%s", randomRunes(5)), 796 ErrCount: 0, 797 }, 798 { 799 Value: "SSL:8080", 800 ErrCount: 0, 801 }, 802 } 803 804 for _, tc := range validCases { 805 _, errors := validateHeathCheckTarget(tc.Value, "target") 806 if len(errors) != tc.ErrCount { 807 t.Fatalf("Expected %q not to trigger a validation error.", tc.Value) 808 } 809 } 810 811 invalidCases := []testCase{ 812 { 813 Value: "", 814 ErrCount: 1, 815 }, 816 { 817 Value: "TCP:", 818 ErrCount: 1, 819 }, 820 { 821 Value: "TCP:1234/", 822 ErrCount: 1, 823 }, 824 { 825 Value: "SSL:8080/", 826 ErrCount: 1, 827 }, 828 { 829 Value: "HTTP:8080", 830 ErrCount: 1, 831 }, 832 { 833 Value: "incorrect-value", 834 ErrCount: 1, 835 }, 836 { 837 Value: "TCP:123456", 838 ErrCount: 1, 839 }, 840 { 841 Value: "incorrect:80/", 842 ErrCount: 1, 843 }, 844 { 845 Value: fmt.Sprintf("HTTP:8080/%s%s", randomString(512), randomRunes(512)), 846 ErrCount: 1, 847 }, 848 } 849 850 for _, tc := range invalidCases { 851 _, errors := validateHeathCheckTarget(tc.Value, "target") 852 if len(errors) != tc.ErrCount { 853 t.Fatalf("Expected %q to trigger a validation error.", tc.Value) 854 } 855 } 856 } 857 858 func testAccCheckAWSELBDestroy(s *terraform.State) error { 859 conn := testAccProvider.Meta().(*AWSClient).elbconn 860 861 for _, rs := range s.RootModule().Resources { 862 if rs.Type != "aws_elb" { 863 continue 864 } 865 866 describe, err := conn.DescribeLoadBalancers(&elb.DescribeLoadBalancersInput{ 867 LoadBalancerNames: []*string{aws.String(rs.Primary.ID)}, 868 }) 869 870 if err == nil { 871 if len(describe.LoadBalancerDescriptions) != 0 && 872 *describe.LoadBalancerDescriptions[0].LoadBalancerName == rs.Primary.ID { 873 return fmt.Errorf("ELB still exists") 874 } 875 } 876 877 // Verify the error 878 providerErr, ok := err.(awserr.Error) 879 if !ok { 880 return err 881 } 882 883 if providerErr.Code() != "LoadBalancerNotFound" { 884 return fmt.Errorf("Unexpected error: %s", err) 885 } 886 } 887 888 return nil 889 } 890 891 func testAccCheckAWSELBAttributes(conf *elb.LoadBalancerDescription) resource.TestCheckFunc { 892 return func(s *terraform.State) error { 893 zones := []string{"us-west-2a", "us-west-2b", "us-west-2c"} 894 azs := make([]string, 0, len(conf.AvailabilityZones)) 895 for _, x := range conf.AvailabilityZones { 896 azs = append(azs, *x) 897 } 898 sort.StringSlice(azs).Sort() 899 if !reflect.DeepEqual(azs, zones) { 900 return fmt.Errorf("bad availability_zones") 901 } 902 903 l := elb.Listener{ 904 InstancePort: aws.Int64(int64(8000)), 905 InstanceProtocol: aws.String("HTTP"), 906 LoadBalancerPort: aws.Int64(int64(80)), 907 Protocol: aws.String("HTTP"), 908 } 909 910 if !reflect.DeepEqual(conf.ListenerDescriptions[0].Listener, &l) { 911 return fmt.Errorf( 912 "Got:\n\n%#v\n\nExpected:\n\n%#v\n", 913 conf.ListenerDescriptions[0].Listener, 914 