github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_sns_topic_test.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	"github.com/aws/aws-sdk-go/aws"
     8  	"github.com/aws/aws-sdk-go/aws/awserr"
     9  	"github.com/aws/aws-sdk-go/service/sns"
    10  	"github.com/hashicorp/terraform/helper/acctest"
    11  	"github.com/hashicorp/terraform/helper/resource"
    12  	"github.com/hashicorp/terraform/terraform"
    13  	"github.com/jen20/awspolicyequivalence"
    14  )
    15  
    16  func TestAccAWSSNSTopic_basic(t *testing.T) {
    17  	resource.Test(t, resource.TestCase{
    18  		PreCheck:      func() { testAccPreCheck(t) },
    19  		IDRefreshName: "aws_sns_topic.test_topic",
    20  		Providers:     testAccProviders,
    21  		CheckDestroy:  testAccCheckAWSSNSTopicDestroy,
    22  		Steps: []resource.TestStep{
    23  			resource.TestStep{
    24  				Config: testAccAWSSNSTopicConfig,
    25  				Check: resource.ComposeTestCheckFunc(
    26  					testAccCheckAWSSNSTopicExists("aws_sns_topic.test_topic"),
    27  				),
    28  			},
    29  		},
    30  	})
    31  }
    32  
    33  func TestAccAWSSNSTopic_policy(t *testing.T) {
    34  	rName := acctest.RandString(10)
    35  	expectedPolicy := `{"Statement":[{"Sid":"Stmt1445931846145","Effect":"Allow","Principal":{"AWS":"*"},"Action":"sns:Publish","Resource":"arn:aws:sns:us-west-2::example"}],"Version":"2012-10-17","Id":"Policy1445931846145"}`
    36  	resource.Test(t, resource.TestCase{
    37  		PreCheck:      func() { testAccPreCheck(t) },
    38  		IDRefreshName: "aws_sns_topic.test_topic",
    39  		Providers:     testAccProviders,
    40  		CheckDestroy:  testAccCheckAWSSNSTopicDestroy,
    41  		Steps: []resource.TestStep{
    42  			resource.TestStep{
    43  				Config: testAccAWSSNSTopicWithPolicy(rName),
    44  				Check: resource.ComposeTestCheckFunc(
    45  					testAccCheckAWSSNSTopicExists("aws_sns_topic.test_topic"),
    46  					testAccCheckAWSNSTopicHasPolicy("aws_sns_topic.test_topic", expectedPolicy),
    47  				),
    48  			},
    49  		},
    50  	})
    51  }
    52  
    53  func TestAccAWSSNSTopic_withIAMRole(t *testing.T) {
    54  	resource.Test(t, resource.TestCase{
    55  		PreCheck:      func() { testAccPreCheck(t) },
    56  		IDRefreshName: "aws_sns_topic.test_topic",
    57  		Providers:     testAccProviders,
    58  		CheckDestroy:  testAccCheckAWSSNSTopicDestroy,
    59  		Steps: []resource.TestStep{
    60  			resource.TestStep{
    61  				Config: testAccAWSSNSTopicConfig_withIAMRole,
    62  				Check: resource.ComposeTestCheckFunc(
    63  					testAccCheckAWSSNSTopicExists("aws_sns_topic.test_topic"),
    64  				),
    65  			},
    66  		},
    67  	})
    68  }
    69  
    70  func testAccCheckAWSNSTopicHasPolicy(n string, expectedPolicyText string) resource.TestCheckFunc {
    71  	return func(s *terraform.State) error {
    72  		rs, ok := s.RootModule().Resources[n]
    73  		if !ok {
    74  			return fmt.Errorf("Not found: %s", n)
    75  		}
    76  
    77  		if rs.Primary.ID == "" {
    78  			return fmt.Errorf("No Queue URL specified!")
