github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_redshift_security_group_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/redshift" 10 "github.com/hashicorp/terraform/helper/acctest" 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 ) 14 15 func TestAccAWSRedshiftSecurityGroup_ingressCidr(t *testing.T) { 16 var v redshift.ClusterSecurityGroup 17 rInt := acctest.RandInt() 18 19 resource.Test(t, resource.TestCase{ 20 PreCheck: func() { testAccPreCheck(t) }, 21 Providers: testAccProviders, 22 CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy, 23 Steps: []resource.TestStep{ 24 { 25 Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidr(rInt), 26 Check: resource.ComposeTestCheckFunc( 27 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 28 resource.TestCheckResourceAttr( 29 "aws_redshift_security_group.bar", "name", fmt.Sprintf("redshift-sg-terraform-%d", rInt)), 30 resource.TestCheckResourceAttr( 31 "aws_redshift_security_group.bar", "description", "Managed by Terraform"), 32 resource.TestCheckResourceAttr( 33 "aws_redshift_security_group.bar", "ingress.2735652665.cidr", "10.0.0.1/24"), 34 resource.TestCheckResourceAttr( 35 "aws_redshift_security_group.bar", "ingress.#", "1"), 36 ), 37 }, 38 }, 39 }) 40 } 41 42 func TestAccAWSRedshiftSecurityGroup_updateIngressCidr(t *testing.T) { 43 var v redshift.ClusterSecurityGroup 44 rInt := acctest.RandInt() 45 46 resource.Test(t, resource.TestCase{ 47 PreCheck: func() { testAccPreCheck(t) }, 48 Providers: testAccProviders, 49 CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy, 50 Steps: []resource.TestStep{ 51 { 52 Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidr(rInt), 53 Check: resource.ComposeTestCheckFunc( 54 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 55 resource.TestCheckResourceAttr( 56 "aws_redshift_security_group.bar", "ingress.#", "1"), 57 ), 58 }, 59 60 { 61 Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidrAdd(rInt), 62 Check: resource.ComposeTestCheckFunc( 63 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 64 resource.TestCheckResourceAttr( 65 "aws_redshift_security_group.bar", "ingress.#", "3"), 66 ), 67 }, 68 69 { 70 Config: testAccAWSRedshiftSecurityGroupConfig_ingressCidrReduce(rInt), 71 Check: resource.ComposeTestCheckFunc( 72 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 73 resource.TestCheckResourceAttr( 74 "aws_redshift_security_group.bar", "ingress.#", "2"), 75 ), 76 }, 77 }, 78 }) 79 } 80 81 func TestAccAWSRedshiftSecurityGroup_ingressSecurityGroup(t *testing.T) { 82 var v redshift.ClusterSecurityGroup 83 rInt := acctest.RandInt() 84 85 resource.Test(t, resource.TestCase{ 86 PreCheck: func() { testAccPreCheck(t) }, 87 Providers: testAccProviders, 88 CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy, 89 Steps: []resource.TestStep{ 90 { 91 Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgId(rInt), 92 Check: resource.ComposeTestCheckFunc( 93 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 94 resource.TestCheckResourceAttr( 95 "aws_redshift_security_group.bar", "name", fmt.Sprintf("redshift-sg-terraform-%d", rInt)), 96 resource.TestCheckResourceAttr( 97 "aws_redshift_security_group.bar", "description", "this is a description"), 98 resource.TestCheckResourceAttr( 99 "aws_redshift_security_group.bar", "ingress.#", "1"), 100 ), 101 }, 102 }, 103 }) 104 } 105 106 func TestAccAWSRedshiftSecurityGroup_updateIngressSecurityGroup(t *testing.T) { 107 var v redshift.ClusterSecurityGroup 108 rInt := acctest.RandInt() 109 110 resource.Test(t, resource.TestCase{ 111 PreCheck: func() { testAccPreCheck(t) }, 112 Providers: testAccProviders, 113 CheckDestroy: testAccCheckAWSRedshiftSecurityGroupDestroy, 114 Steps: []resource.TestStep{ 115 { 116 Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgId(rInt), 117 Check: resource.ComposeTestCheckFunc( 118 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 119 resource.TestCheckResourceAttr( 120 "aws_redshift_security_group.bar", "ingress.