github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_waf_ipset_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 10 "github.com/aws/aws-sdk-go/aws" 11 "github.com/aws/aws-sdk-go/aws/awserr" 12 "github.com/aws/aws-sdk-go/service/waf" 13 "github.com/hashicorp/terraform/helper/acctest" 14 ) 15 16 func TestAccAWSWafIPSet_basic(t *testing.T) { 17 var v waf.IPSet 18 ipsetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) 19 20 resource.Test(t, resource.TestCase{ 21 PreCheck: func() { testAccPreCheck(t) }, 22 Providers: testAccProviders, 23 CheckDestroy: testAccCheckAWSWafIPSetDestroy, 24 Steps: []resource.TestStep{ 25 resource.TestStep{ 26 Config: testAccAWSWafIPSetConfig(ipsetName), 27 Check: resource.ComposeTestCheckFunc( 28 testAccCheckAWSWafIPSetExists("aws_waf_ipset.ipset", &v), 29 resource.TestCheckResourceAttr( 30 "aws_waf_ipset.ipset", "name", ipsetName), 31 resource.TestCheckResourceAttr( 32 "aws_waf_ipset.ipset", "ip_set_descriptors.4037960608.type", "IPV4"), 33 resource.TestCheckResourceAttr( 34 "aws_waf_ipset.ipset", "ip_set_descriptors.4037960608.value", "192.0.7.0/24"), 35 ), 36 }, 37 }, 38 }) 39 } 40 41 func TestAccAWSWafIPSet_disappears(t *testing.T) { 42 var v waf.IPSet 43 ipsetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) 44 resource.Test(t, resource.TestCase{ 45 PreCheck: func() { testAccPreCheck(t) }, 46 Providers: testAccProviders, 47 CheckDestroy: testAccCheckAWSWafIPSetDestroy, 48 Steps: []resource.TestStep{ 49 { 50 Config: testAccAWSWafIPSetConfig(ipsetName), 51 Check: resource.ComposeTestCheckFunc( 52 testAccCheckAWSWafIPSetExists("aws_waf_ipset.ipset", &v), 53 testAccCheckAWSWafIPSetDisappears(&v), 54 ), 55 ExpectNonEmptyPlan: true, 56 }, 57 }, 58 }) 59 } 60 61 func TestAccAWSWafIPSet_changeNameForceNew(t *testing.T) { 62 var before, after waf.IPSet 63 ipsetName := fmt.Sprintf("ip-set-%s", acctest.RandString(5)) 64 ipsetNewName := fmt.Sprintf("ip-set-new-%s", acctest.RandString(5)) 65 66 resource.Test(t, resource.TestCase{ 67 PreCheck: func() { testAccPreCheck(t) }, 68 Providers: testAccProviders, 69 CheckDestroy: testAccCheckAWSWafIPSetDestroy, 70 Steps: []resource.TestStep{ 71 { 72 Config: testAccAWSWafIPSetConfig(ipsetName), 73 Check: resource.ComposeAggregateTestCheckFunc( 74 testAccCheckAWSWafIPSetExists("aws_waf_ipset.ipset", &before), 75 resource.TestCheckResourceAttr( 76 "aws_waf_ipset.ipset", "name", ipsetName), 77 resource.TestCheckResourceAttr( 78 "aws_waf_ipset.ipset", "ip_set_descriptors.4037960608.type", "IPV4"), 79 resource.TestCheckResourceAttr( 80 "aws_waf_ipset.ipset", "ip_set_descriptors.4037960608.value", "192.0.7.0/24"), 81 ), 82 }, 83 { 84 Config: testAccAWSWafIPSetConfigChangeName(ipsetNewName), 85 Check: resource.ComposeAggregateTestCheckFunc( 86 testAccCheckAWSWafIPSetExists("aws_waf_ipset.ipset", &after), 87 resource.TestCheckResourceAttr( 88 "aws_waf_ipset.ipset", "name", ipsetNewName), 89 resource.TestCheckResourceAttr( 90 "aws_waf_ipset.ipset", "ip_set_descriptors.4037960608.type", "IPV4"), 91 resource.TestCheckResourceAttr( 92 "aws_waf_ipset.ipset", "ip_set_descriptors.4037960608.value", "192.0.7.0/24"), 93 ), 94 }, 95 }, 96 }) 97 } 98 99 func testAccCheckAWSWafIPSetDisappears(v *waf.IPSet) resource.TestCheckFunc { 100 return func(s *terraform.State) error { 101 conn := testAccProvider.Meta().