    79  		}
    80  
    81  		if !ok {
    82  			return fmt.Errorf("Not found: %s", n)
    83  		}
    84  
    85  		if rs.Primary.ID == "" {
    86  			return fmt.Errorf("No SNS topic with that ARN exists")
    87  		}
    88  
    89  		conn := testAccProvider.Meta().(*AWSClient).snsconn
    90  
    91  		params := &sns.GetTopicAttributesInput{
    92  			TopicArn: aws.String(rs.Primary.ID),
    93  		}
    94  		resp, err := conn.GetTopicAttributes(params)
    95  		if err != nil {
    96  			return err
    97  		}
    98  
    99  		var actualPolicyText string
   100  		for k, v := range resp.Attributes {
   101  			if k == "Policy" {
   102  				actualPolicyText = *v
   103  				break
   104  			}
   105  		}
   106  
   107  		equivalent, err := awspolicy.PoliciesAreEquivalent(actualPolicyText, expectedPolicyText)
   108  		if err != nil {
   109  			return fmt.Errorf("Error testing policy equivalence: %s", err)
   110  		}
   111  		if !equivalent {
   112  			return fmt.Errorf("Non-equivalent policy error:\n\nexpected: %s\n\n     got: %s\n",
   113  				expectedPolicyText, actualPolicyText)
   114  		}
   115  
   116  		return nil
   117  	}
   118  }
   119  
   120  func testAccCheckAWSSNSTopicDestroy(s *terraform.State) error {
   121  	conn := testAccProvider.Meta().(*AWSClient).snsconn
   122  
   123  	for _, rs := range s.RootModule().Resources {
   124  		if rs.Type != "aws_sns_topic" {
   125  			continue
   126  		}
   127  
   128  		// Check if the topic exists by fetching its attributes
   129  		params := &sns.GetTopicAttributesInput{
   130  			TopicArn: aws.String(rs.Primary.ID),
   131  		}
   132  		_, err := conn.GetTopicAttributes(params)
   133  		if err == nil {
   134  			return fmt.Errorf("Topic exists when it should be destroyed!")
   135  		}
   136  
   137  		// Verify the error is an API error, not something else
   138  		_, ok := err.(awserr.Error)
   139  		if !ok {
   140  			return err
   141  		}
   142  	}
   143  
   144  	return nil
   145  }
   146  
   147  func testAccCheckAWSSNSTopicExists(n string) resource.TestCheckFunc {
   148  	return func(s *terraform.State) error {
   149  		rs, ok := s.RootModule().Resources[n]
   150  		if !ok {
   151  			return fmt.Errorf("Not found: %s", n)
   152  		}
   153  
   154  		if rs.Primary.ID == "" {
   155  			return fmt.Errorf("No SNS topic with that ARN exists")
   156  		}
   157  
   158  		conn := testAccProvider.Meta().(*AWSClient).snsconn
   159  
   160  		params := &sns.GetTopicAttributesInput{
   161  			TopicArn: aws.String(rs.Primary.ID),
   162  		}
   163  		_, err := conn.GetTopicAttributes(params)
   164  
   165  		if err != nil {
   166  			return err
   167  		}
   168  
   169  		return nil
   170  	}
   171  }
   172  
   173  const testAccAWSSNSTopicConfig = `
   174  resource "aws_sns_topic" "test_topic" {
   175      name = "terraform-test-topic"
   176  }
   177  `
   178  
   179  func testAccAWSSNSTopicWithPolicy(r string) string {
   180  	return fmt.Sprintf(`
   181  resource "aws_sns_topic" "test_topic" {
   182    name = "example-%s"
   183    policy = <<EOF
   184  {
   185    "Statement": [
   186      {
   187        "Sid": "Stmt1445931846145",
   188        "Effect": "Allow",
   189        "Principal": {
   190          "AWS": "*"
   191         },
   192        "Action": "sns:Publish",
   193        "Resource": "arn:aws:sns:us-west-2::example"
   194      }
   195    ],
   196    "Version": "2012-10-17",
   197    "Id": "Policy1445931846145"
   198  }
   199  EOF
   200  }
   201  `, r)
   202  }
   203  
   204  // Test for https://github.com/hashicorp/terraform/issues/3660
   205  const testAccAWSSNSTopicConfig_withIAMRole = `
   206  resource "aws_iam_role" "example" {
   207    name = "terraform_bug"
   208    path = "/test/"
   209    assume_role_policy = <<EOF
   210  {
   211    "Version": "2012-10-17",
   212    "Statement": [
   213      {
   214        "Action": "sts:AssumeRole",
   215        "Principal": {
   216          "Service": "ec2.amazonaws.com"
   217        },
   218        "Effect": "Allow",
   219        "Sid": ""
   220      }
   221    ]
   222  }
   223  EOF
   224  }
   225  
   226  resource "aws_sns_topic" "test_topic" {
   227    name = "example"
   228    policy = <<EOF
   229  {
   230    "Statement": [
   231      {
   232        "Sid": "Stmt1445931846145",
   233        "Effect": "Allow",
   234        "Principal": {
   235          "AWS": "${aws_iam_role.example.arn}"
   236  			},
   237        "Action": "sns:Publish",
   238        "Resource": "arn:aws:sns:us-west-2::example"
   239      }
   240    ],
   241    "Version": "2012-10-17",
   242    "Id": "Policy1445931846145"
   243  }
   244  EOF
   245  }
   246  `