l) 915 } 916 917 if *conf.DNSName == "" { 918 return fmt.Errorf("empty dns_name") 919 } 920 921 return nil 922 } 923 } 924 925 func testAccCheckAWSELBAttributesHealthCheck(conf *elb.LoadBalancerDescription) resource.TestCheckFunc { 926 return func(s *terraform.State) error { 927 zones := []string{"us-west-2a", "us-west-2b", "us-west-2c"} 928 azs := make([]string, 0, len(conf.AvailabilityZones)) 929 for _, x := range conf.AvailabilityZones { 930 azs = append(azs, *x) 931 } 932 sort.StringSlice(azs).Sort() 933 if !reflect.DeepEqual(azs, zones) { 934 return fmt.Errorf("bad availability_zones") 935 } 936 937 check := &elb.HealthCheck{ 938 Timeout: aws.Int64(int64(30)), 939 UnhealthyThreshold: aws.Int64(int64(5)), 940 HealthyThreshold: aws.Int64(int64(5)), 941 Interval: aws.Int64(int64(60)), 942 Target: aws.String("HTTP:8000/"), 943 } 944 945 if !reflect.DeepEqual(conf.HealthCheck, check) { 946 return fmt.Errorf( 947 "Got:\n\n%#v\n\nExpected:\n\n%#v\n", 948 conf.HealthCheck, 949 check) 950 } 951 952 if *conf.DNSName == "" { 953 return fmt.Errorf("empty dns_name") 954 } 955 956 return nil 957 } 958 } 959 960 func testAccCheckAWSELBExists(n string, res *elb.LoadBalancerDescription) resource.TestCheckFunc { 961 return func(s *terraform.State) error { 962 rs, ok := s.RootModule().Resources[n] 963 if !ok { 964 return fmt.Errorf("Not found: %s", n) 965 } 966 967 if rs.Primary.ID == "" { 968 return fmt.Errorf("No ELB ID is set") 969 } 970 971 conn := testAccProvider.Meta().(*AWSClient).elbconn 972 973 describe, err := conn.DescribeLoadBalancers(&elb.DescribeLoadBalancersInput{ 974 LoadBalancerNames: []*string{aws.String(rs.Primary.ID)}, 975 }) 976 977 if err != nil { 978 return err 979 } 980 981 if len(describe.LoadBalancerDescriptions) != 1 || 982 *describe.LoadBalancerDescriptions[0].LoadBalancerName != rs.Primary.ID { 983 return fmt.Errorf("ELB not found") 984 } 985 986 *res = *describe.LoadBalancerDescriptions[0] 987 988 // Confirm source_security_group_id for ELBs in a VPC 989 // See https://github.com/hashicorp/terraform/pull/3780 990 if res.VPCId != nil { 991 sgid := rs.Primary.Attributes["source_security_group_id"] 992 if sgid == "" { 993 return fmt.Errorf("Expected to find source_security_group_id for ELB, but was empty") 994 } 995 } 996 997 return nil 998 } 999 } 1000 1001 const testAccAWSELBConfig = ` 1002 resource "aws_elb" "bar" { 1003 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1004 1005 listener { 1006 instance_port = 8000 1007 instance_protocol = "http" 1008 lb_port = 80 1009 // Protocol should be case insensitive 1010 lb_protocol = "HttP" 1011 } 1012 1013 tags { 1014 bar = "baz" 1015 } 1016 1017 cross_zone_load_balancing = true 1018 } 1019 ` 1020 1021 const testAccAWSELBFullRangeOfCharacters = ` 1022 resource "aws_elb" "foo" { 1023 name = "%s" 1024 