github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_iam_group_policy_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/iam" 10 "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 ) 13 14 func TestAccAWSIAMGroupPolicy_basic(t *testing.T) { 15 resource.Test(t, resource.TestCase{ 16 PreCheck: func() { testAccPreCheck(t) }, 17 Providers: testAccProviders, 18 CheckDestroy: testAccCheckIAMGroupPolicyDestroy, 19 Steps: []resource.TestStep{ 20 resource.TestStep{ 21 Config: testAccIAMGroupPolicyConfig, 22 Check: resource.ComposeTestCheckFunc( 23 testAccCheckIAMGroupPolicy( 24 "aws_iam_group.group", 25 "aws_iam_group_policy.foo", 26 ), 27 ), 28 }, 29 resource.TestStep{ 30 Config: testAccIAMGroupPolicyConfigUpdate, 31 Check: resource.ComposeTestCheckFunc( 32 testAccCheckIAMGroupPolicy( 33 "aws_iam_group.group", 34 "aws_iam_group_policy.bar", 35 ), 36 ), 37 }, 38 }, 39 }) 40 } 41 42 func testAccCheckIAMGroupPolicyDestroy(s *terraform.State) error { 43 conn := testAccProvider.Meta().(*AWSClient).iamconn 44 45 for _, rs := range s.RootModule().Resources { 46 if rs.Type != "aws_iam_group_policy" { 47 continue 48 } 49 50 group, name := resourceAwsIamGroupPolicyParseId(rs.Primary.ID) 51 52 request := &iam.GetGroupPolicyInput{ 53 PolicyName: aws.String(name), 54 GroupName: aws.String(group), 55 } 56 57 _, err := conn.GetGroupPolicy(request) 58 if err != nil { 59 // Verify the error is what we want 60 if ae, ok := err.(awserr.Error); ok && ae.Code() == "NoSuchEntity" { 61 continue 62 } 63 return err 64 } 65 66 return fmt.Errorf("still exists") 67 } 68 69 return nil 70 } 71 72 func testAccCheckIAMGroupPolicy( 73 iamGroupResource string, 74 iamGroupPolicyResource string) resource.TestCheckFunc { 75 return func(s *terraform.State) error { 76 rs, ok := s.RootModule().Resources[iamGroupResource] 77 if !ok { 78 return fmt.Errorf("Not Found: %s", iamGroupResource) 79 } 80 81 if rs.Primary.ID == "" { 82 return fmt.Errorf("No ID is set") 83 } 84 85 policy, ok := s.RootModule().Resources[iamGroupPolicyResource] 86 if !ok { 87 return fmt.Errorf("Not Found: %s", iamGroupPolicyResource) 88 } 89 90 iamconn := testAccProvider.Meta().(*AWSClient).iamconn 91 group, name := resourceAwsIamGroupPolicyParseId(policy.Primary.ID) 92 _, err := iamconn.GetGroupPolicy(&iam.GetGroupPolicyInput{ 93 GroupName: aws.String(group), 94 PolicyName: aws.String(name), 95 }) 96 97 if err != nil { 98 return err 99 } 100 101 return nil 102 } 103 } 104 105 const testAccIAMGroupPolicyConfig = ` 106 resource "aws_iam_group" "group" { 107 name = "test_group" 108 path = "/" 109 } 110 111 resource "aws_iam_group_policy" "foo" { 112 name = "foo_policy" 113 group = "${aws_iam_group.group.name}" 114 policy = <<EOF 115 { 116 "Version": "2012-10-17", 117 "Statement": { 118 "Effect": "Allow", 119 "Action": "*", 120 "Resource": "*" 121 } 122 } 123 EOF 124 } 125 ` 126 127 const testAccIAMGroupPolicyConfigUpdate = ` 128 resource "aws_iam_group" "group" { 129 name = "test_group" 130 path = "/" 131 } 132 133 resource "aws_iam_group_policy" "foo" { 134 name = "foo_policy" 135 group = "${aws_iam_group.group.name}" 136 policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" 137 } 138 139 resource "aws_iam_group_policy" "bar" { 140 name = "bar_policy" 141 group = "${aws_iam_group.group.name}" 142 policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" 143 } 144 `