#", "1"), 121 ), 122 }, 123 124 { 125 Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgIdAdd(rInt), 126 Check: resource.ComposeTestCheckFunc( 127 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 128 resource.TestCheckResourceAttr( 129 "aws_redshift_security_group.bar", "ingress.#", "3"), 130 ), 131 }, 132 133 { 134 Config: testAccAWSRedshiftSecurityGroupConfig_ingressSgIdReduce(rInt), 135 Check: resource.ComposeTestCheckFunc( 136 testAccCheckAWSRedshiftSecurityGroupExists("aws_redshift_security_group.bar", &v), 137 resource.TestCheckResourceAttr( 138 "aws_redshift_security_group.bar", "ingress.#", "2"), 139 ), 140 }, 141 }, 142 }) 143 } 144 145 func testAccCheckAWSRedshiftSecurityGroupExists(n string, v *redshift.ClusterSecurityGroup) resource.TestCheckFunc { 146 return func(s *terraform.State) error { 147 rs, ok := s.RootModule().Resources[n] 148 if !ok { 149 return fmt.Errorf("Not found: %s", n) 150 } 151 152 if rs.Primary.ID == "" { 153 return fmt.Errorf("No Redshift Security Group ID is set") 154 } 155 156 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 157 158 opts := redshift.DescribeClusterSecurityGroupsInput{ 159 ClusterSecurityGroupName: aws.String(rs.Primary.ID), 160 } 161 162 resp, err := conn.DescribeClusterSecurityGroups(&opts) 163 164 if err != nil { 165 return err 166 } 167 168 if len(resp.ClusterSecurityGroups) != 1 || 169 *resp.ClusterSecurityGroups[0].ClusterSecurityGroupName != rs.Primary.ID { 170 return fmt.Errorf("Redshift Security Group not found") 171 } 172 173 *v = *resp.ClusterSecurityGroups[0] 174 175 return nil 176 } 177 } 178 179 func testAccCheckAWSRedshiftSecurityGroupDestroy(s *terraform.State) error { 180 conn := testAccProvider.Meta().(*AWSClient).redshiftconn 181 182 for _, rs := range s.RootModule().Resources { 183 if rs.Type != "aws_redshift_security_group" { 184 continue 185 } 186 187 // Try to find the Group 188 resp, err := conn.DescribeClusterSecurityGroups( 189 &redshift.DescribeClusterSecurityGroupsInput{ 190 ClusterSecurityGroupName: aws.String(rs.Primary.ID), 191 }) 192 193 if err == nil { 194 if len(resp.ClusterSecurityGroups) != 0 && 195 *resp.ClusterSecurityGroups[0].ClusterSecurityGroupName == rs.Primary.ID { 196 return fmt.Errorf("Redshift Security Group still exists") 197 } 198 } 199 200 // Verify the error 201 newerr, ok := err.(awserr.Error) 202 if !ok { 203 return err 204 } 205 if newerr.Code() != "ClusterSecurityGroupNotFound" { 206 return err 207 } 208 } 209 210 return nil 211 } 212 213 func TestResourceAWSRedshiftSecurityGroupNameValidation(t *testing.T) { 214 cases := []struct { 215 Value string 216 ErrCount int 217 }{ 218 { 219 Value: "default", 220 ErrCount: 1, 221 }, 222 { 223 Value: "testing123%%", 224 ErrCount: 1, 225 }, 226 { 227 Value: "TestingSG", 228 ErrCount: 1, 229 }, 230 { 231 Value: randomString(256), 232 ErrCount: 1, 233 }, 234 } 235 236 for _, tc := range cases { 237 _, errors := validateRedshiftSecurityGroupName(tc.Value, "aws_redshift_security_group_name") 238 239 if len(errors) != tc.ErrCount { 240 t.Fatalf("Expected the Redshift Security Group Name to trigger a validation error") 241 } 242 } 243 } 244 245 func testAccAWSRedshiftSecurityGroupConfig_ingressCidr(rInt int) string { 246 return fmt.Sprintf(` 247 provider "aws" { 248 region = "us-east-1" 249 } 250 251 resource "aws_redshift_security_group" "bar" { 252 name = "redshift-sg-terraform-%d" 253 254 ingress { 255 cidr = "10.0.0.1/24" 256 } 257 }`, rInt) 258 } 259 260 func testAccAWSRedshiftSecurityGroupConfig_ingressCidrAdd(rInt int) string { 261 return fmt.Sprintf(` 262 provider "aws" { 263 region = "us-east-1" 264 } 265 266 resource "aws_redshift_security_group" "bar" { 267 name = "redshift-sg-terraform-%d" 268 description = "this is a description" 269 270 ingress { 271 cidr = "10.0.0.1/24" 272 } 273 274 ingress { 275 cidr = "10.0.10.1/24" 276 } 277 278 ingress { 279 cidr = "10.0.20.1/24" 280 } 281 }`, rInt) 282 } 283 284 func