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1025 1026 listener { 1027 instance_port = 8000 1028 instance_protocol = "http" 1029 lb_port = 80 1030 lb_protocol = "http" 1031 } 1032 } 1033 ` 1034 1035 const testAccAWSELBAccessLogs = ` 1036 resource "aws_elb" "foo" { 1037 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1038 1039 listener { 1040 instance_port = 8000 1041 instance_protocol = "http" 1042 lb_port = 80 1043 lb_protocol = "http" 1044 } 1045 } 1046 ` 1047 1048 func testAccAWSELBAccessLogsOn(r string) string { 1049 return fmt.Sprintf(` 1050 # an S3 bucket configured for Access logs 1051 # The 797873946194 is the AWS ID for us-west-2, so this test 1052 # must be ran in us-west-2 1053 resource "aws_s3_bucket" "acceslogs_bucket" { 1054 bucket = "%s" 1055 acl = "private" 1056 force_destroy = true 1057 policy = <<EOF 1058 { 1059 "Id": "Policy1446577137248", 1060 "Statement": [ 1061 { 1062 "Action": "s3:PutObject", 1063 "Effect": "Allow", 1064 "Principal": { 1065 "AWS": "arn:aws:iam::797873946194:root" 1066 }, 1067 "Resource": "arn:aws:s3:::%s/*", 1068 "Sid": "Stmt1446575236270" 1069 } 1070 ], 1071 "Version": "2012-10-17" 1072 } 1073 EOF 1074 } 1075 1076 resource "aws_elb" "foo" { 1077 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1078 1079 listener { 1080 instance_port = 8000 1081 instance_protocol = "http" 1082 lb_port = 80 1083 lb_protocol = "http" 1084 } 1085 1086 access_logs { 1087 interval = 5 1088 bucket = "${aws_s3_bucket.acceslogs_bucket.bucket}" 1089 } 1090 } 1091 `, r, r) 1092 } 1093 1094 func testAccAWSELBAccessLogsDisabled(r string) string { 1095 return fmt.Sprintf(` 1096 # an S3 bucket configured for Access logs 1097 # The 797873946194 is the AWS ID for us-west-2, so this test 1098 # must be ran in us-west-2 1099 resource "aws_s3_bucket" "acceslogs_bucket" { 1100 bucket = "%s" 1101 acl = "private" 1102 force_destroy = true 1103 policy = <<EOF 1104 { 1105 "Id": "Policy1446577137248", 1106 "Statement": [ 1107 { 1108 "Action": "s3:PutObject", 1109 "Effect": "Allow", 1110 "Principal": { 1111 "AWS": "arn:aws:iam::797873946194:root" 1112 }, 1113 "Resource": "arn:aws:s3:::%s/*", 1114 "Sid": "Stmt1446575236270" 1115 } 1116 ], 1117 "Version": "2012-10-17" 1118 } 1119 EOF 1120 } 1121 1122 resource "aws_elb" "foo" { 1123 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1124 1125 listener { 1126 instance_port = 8000 1127 instance_protocol = "http" 1128 lb_port = 80 1129 lb_protocol = "http" 1130 } 1131 1132 access_logs { 1133 interval = 5 1134 bucket = "${aws_s3_bucket.acceslogs_bucket.bucket}" 1135 enabled = false 1136 } 1137 } 1138 `, r, r) 1139 } 1140 1141 const testAccAWSELBGeneratedName = ` 1142 resource "aws_elb" "foo" { 1143 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1144 1145 listener { 1146 instance_port = 8000 1147 instance_protocol = "http" 1148 