providers/aws: Add ELB Access Logs (continues #3708)
- continues #3708 - adds some tests - other fixes I found along the way
This commit is contained in:
parent
2e03a7ebff
commit
5f7254eb1a
|
@ -106,11 +106,6 @@ func resourceAwsElb() *schema.Resource {
|
||||||
Optional: true,
|
Optional: true,
|
||||||
Elem: &schema.Resource{
|
Elem: &schema.Resource{
|
||||||
Schema: map[string]*schema.Schema{
|
Schema: map[string]*schema.Schema{
|
||||||
"enabled": &schema.Schema{
|
|
||||||
Type: schema.TypeBool,
|
|
||||||
Optional: true,
|
|
||||||
Default: true,
|
|
||||||
},
|
|
||||||
"interval": &schema.Schema{
|
"interval": &schema.Schema{
|
||||||
Type: schema.TypeInt,
|
Type: schema.TypeInt,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
|
@ -333,7 +328,11 @@ func resourceAwsElbRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
d.Set("idle_timeout", lbAttrs.ConnectionSettings.IdleTimeout)
|
d.Set("idle_timeout", lbAttrs.ConnectionSettings.IdleTimeout)
|
||||||
d.Set("connection_draining", lbAttrs.ConnectionDraining.Enabled)
|
d.Set("connection_draining", lbAttrs.ConnectionDraining.Enabled)
|
||||||
d.Set("connection_draining_timeout", lbAttrs.ConnectionDraining.Timeout)
|
d.Set("connection_draining_timeout", lbAttrs.ConnectionDraining.Timeout)
|
||||||
d.Set("access_logs", flattenAccessLog(lbAttrs.AccessLog))
|
if lbAttrs.AccessLog != nil {
|
||||||
|
if err := d.Set("access_logs", flattenAccessLog(lbAttrs.AccessLog)); err != nil {
|
||||||
|
log.Printf("[WARN] Error setting ELB Access Logs for (%s): %s", d.Id(), err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
resp, err := elbconn.DescribeTags(&elb.DescribeTagsInput{
|
resp, err := elbconn.DescribeTags(&elb.DescribeTagsInput{
|
||||||
LoadBalancerNames: []*string{lb.LoadBalancerName},
|
LoadBalancerNames: []*string{lb.LoadBalancerName},
|
||||||
|
@ -453,7 +452,7 @@ func resourceAwsElbUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||||
} else if len(logs) == 1 {
|
} else if len(logs) == 1 {
|
||||||
log := logs[0].(map[string]interface{})
|
log := logs[0].(map[string]interface{})
|
||||||
accessLogs := &elb.AccessLog{
|
accessLogs := &elb.AccessLog{
|
||||||
Enabled: aws.Bool(log["enabled"].(bool)),
|
Enabled: aws.Bool(true),
|
||||||
EmitInterval: aws.Int64(int64(log["interval"].(int))),
|
EmitInterval: aws.Int64(int64(log["interval"].(int))),
|
||||||
S3BucketName: aws.String(log["bucket"].(string)),
|
S3BucketName: aws.String(log["bucket"].(string)),
|
||||||
}
|
}
|
||||||
|
@ -463,8 +462,14 @@ func resourceAwsElbUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
attrs.LoadBalancerAttributes.AccessLog = accessLogs
|
attrs.LoadBalancerAttributes.AccessLog = accessLogs
|
||||||
|
} else if len(logs) == 0 {
|
||||||
|
// disable access logs
|
||||||
|
attrs.LoadBalancerAttributes.AccessLog = &elb.AccessLog{
|
||||||
|
Enabled: aws.Bool(false),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Printf("[DEBUG] ELB Modify Load Balancer Attributes Request: %#v", attrs)
|
||||||
_, err := elbconn.ModifyLoadBalancerAttributes(&attrs)
|
_, err := elbconn.ModifyLoadBalancerAttributes(&attrs)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Failure configuring ELB attributes: %s", err)
|
return fmt.Errorf("Failure configuring ELB attributes: %s", err)
|
||||||
|
@ -600,7 +605,6 @@ func resourceAwsElbHealthCheckHash(v interface{}) int {
|
||||||
func resourceAwsElbAccessLogsHash(v interface{}) int {
|
func resourceAwsElbAccessLogsHash(v interface{}) int {
|
||||||
var buf bytes.Buffer
|
var buf bytes.Buffer
|
||||||
m := v.(map[string]interface{})
|
m := v.(map[string]interface{})
|
||||||
buf.WriteString(fmt.Sprintf("%t-", m["enabled"].(bool)))
|
|
||||||
buf.WriteString(fmt.Sprintf("%d-", m["interval"].(int)))
|
buf.WriteString(fmt.Sprintf("%d-", m["interval"].(int)))
|
||||||
buf.WriteString(fmt.Sprintf("%s-",
|
buf.WriteString(fmt.Sprintf("%s-",
|
||||||
strings.ToLower(m["bucket"].(string))))
|
strings.ToLower(m["bucket"].(string))))
|
||||||
|
|
|
@ -75,6 +75,52 @@ func TestAccAWSELB_fullCharacterRange(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAccAWSELB_AccessLogs(t *testing.T) {
|
||||||
|
var conf elb.LoadBalancerDescription
|
||||||
|
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
