Add acceptance tests

This commit is contained in:
John Engelman 2015-04-18 15:58:08 -05:00 committed by Phil Frost
parent b082117e92
commit 6ee17a8e9e
10 changed files with 786 additions and 13 deletions

View File

@ -0,0 +1,117 @@
package aws
import (
"fmt"
"testing"
"github.com/awslabs/aws-sdk-go/aws"
"github.com/awslabs/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAWSAccessKey_normal(t *testing.T) {
var conf iam.AccessKeyMetadata
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSAccessKeyDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSAccessKeyConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSAccessKeyExists("aws_iam_access_key.a_key", &conf),
testAccCheckAWSAccessKeyAttributes(&conf),
),
},
},
})
}
func testAccCheckAWSAccessKeyDestroy(s *terraform.State) error {
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
for _, rs := range s.RootModule().Resources {
if rs.Type != "aws_access_key" {
continue
}
// Try to get access key
resp, err := iamconn.ListAccessKeys(&iam.ListAccessKeysInput{
UserName: aws.String(rs.Primary.ID),
})
if err == nil {
if len(resp.AccessKeyMetadata) > 0 {
return fmt.Errorf("still exist.")
}
return nil
}
// Verify the error is what we want
ec2err, ok := err.(aws.APIError)
if !ok {
return err
}
if ec2err.Code != "NoSuchEntity" {
return err
}
}
return nil
}
func testAccCheckAWSAccessKeyExists(n string, res *iam.AccessKeyMetadata) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No Role name is set")
}
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
resp, err := iamconn.ListAccessKeys(&iam.ListAccessKeysInput{
UserName: aws.String("testuser"),
})
if err != nil {
return err
}
if len(resp.AccessKeyMetadata) != 1 ||
*resp.AccessKeyMetadata[0].UserName != "testuser" {
return fmt.Errorf("User not found not found")
}
*res = *resp.AccessKeyMetadata[0]
return nil
}
}
func testAccCheckAWSAccessKeyAttributes(accessKeyMetadata *iam.AccessKeyMetadata) resource.TestCheckFunc {
return func(s *terraform.State) error {
if *accessKeyMetadata.UserName != "testuser" {
return fmt.Errorf("Bad username: %s", *accessKeyMetadata.UserName)
}
if *accessKeyMetadata.Status != "Active" {
return fmt.Errorf("Bad status: %s", *accessKeyMetadata.Status)
}
return nil
}
}
const testAccAWSAccessKeyConfig = `
resource "aws_iam_user" "a_user" {
name = "testuser"
}
resource "aws_iam_access_key" "a_key" {
user = "${aws_iam_user.a_user.name}"
}
`

View File

@ -59,7 +59,7 @@ func resourceAwsIamGroupPolicyPut(d *schema.ResourceData, meta interface{}) erro
func resourceAwsIamGroupPolicyRead(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
group, name := resourceAwsIamGroupPolicyParseId(d)
group, name := resourceAwsIamGroupPolicyParseId(d.Id())
request := &iam.GetGroupPolicyInput{
PolicyName: aws.String(name),
@ -89,7 +89,7 @@ func resourceAwsIamGroupPolicyRead(d *schema.ResourceData, meta interface{}) err
func resourceAwsIamGroupPolicyDelete(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
group, name := resourceAwsIamGroupPolicyParseId(d)
group, name := resourceAwsIamGroupPolicyParseId(d.Id())
request := &iam.DeleteGroupPolicyInput{
PolicyName: aws.String(name),
@ -102,8 +102,8 @@ func resourceAwsIamGroupPolicyDelete(d *schema.ResourceData, meta interface{}) e
return nil
}
func resourceAwsIamGroupPolicyParseId(d *schema.ResourceData) (groupName, policyName string) {
parts := strings.SplitN(d.Id(), ":", 2)
func resourceAwsIamGroupPolicyParseId(id string) (groupName, policyName string) {
parts := strings.SplitN(id, ":", 2)
groupName = parts[0]
policyName = parts[1]
return

View File

@ -0,0 +1,112 @@
package aws
import (
"fmt"
"testing"
"github.com/awslabs/aws-sdk-go/aws"
"github.com/awslabs/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAWSIAMGroupPolicy(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckIAMGroupPolicyDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccIAMGroupPolicyConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckIAMGroupPolicy(
"aws_iam_group.group",
"aws_iam_group_policy.foo",
),
),
},
resource.TestStep{
Config: testAccIAMGroupPolicyConfigUpdate,
Check: resource.ComposeTestCheckFunc(
testAccCheckIAMGroupPolicy(
"aws_iam_group.group",
"aws_iam_group_policy.bar",
),
),
},
},
})
}
func testAccCheckIAMGroupPolicyDestroy(s *terraform.State) error {
if len(s.RootModule().Resources) > 0 {
return fmt.Errorf("Expected all resources to be gone, but found: %#v", s.RootModule().Resources)
}
return nil
}
func testAccCheckIAMGroupPolicy(
iamGroupResource string,
iamGroupPolicyResource string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[iamGroupResource]
if !ok {
return fmt.Errorf("Not Found: %s", iamGroupResource)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
policy, ok := s.RootModule().Resources[iamGroupPolicyResource]
if !ok {
return fmt.Errorf("Not Found: %s", iamGroupPolicyResource)
}
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
group, name := resourceAwsIamGroupPolicyParseId(policy.Primary.ID)
_, err := iamconn.GetGroupPolicy(&iam.GetGroupPolicyInput{
GroupName: aws.String(group),
PolicyName: aws.String(name),
})
if err != nil {
return err
}
return nil
}
}
const testAccIAMGroupPolicyConfig = `
resource "aws_iam_group" "group" {
name = "test_group"
path = "/"
}
resource "aws_iam_group_policy" "foo" {
name = "foo_policy"
group = "${aws_iam_group.group.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
`
const testAccIAMGroupPolicyConfigUpdate = `
resource "aws_iam_group" "group" {
name = "test_group"
path = "/"
}
resource "aws_iam_group_policy" "foo" {
name = "foo_policy"
group = "${aws_iam_group.group.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
resource "aws_iam_group_policy" "bar" {
name = "bar_policy"
group = "${aws_iam_group.group.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
`