lb_port = 80 1149 lb_protocol = "http" 1150 } 1151 } 1152 ` 1153 1154 const testAccAWSELBConfig_AvailabilityZonesUpdate = ` 1155 resource "aws_elb" "bar" { 1156 availability_zones = ["us-west-2a", "us-west-2b"] 1157 1158 listener { 1159 instance_port = 8000 1160 instance_protocol = "http" 1161 lb_port = 80 1162 lb_protocol = "http" 1163 } 1164 } 1165 ` 1166 1167 const testAccAWSELBConfig_TagUpdate = ` 1168 resource "aws_elb" "bar" { 1169 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1170 1171 listener { 1172 instance_port = 8000 1173 instance_protocol = "http" 1174 lb_port = 80 1175 lb_protocol = "http" 1176 } 1177 1178 tags { 1179 foo = "bar" 1180 new = "type" 1181 } 1182 1183 cross_zone_load_balancing = true 1184 } 1185 ` 1186 1187 const testAccAWSELBConfigNewInstance = ` 1188 resource "aws_elb" "bar" { 1189 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1190 1191 listener { 1192 instance_port = 8000 1193 instance_protocol = "http" 1194 lb_port = 80 1195 lb_protocol = "http" 1196 } 1197 1198 instances = ["${aws_instance.foo.id}"] 1199 } 1200 1201 resource "aws_instance" "foo" { 1202 # us-west-2 1203 ami = "ami-043a5034" 1204 instance_type = "t1.micro" 1205 } 1206 ` 1207 1208 const testAccAWSELBConfigListenerSSLCertificateId = ` 1209 resource "aws_elb" "bar" { 1210 availability_zones = ["us-west-2a"] 1211 1212 listener { 1213 instance_port = 8000 1214 instance_protocol = "http" 1215 ssl_certificate_id = "%s" 1216 lb_port = 443 1217 lb_protocol = "https" 1218 } 1219 } 1220 ` 1221 1222 const testAccAWSELBConfigHealthCheck = ` 1223 resource "aws_elb" "bar" { 1224 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1225 1226 listener { 1227 instance_port = 8000 1228 instance_protocol = "http" 1229 lb_port = 80 1230 lb_protocol = "http" 1231 } 1232 1233 health_check { 1234 healthy_threshold = 5 1235 unhealthy_threshold = 5 1236 target = "HTTP:8000/" 1237 interval = 60 1238 timeout = 30 1239 } 1240 } 1241 ` 1242 1243 const testAccAWSELBConfigHealthCheck_update = ` 1244 resource "aws_elb" "bar" { 1245 availability_zones = ["us-west-2a"] 1246 1247 listener { 1248 instance_port = 8000 1249 instance_protocol = "http" 1250 lb_port = 80 1251 lb_protocol = "http" 1252 } 1253 1254 health_check { 1255 healthy_threshold = 10 1256 unhealthy_threshold = 5 1257 target = "HTTP:8000/" 1258 interval = 60 1259 timeout = 30 1260 } 1261 } 1262 ` 1263 1264 const testAccAWSELBConfigListener_update = ` 1265 resource "aws_elb" "bar" { 1266 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1267 1268 listener { 1269 instance_port = 8080 1270 instance_protocol = "http" 1271 lb_port = 80 1272 lb_protocol = "http" 1273 } 1274 } 1275 ` 1276 1277 const testAccAWSELBConfigIdleTimeout = ` 1278 resource "aws_elb" "bar" { 1279 availability_zones = ["us-west-2a"] 1280 1281 listener { 1282 instance_port = 