provider/aws: Add tests for CloudTrail tags

This commit is contained in:
Radek Simko 2016-02-15 14:10:36 +00:00
parent fb0838ce1b
commit 3f66347025
2 changed files with 193 additions and 0 deletions

View File

@ -2,6 +2,7 @@ package aws
import ( import (
"fmt" "fmt"
"log"
"math/rand" "math/rand"
"testing" "testing"
"time" "time"
@ -157,6 +158,53 @@ func TestAccAWSCloudTrail_logValidation(t *testing.T) {
}) })
} }
func TestAccAWSCloudTrail_tags(t *testing.T) {
var trail cloudtrail.Trail
var trailTags []*cloudtrail.Tag
var trailTagsModified []*cloudtrail.Tag
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSCloudTrailDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSCloudTrailConfig_tags,
Check: resource.ComposeTestCheckFunc(
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "tags.#", "2"),
testAccCheckCloudTrailLoadTags(&trail, &trailTags),
testAccCheckCloudTrailCheckTags(&trailTags, map[string]string{"Foo": "moo", "Pooh": "hi"}),
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
),
},
resource.TestStep{
Config: testAccAWSCloudTrailConfig_tagsModified,
Check: resource.ComposeTestCheckFunc(
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "tags.#", "3"),
testAccCheckCloudTrailLoadTags(&trail, &trailTagsModified),
testAccCheckCloudTrailCheckTags(&trailTagsModified, map[string]string{"Foo": "moo", "Moo": "boom", "Pooh": "hi"}),
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
),
},
resource.TestStep{
Config: testAccAWSCloudTrailConfig_tagsModifiedAgain,
Check: resource.ComposeTestCheckFunc(
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "tags.#", "0"),
testAccCheckCloudTrailLoadTags(&trail, &trailTagsModified),
testAccCheckCloudTrailCheckTags(&trailTagsModified, map[string]string{}),
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
),
},
},
})
}
func testAccCheckCloudTrailExists(n string, trail *cloudtrail.Trail) resource.TestCheckFunc { func testAccCheckCloudTrailExists(n string, trail *cloudtrail.Trail) resource.TestCheckFunc {
return func(s *terraform.State) error { return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n] rs, ok := s.RootModule().Resources[n]
@ -299,6 +347,25 @@ func testAccCheckAWSCloudTrailDestroy(s *terraform.State) error {
return nil return nil
} }
func testAccCheckCloudTrailLoadTags(trail *cloudtrail.Trail, tags *[]*cloudtrail.Tag) resource.TestCheckFunc {
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).cloudtrailconn
input := cloudtrail.ListTagsInput{
ResourceIdList: []*string{trail.TrailARN},
}
out, err := conn.ListTags(&input)
if err != nil {
return err
}
log.Printf("[DEBUG] Received CloudTrail tags during test: %s", out)
if len(out.ResourceTagList) > 0 {
*tags = out.ResourceTagList[0].TagsList
}
log.Printf("[DEBUG] Loading CloudTrail tags into a var: %s", *tags)
return nil
}
}
var cloudTrailRandInt = rand.New(rand.NewSource(time.Now().UnixNano())).Int() var cloudTrailRandInt = rand.New(rand.NewSource(time.Now().UnixNano())).Int()
var testAccAWSCloudTrailConfig = fmt.Sprintf(` var testAccAWSCloudTrailConfig = fmt.Sprintf(`
@ -498,3 +565,56 @@ resource "aws_s3_bucket" "foo" {
POLICY POLICY
} }
`, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt) `, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)
var testAccAWSCloudTrailConfig_tags_tpl = `
resource "aws_cloudtrail" "foobar" {
name = "tf-acc-trail-log-validation-test"
s3_bucket_name = "${aws_s3_bucket.foo.id}"
%s
}
resource "aws_s3_bucket" "foo" {
bucket = "tf-test-trail-%d"
force_destroy = true
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AWSCloudTrailAclCheck",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetBucketAcl",
"Resource": "arn:aws:s3:::tf-test-trail-%d"
},
{
"Sid": "AWSCloudTrailWrite",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::tf-test-trail-%d/*",
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "bucket-owner-full-control"
}
}
}
]
}
POLICY
}
`
var testAccAWSCloudTrailConfig_tags = fmt.Sprintf(testAccAWSCloudTrailConfig_tags_tpl,
`tags {
Foo = "moo"
Pooh = "hi"
}`, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)
var testAccAWSCloudTrailConfig_tagsModified = fmt.Sprintf(testAccAWSCloudTrailConfig_tags_tpl,
`tags {
Foo = "moo"
Pooh = "hi"
Moo = "boom"
}`, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)
var testAccAWSCloudTrailConfig_tagsModifiedAgain = fmt.Sprintf(testAccAWSCloudTrailConfig_tags_tpl,
"", cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)

View File

@ -0,0 +1,73 @@
package aws
import (
"fmt"
"reflect"
"testing"
"github.com/aws/aws-sdk-go/service/cloudtrail"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestDiffCloudtrailTags(t *testing.T) {
cases := []struct {
Old, New map[string]interface{}
Create, Remove map[string]string
}{
// Basic add/remove
{
Old: map[string]interface{}{
"foo": "bar",
},
New: map[string]interface{}{
"bar": "baz",
},
Create: map[string]string{
"bar": "baz",
},
Remove: map[string]string{
"foo": "bar",
},
},
// Modify
{
Old: map[string]interface{}{
"foo": "bar",
},
New: map[string]interface{}{
"foo": "baz",
},
Create: map[string]string{
"foo": "baz",
},
Remove: map[string]string{
"foo": "bar",
},
},
}
for i, tc := range cases {
c, r := diffTagsCloudtrail(tagsFromMapCloudtrail(tc.Old), tagsFromMapCloudtrail(tc.New))
cm := tagsToMapCloudtrail(c)
rm := tagsToMapCloudtrail(r)
if !reflect.DeepEqual(cm, tc.Create) {
t.Fatalf("%d: bad create: %#v", i, cm)
}
if !reflect.DeepEqual(rm, tc.Remove) {
t.Fatalf("%d: bad remove: %#v", i, rm)
}
}
}
// testAccCheckCloudTrailCheckTags can be used to check the tags on a trail
func testAccCheckCloudTrailCheckTags(tags *[]*cloudtrail.Tag, expectedTags map[string]string) resource.TestCheckFunc {
return func(s *terraform.State) error {
if !reflect.DeepEqual(expectedTags, tagsToMapCloudtrail(*tags)) {
return fmt.Errorf("Tags mismatch.\nExpected: %#v\nGiven: %#v",
expectedTags, tagsToMapCloudtrail(*tags))
}
return nil
}
}