(*AWSClient).wafconn 102 103 // ChangeToken 104 var ct *waf.GetChangeTokenInput 105 106 resp, err := conn.GetChangeToken(ct) 107 if err != nil { 108 return fmt.Errorf("Error getting change token: %s", err) 109 } 110 111 req := &waf.UpdateIPSetInput{ 112 ChangeToken: resp.ChangeToken, 113 IPSetId: v.IPSetId, 114 } 115 116 for _, IPSetDescriptor := range v.IPSetDescriptors { 117 IPSetUpdate := &waf.IPSetUpdate{ 118 Action: aws.String("DELETE"), 119 IPSetDescriptor: &waf.IPSetDescriptor{ 120 Type: IPSetDescriptor.Type, 121 Value: IPSetDescriptor.Value, 122 }, 123 } 124 req.Updates = append(req.Updates, IPSetUpdate) 125 } 126 127 _, err = conn.UpdateIPSet(req) 128 if err != nil { 129 return fmt.Errorf("Error Updating WAF IPSet: %s", err) 130 } 131 132 resp, err = conn.GetChangeToken(ct) 133 if err != nil { 134 return fmt.Errorf("Error getting change token for waf IPSet: %s", err) 135 } 136 137 opts := &waf.DeleteIPSetInput{ 138 ChangeToken: resp.ChangeToken, 139 IPSetId: v.IPSetId, 140 } 141 if _, err := conn.DeleteIPSet(opts); err != nil { 142 return err 143 } 144 return nil 145 } 146 } 147 148 func testAccCheckAWSWafIPSetDestroy(s *terraform.State) error { 149 for _, rs := range s.RootModule().Resources { 150 if rs.Type != "aws_waf_ipset" { 151 continue 152 } 153 154 conn := testAccProvider.Meta().(*AWSClient).wafconn 155 resp, err := conn.GetIPSet( 156 &waf.GetIPSetInput{ 157 IPSetId: aws.String(rs.Primary.ID), 158 }) 159 160 if err == nil { 161 if *resp.IPSet.IPSetId == rs.Primary.ID { 162 return fmt.Errorf("WAF IPSet %s still exists", rs.Primary.ID) 163 } 164 } 165 166 // Return nil if the IPSet is already destroyed 167 if awsErr, ok := err.(awserr.Error); ok { 168 if awsErr.Code() == "WAFNonexistentItemException" { 169 return nil 170 } 171 } 172 173 return err 174 } 175 176 return nil 177 } 178 179 func testAccCheckAWSWafIPSetExists(n string, v *waf.IPSet) resource.TestCheckFunc { 180 return func(s *terraform.State) error { 181 rs, ok := s.RootModule().Resources[n] 182 if !ok { 183 return fmt.Errorf("Not found: %s", n) 184 } 185 186 if rs.Primary.ID == "" { 187 return fmt.Errorf("No WAF IPSet ID is set") 188 } 189 190 conn := testAccProvider.Meta().(*AWSClient).wafconn 191 resp, err := conn.GetIPSet(&waf.GetIPSetInput{ 192 IPSetId: aws.String(rs.Primary.ID), 193 }) 194 195 if err != nil { 196 return err 197 } 198 199 if *resp.IPSet.IPSetId == rs.Primary.ID { 200 *v = *resp.IPSet 201 return nil 202 } 203 204 return fmt.Errorf("WAF IPSet (%s) not found", rs.Primary.ID) 205 } 206 } 207 208 func testAccAWSWafIPSetConfig(name string) string { 209 return fmt.Sprintf(` 210 resource "aws_waf_ipset" "ipset" { 211 name = "%s" 212 ip_set_descriptors { 213 type = "IPV4" 214 value = "192.0.7.0/24" 215 } 216 }`, name) 217 } 218 219 func testAccAWSWafIPSetConfigChangeName(name string) string { 220 return fmt.Sprintf(`resource "aws_waf_ipset" "ipset" { 221 name = "%s" 222 ip_set_descriptors { 223 type = "IPV4" 224 value = "192.0.7.0/24" 225 } 226 }`, name) 227 } 228 229 func testAccAWSWafIPSetConfigChangeIPSetDescriptors(name string) string { 230 return fmt.Sprintf(`resource "aws_waf_ipset" "ipset" { 231 name = "%s" 232 ip_set_descriptors { 233 type = "IPV4" 234 value = "192.0.8.0/24" 235 } 236 }`, name) 237 }