8000 1283 instance_protocol = "http" 1284 lb_port = 80 1285 lb_protocol = "http" 1286 } 1287 1288 idle_timeout = 200 1289 } 1290 ` 1291 1292 const testAccAWSELBConfigIdleTimeout_update = ` 1293 resource "aws_elb" "bar" { 1294 availability_zones = ["us-west-2a"] 1295 1296 listener { 1297 instance_port = 8000 1298 instance_protocol = "http" 1299 lb_port = 80 1300 lb_protocol = "http" 1301 } 1302 1303 idle_timeout = 400 1304 } 1305 ` 1306 1307 const testAccAWSELBConfigConnectionDraining = ` 1308 resource "aws_elb" "bar" { 1309 availability_zones = ["us-west-2a"] 1310 1311 listener { 1312 instance_port = 8000 1313 instance_protocol = "http" 1314 lb_port = 80 1315 lb_protocol = "http" 1316 } 1317 1318 connection_draining = true 1319 connection_draining_timeout = 400 1320 } 1321 ` 1322 1323 const testAccAWSELBConfigConnectionDraining_update_timeout = ` 1324 resource "aws_elb" "bar" { 1325 availability_zones = ["us-west-2a"] 1326 1327 listener { 1328 instance_port = 8000 1329 instance_protocol = "http" 1330 lb_port = 80 1331 lb_protocol = "http" 1332 } 1333 1334 connection_draining = true 1335 connection_draining_timeout = 600 1336 } 1337 ` 1338 1339 const testAccAWSELBConfigConnectionDraining_update_disable = ` 1340 resource "aws_elb" "bar" { 1341 availability_zones = ["us-west-2a"] 1342 1343 listener { 1344 instance_port = 8000 1345 instance_protocol = "http" 1346 lb_port = 80 1347 lb_protocol = "http" 1348 } 1349 1350 connection_draining = false 1351 } 1352 ` 1353 1354 const testAccAWSELBConfigSecurityGroups = ` 1355 resource "aws_elb" "bar" { 1356 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1357 1358 listener { 1359 instance_port = 8000 1360 instance_protocol = "http" 1361 lb_port = 80 1362 lb_protocol = "http" 1363 } 1364 1365 security_groups = ["${aws_security_group.bar.id}"] 1366 } 1367 1368 resource "aws_security_group" "bar" { 1369 ingress { 1370 protocol = "tcp" 1371 from_port = 80 1372 to_port = 80 1373 cidr_blocks = ["0.0.0.0/0"] 1374 } 1375 1376 tags { 1377 Name = "tf_elb_sg_test" 1378 } 1379 } 1380 ` 1381 1382 // This IAM Server config is lifted from 1383 // builtin/providers/aws/resource_aws_iam_server_certificate_test.go 1384 func testAccELBIAMServerCertConfig(certName string) string { 1385 return fmt.Sprintf(` 1386 resource "aws_iam_server_certificate" "test_cert" { 1387 name = "%s" 1388 certificate_body = <<EOF 1389 -----BEGIN CERTIFICATE----- 1390 MIIDBjCCAe4CCQCGWwBmOiHQdTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJB 1391 VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0 1392 cyBQdHkgTHRkMB4XDTE2MDYyMTE2MzM0MVoXDTE3MDYyMTE2MzM0MVowRTELMAkG 1393 A1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0 1394 IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB 1395 AL+LFlsCJG5txZp4yuu+lQnuUrgBXRG+irQqcTXlV91Bp5hpmRIyhnGCtWxxDBUL 1396 