CheckDestroy: testAccCheckAWSELBDestroy,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccAWSELBAccessLogs,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckAWSELBExists("aws_elb.foo", &conf),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_elb.foo", "name", "FoobarTerraform-test123"),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccAWSELBAccessLogsOn,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckAWSELBExists("aws_elb.foo", &conf),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_elb.foo", "name", "FoobarTerraform-test123"),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_elb.foo", "access_logs.#", "1"),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_elb.foo", "access_logs.1713209538.bucket", "terraform-access-logs-bucket"),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_elb.foo", "access_logs.1713209538.interval", "5"),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccAWSELBAccessLogs,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckAWSELBExists("aws_elb.foo", &conf),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_elb.foo", "name", "FoobarTerraform-test123"),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_elb.foo", "access_logs.#", "0"),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func TestAccAWSELB_generatedName(t *testing.T) {
|
func TestAccAWSELB_generatedName(t *testing.T) {
|
||||||
var conf elb.LoadBalancerDescription
|
var conf elb.LoadBalancerDescription
|
||||||
generatedNameRegexp := regexp.MustCompile("^tf-lb-")
|
generatedNameRegexp := regexp.MustCompile("^tf-lb-")
|
||||||
|
@ -650,6 +696,64 @@ resource "aws_elb" "foo" {
|
||||||
}
|
}
|
||||||
`
|
`
|
||||||
|
|
||||||
|
const testAccAWSELBAccessLogs = `
|
||||||
|
resource "aws_elb" "foo" {
|
||||||
|
name = "FoobarTerraform-test123"
|
||||||
|
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
|
||||||
|
|
||||||
|
listener {
|
||||||
|
instance_port = 8000
|
||||||
|
instance_protocol = "http"
|
||||||
|
lb_port = 80
|
||||||
|
lb_protocol = "http"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`
|
||||||
|
const testAccAWSELBAccessLogsOn = `
|
||||||
|
# an S3 bucket configured for Access logs
|
||||||
|
# The 797873946194 is the AWS ID for us-west-2, so this test
|
||||||
|
# must be ran in us-west-2
|
||||||
|
resource "aws_s3_bucket" "acceslogs_bucket" {
|
||||||
|
bucket = "terraform-access-logs-bucket"
|
||||||
|
acl = "private"
|
||||||
|
force_destroy = true
|
||||||
|
policy = <<EOF
|
||||||
|
{
|
||||||
|
"Id": "Policy1446577137248",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Action": "s3:PutObject",
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": {
|
||||||
|
"AWS": "arn:aws:iam::797873946194:root"
|
||||||
|
},
|
||||||
|
"Resource": "arn:aws:s3:::terraform-access-logs-bucket/*",
|
||||||
|
"Sid": "Stmt1446575236270"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Version": "2012-10-17"
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_elb" "foo" {
|
||||||
|
name = "FoobarTerraform-test123"
|
||||||
|
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
|
||||||
|
|
||||||
|
listener {
|
||||||
|
instance_port = 8000
|
||||||
|
instance_protocol = "http"
|
||||||
|
lb_port = 80
|
||||||
|
lb_protocol = "http"
|
||||||
|
}
|
||||||
|
|
||||||
|
access_logs {
|
||||||
|
interval = 5
|
||||||
|
bucket = "${aws_s3_bucket.acceslogs_bucket.bucket}"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`
|
||||||
|
|
||||||
const testAccAWSELBGeneratedName = `
|
const testAccAWSELBGeneratedName = `
|
||||||
resource "aws_elb" "foo" {
|
resource "aws_elb" "foo" {
|
||||||
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
|
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
|
||||||
|
|
|
@ -239,12 +239,23 @@ func flattenAccessLog(log *elb.AccessLog) []map[string]interface{} {
|
||||||
result := make([]map[string]interface{}, 0, 1)
|
result := make([]map[string]interface{}, 0, 1)
|
||||||
|
|
||||||
if log != nil {
|
if log != nil {
|
||||||
result = append(result, map[string]interface{}{
|
r := make(map[string]interface{})
|
||||||
"enabled": *log.Enabled,
|
// enabled is the only value we can rely on to not be nil
|
||||||
"interval": *log.EmitInterval,
|
r["enabled"] = *log.Enabled
|
||||||
"bucket": *log.S3BucketName,
|
|
||||||
"bucket_prefix": *log.S3BucketPrefix,
|
if log.S3BucketName != nil {
|
||||||
})
|
r["bucket"] = *log.S3BucketName
|
||||||
|
}
|
||||||
|
|
||||||
|
if log.S3BucketPrefix != nil {
|
||||||
|
r["bucket_prefix"] = *log.S3BucketPrefix
|
||||||
|
}
|
||||||
|
|
||||||
|
if log.EmitInterval != nil {
|
||||||
|
r["interval"] = *log.EmitInterval
|
||||||
|
}
|
||||||
|
|
||||||
|
result = append(result, r)
|
||||||
}
|
}
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
Loading…
Reference in New Issue