testAccAWSRedshiftSecurityGroupConfig_ingressCidrReduce(rInt int) string { 285 return fmt.Sprintf(` 286 provider "aws" { 287 region = "us-east-1" 288 } 289 290 resource "aws_redshift_security_group" "bar" { 291 name = "redshift-sg-terraform-%d" 292 description = "this is a description" 293 294 ingress { 295 cidr = "10.0.0.1/24" 296 } 297 298 ingress { 299 cidr = "10.0.10.1/24" 300 } 301 }`, rInt) 302 } 303 304 func testAccAWSRedshiftSecurityGroupConfig_ingressSgId(rInt int) string { 305 return fmt.Sprintf(` 306 provider "aws" { 307 region = "us-east-1" 308 } 309 310 resource "aws_security_group" "redshift" { 311 name = "terraform_redshift_test_%d" 312 description = "Used in the redshift acceptance tests" 313 314 ingress { 315 protocol = "tcp" 316 from_port = 22 317 to_port = 22 318 cidr_blocks = ["10.0.0.0/8"] 319 } 320 } 321 322 resource "aws_redshift_security_group" "bar" { 323 name = "redshift-sg-terraform-%d" 324 description = "this is a description" 325 326 ingress { 327 security_group_name = "${aws_security_group.redshift.name}" 328 security_group_owner_id = "${aws_security_group.redshift.owner_id}" 329 } 330 }`, rInt, rInt) 331 } 332 333 func testAccAWSRedshiftSecurityGroupConfig_ingressSgIdAdd(rInt int) string { 334 return fmt.Sprintf(` 335 provider "aws" { 336 region = "us-east-1" 337 } 338 339 resource "aws_security_group" "redshift" { 340 name = "terraform_redshift_test_%d" 341 description = "Used in the redshift acceptance tests" 342 343 ingress { 344 protocol = "tcp" 345 from_port = 22 346 to_port = 22 347 cidr_blocks = ["10.0.0.0/16"] 348 } 349 } 350 351 resource "aws_security_group" "redshift2" { 352 name = "terraform_redshift_test_2_%d" 353 description = "Used in the redshift acceptance tests #2" 354 355 ingress { 356 protocol = "tcp" 357 from_port = 22 358 to_port = 22 359 cidr_blocks = ["10.1.0.0/16"] 360 } 361 } 362 363 resource "aws_security_group" "redshift3" { 364 name = "terraform_redshift_test_3_%d" 365 description = "Used in the redshift acceptance tests #3" 366 367 ingress { 368 protocol = "tcp" 369 from_port = 22 370 to_port = 22 371 cidr_blocks = ["10.2.0.0/16"] 372 } 373 } 374 375 resource "aws_redshift_security_group" "bar" { 376 name = "redshift-sg-terraform-%d" 377 description = "this is a description" 378 379 ingress { 380 security_group_name = "${aws_security_group.redshift.name}" 381 security_group_owner_id = "${aws_security_group.redshift.owner_id}" 382 } 383 384 ingress { 385 security_group_name = "${aws_security_group.redshift2.name}" 386 security_group_owner_id = "${aws_security_group.redshift.owner_id}" 387 } 388 389 ingress { 390 security_group_name = "${aws_security_group.redshift3.name}" 391 security_group_owner_id = "${aws_security_group.redshift.owner_id}" 392 } 393 }`, rInt, rInt, rInt, rInt) 394 } 395 396 func testAccAWSRedshiftSecurityGroupConfig_ingressSgIdReduce(rInt int) string { 397 return fmt.Sprintf(` 398 provider "aws" { 399 region = "us-east-1" 400 } 401 402 resource "aws_security_group" "redshift" { 403 name = "terraform_redshift_test_%d" 404 description = "Used in the redshift acceptance tests" 405 406 ingress { 407 protocol = "tcp" 408 from_port = 22 409 to_port = 22 410 cidr_blocks = ["10.0.0.0/16"] 411 } 412 } 413 414 resource "aws_security_group" "redshift2" { 415 name = "terraform_redshift_test_2_%d" 416 description = "Used in the redshift acceptance tests #2" 417 418 ingress { 419 protocol = "tcp" 420 from_port = 22 421 to_port = 22 422 cidr_blocks = ["10.1.0.0/16"] 423 } 424 } 425 426 resource "aws_redshift_security_group" "bar" { 427 name = "redshift-sg-terraform-%d" 428 description = "this is a description" 429 430 ingress { 431 security_group_name = "${aws_security_group.redshift.name}" 432 security_group_owner_id = "${aws_security_group.redshift.owner_id}" 433 } 434 435 ingress { 436 security_group_name = "${aws_security_group.redshift2.name}" 437 security_group_owner_id = "${aws_security_group.redshift.owner_id}" 438 } 439 }`, rInt, rInt, rInt) 440 }