xrh4WN3VV/0jDzKT976oLgOy3hj56Cdqf+JlZ1qgMN5bHB3mm3aVWnrnsLbBsfwZ 1397 SEbk3Kht/cE1nK2toNVW+rznS3m+eoV3Zn/DUNwGlZr42hGNs6ETn2jURY78ETqR 1398 mW47xvjf86eIo7vULHJaY6xyarPqkL8DZazOmvY06hUGvGwGBny7gugfXqDG+I8n 1399 cPBsGJGSAmHmVV8o0RCB9UjY+TvSMQRpEDoVlvyrGuglsD8to/4+7UcsuDGlRYN6 1400 jmIOC37mOi/jwRfWL1YUa4MCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAPDxTH0oQ 1401 JjKXoJgkmQxurB81RfnK/NrswJVzWbOv6ejcbhwh+/ZgJTMc15BrYcxU6vUW1V/i 1402 Z7APU0qJ0icECACML+a2fRI7YdLCTiPIOmY66HY8MZHAn3dGjU5TeiUflC0n0zkP 1403 mxKJe43kcYLNDItbfvUDo/GoxTXrC3EFVZyU0RhFzoVJdODlTHXMVFCzcbQEBrBJ 1404 xKdShCEc8nFMneZcGFeEU488ntZoWzzms8/QpYrKa5S0Sd7umEU2Kwu4HTkvUFg/ 1405 CqDUFjhydXxYRsxXBBrEiLOE5BdtJR1sH/QHxIJe23C9iHI2nS1NbLziNEApLwC4 1406 GnSud83VUo9G9w== 1407 -----END CERTIFICATE----- 1408 EOF 1409 1410 private_key = <<EOF 1411 -----BEGIN RSA PRIVATE KEY----- 1412 MIIEowIBAAKCAQEAv4sWWwIkbm3FmnjK676VCe5SuAFdEb6KtCpxNeVX3UGnmGmZ 1413 EjKGcYK1bHEMFQvGuHhY3dVX/SMPMpP3vqguA7LeGPnoJ2p/4mVnWqAw3lscHeab 1414 dpVaeuewtsGx/BlIRuTcqG39wTWcra2g1Vb6vOdLeb56hXdmf8NQ3AaVmvjaEY2z 1415 oROfaNRFjvwROpGZbjvG+N/zp4iju9QsclpjrHJqs+qQvwNlrM6a9jTqFQa8bAYG 1416 fLuC6B9eoMb4jydw8GwYkZICYeZVXyjREIH1SNj5O9IxBGkQOhWW/Ksa6CWwPy2j 1417 /j7tRyy4MaVFg3qOYg4LfuY6L+PBF9YvVhRrgwIDAQABAoIBAFqJ4h1Om+3e0WK8 1418 6h4YzdYN4ue7LUTv7hxPW4gASlH5cMDoWURywX3yLNN/dBiWom4b5NWmvJqY8dwU 1419 eSyTznxNFhJ0PjozaxOWnw4FXlQceOPhV2bsHgKudadNU1Y4lSN9lpe+tg2Xy+GE 1420 ituM66RTKCf502w3DioiJpx6OEkxuhrnsQAWNcGB0MnTukm2f+629V+04R5MT5V1 1421 nY+5Phx2BpHgYzWBKh6Px1puu7xFv5SMQda1ndlPIKb4cNp0yYn+1lHNjbOE7QL/ 1422 oEpWgrauS5Zk/APK33v/p3wVYHrKocIFHlPiCW0uIJJLsOZDY8pQXpTlc+/xGLLy 1423 WBu4boECgYEA6xO+1UNh6ndJ3xGuNippH+ucTi/uq1+0tG1bd63v+75tn5l4LyY2 1424 CWHRaWVlVn+WnDslkQTJzFD68X+9M7Cc4oP6WnhTyPamG7HlGv5JxfFHTC9GOKmz 1425 sSc624BDmqYJ7Xzyhe5kc3iHzqG/L72ZF1aijZdrodQMSY1634UX6aECgYEA0Jdr 1426 cBPSN+mgmEY6ogN5h7sO5uNV3TQQtW2IslfWZn6JhSRF4Rf7IReng48CMy9ZhFBy 1427 Q7H2I1pDGjEC9gQHhgVfm+FyMSVqXfCHEW/97pvvu9ougHA0MhPep1twzTGrqg+K 1428 f3PLW8hVkGyCrTfWgbDlPsHgsocA/wTaQOheaqMCgYBat5z+WemQfQZh8kXDm2xE 1429 KD2Cota9BcsLkeQpdFNXWC6f167cqydRSZFx1fJchhJOKjkeFLX3hgzBY6VVLEPu 1430 2jWj8imLNTv3Fhiu6RD5NVppWRkFRuAUbmo1SPNN2+Oa5YwGCXB0a0Alip/oQYex 1431 zPogIB4mLlmrjNCtL4SB4QKBgCEHKMrZSJrz0irqS9RlanPUaZqjenAJE3A2xMNA 1432 Z0FZXdsIEEyA6JGn1i1dkoKaR7lMp5sSbZ/RZfiatBZSMwLEjQv4mYUwoHP5Ztma 1433 +wEyDbaX6G8L1Sfsv3+OWgETkVPfHBXsNtH0mZ/BnrtgsQVeBh52wmZiPAUlNo26 1434 fWCzAoGBAJOjqovLelLWzyQGqPFx/MwuI56UFXd1CmFlCIvF2WxCFmk3tlExoCN1 1435 HqSpt92vsgYgV7+lAb4U7Uy/v012gwiU1LK+vyAE9geo3pTjG73BNzG4H547xtbY 1436 dg+Sd4Wjm89UQoUUoiIcstY7FPbqfBtYKfh4RYHAHV2BwDFqzZCM 1437 -----END RSA PRIVATE KEY----- 1438 EOF 1439 } 1440 1441 resource "aws_elb" "bar" { 1442 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 1443 1444 listener { 1445 instance_port = 8000 1446 instance_protocol = "https" 1447 lb_port = 80 1448 // Protocol should be case insensitive 1449 lb_protocol = "HttPs" 1450 ssl_certificate_id = "${aws_iam_server_certificate.test_cert.arn}" 1451 } 1452 1453 tags { 1454 bar = "baz" 1455 } 1456 1457 cross_zone_load_balancing = true 1458 } 1459 `, certName) 1460 } 1461 1462 const testAccAWSELBConfig_subnets = ` 1463 provider "aws" { 1464 region = "us-west-2" 1465 } 1466 1467 resource "aws_vpc" "azelb" { 1468 cidr_block = "10.1.0.0/16" 1469 enable_dns_hostnames = true 1470 1471 tags { 1472 Name = "subnet-vpc" 1473 } 1474 } 1475 1476 resource "aws_subnet" "public_a_one" { 1477 vpc_id = "${aws_vpc.azelb.id}" 1478 1479 cidr_block = "10.1.1.0/24" 1480 availability_zone = "us-west-2a" 1481 } 1482 1483 resource "aws_subnet" "public_b_one" { 1484 vpc_id = "${aws_vpc.azelb.id}" 1485 1486 cidr_block = "10.1.7.0/24" 1487 availability_zone = "us-west-2b" 1488 } 1489 1490 resource "aws_subnet" "public_a_two" { 1491 vpc_id = "${aws_vpc.azelb.id}" 1492 1493 cidr_block = "10.1.2.0/24" 1494 availability_zone = "us-west-2a" 1495 } 1496 1497 resource "aws_elb" "ourapp" { 1498 name = "terraform-asg-deployment-example" 1499 1500 subnets = [ 1501 "${aws_subnet.public_a_one.id}", 1502 "${aws_subnet.public_b_one.id}", 1503 ] 1504 1505 listener { 1506 instance_port = 80 1507 instance_protocol = "http" 1508 lb_port = 80 1509 lb_protocol = "http" 1510 } 1511 1512 depends_on = ["aws_internet_gateway.gw"] 1513 } 1514 1515 resource "aws_internet_gateway" "gw" { 1516 vpc_id = "${aws_vpc.azelb.id}" 1517 1518 tags { 1519 Name = "main" 1520 } 1521 } 1522 ` 1523 1524 const testAccAWSELBConfig_subnet_swap = ` 1525 provider "aws" { 1526 region = "us-west-2" 1527 } 1528 1529 resource "aws_vpc" "azelb" { 1530 cidr_block = "10.1.0.0/16" 1531 enable_dns_hostnames = true 1532 1533 tags { 1534 Name = "subnet-vpc" 1535 } 1536 } 1537 1538 resource "aws_subnet" "public_a_one" { 1539 vpc_id = "${aws_vpc.azelb.id}" 1540 1541 cidr_block = "10.1.1.0/24" 1542 availability_zone = "us-west-2a" 1543 } 1544 1545 resource "aws_subnet" "public_b_one" { 1546 vpc_id = "${aws_vpc.azelb.id}" 1547 1548 cidr_block = "10.1.7.0/24" 1549 availability_zone = "us-west-2b" 1550 } 1551 1552 resource "aws_subnet" "public_a_two" { 1553 vpc_id = "${aws_vpc.azelb.id}" 1554 1555 cidr_block = "10.1.2.0/24" 1556 availability_zone = "us-west-2a" 1557 } 1558 1559 resource "aws_elb" "ourapp" { 1560 name = "terraform-asg-deployment-example" 1561 1562 subnets = [ 1563 "${aws_subnet.public_a_two.id}", 1564 "${aws_subnet.public_b_one.id}", 1565 ] 1566 1567 listener { 1568 instance_port = 80 1569 instance_protocol = "http" 1570 lb_port = 80 1571 lb_protocol = "http" 1572 } 1573 1574 depends_on = ["aws_internet_gateway.gw"] 1575 } 1576 1577 resource "aws_internet_gateway" "gw" { 1578 vpc_id = "${aws_vpc.azelb.id}" 1579 1580 tags { 1581 Name = "main" 1582 } 1583 } 1584 `