View File

@ -0,0 +1,106 @@
package aws
import (
"fmt"
"testing"
"github.com/awslabs/aws-sdk-go/aws"
"github.com/awslabs/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAWSGroup_normal(t *testing.T) {
var conf iam.GetGroupOutput
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSGroupDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSGroupConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSGroupExists("aws_iam_group.group", &conf),
testAccCheckAWSGroupAttributes(&conf),
),
},
},
})
}
func testAccCheckAWSGroupDestroy(s *terraform.State) error {
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
for _, rs := range s.RootModule().Resources {
if rs.Type != "aws_iam_group" {
continue
}
// Try to get group
_, err := iamconn.GetGroup(&iam.GetGroupInput{
GroupName: aws.String(rs.Primary.ID),
})
if err == nil {
return fmt.Errorf("still exist.")
}
// Verify the error is what we want
ec2err, ok := err.(aws.APIError)
if !ok {
return err
}
if ec2err.Code != "NoSuchEntity" {
return err
}
}
return nil
}
func testAccCheckAWSGroupExists(n string, res *iam.GetGroupOutput) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No Group name is set")
}
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
resp, err := iamconn.GetGroup(&iam.GetGroupInput{
GroupName: aws.String(rs.Primary.ID),
})
if err != nil {
return err
}
*res = *resp
return nil
}
}
func testAccCheckAWSGroupAttributes(group *iam.GetGroupOutput) resource.TestCheckFunc {
return func(s *terraform.State) error {
if *group.Group.GroupName != "test-group" {
return fmt.Errorf("Bad name: %s", *group.Group.GroupName)
}
if *group.Group.Path != "/" {
return fmt.Errorf("Bad path: %s", *group.Group.Path)
}
return nil
}
}
const testAccAWSGroupConfig = `
resource "aws_iam_group" "group" {
name = "test-group"
path = "/"
}
`

View File

@ -59,7 +59,7 @@ func resourceAwsIamRolePolicyPut(d *schema.ResourceData, meta interface{}) error
func resourceAwsIamRolePolicyRead(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
role, name := resourceAwsIamRolePolicyParseId(d)
role, name := resourceAwsIamRolePolicyParseId(d.Id())
request := &iam.GetRolePolicyInput{
PolicyName: aws.String(name),
@ -89,7 +89,7 @@ func resourceAwsIamRolePolicyRead(d *schema.ResourceData, meta interface{}) erro
func resourceAwsIamRolePolicyDelete(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
role, name := resourceAwsIamRolePolicyParseId(d)
role, name := resourceAwsIamRolePolicyParseId(d.Id())
request := &iam.DeleteRolePolicyInput{
PolicyName: aws.String(name),
@ -102,9 +102,9 @@ func resourceAwsIamRolePolicyDelete(d *schema.ResourceData, meta interface{}) er
return nil
}
func resourceAwsIamRolePolicyParseId(d *schema.ResourceData) (userName, policyName string) {
parts := strings.SplitN(d.Id(), ":", 2)
userName = parts[0]
func resourceAwsIamRolePolicyParseId(id string) (roleName, policyName string) {
parts := strings.SplitN(id, ":", 2)
roleName = parts[0]
policyName = parts[1]
return
}

View File

@ -0,0 +1,114 @@
package aws
import (
"fmt"
"testing"
"github.com/awslabs/aws-sdk-go/aws"
"github.com/awslabs/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAWSIAMRolePolicy(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckIAMRolePolicyDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccIAMRolePolicyConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckIAMRolePolicy(
"aws_iam_role.role",
"aws_iam_role_policy.foo",
),
),
},
resource.TestStep{
Config: testAccIAMRolePolicyConfigUpdate,
Check: resource.ComposeTestCheckFunc(
testAccCheckIAMRolePolicy(
"aws_iam_role.role",
"aws_iam_role_policy.bar",
),
),
},
},
})
}
func testAccCheckIAMRolePolicyDestroy(s *terraform.State) error {
if len(s.RootModule().Resources) > 0 {
return fmt.Errorf("Expected all resources to be gone, but found: %#v", s.RootModule().Resources)
}
return nil
}
func testAccCheckIAMRolePolicy(
iamRoleResource string,
iamRolePolicyResource string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[iamRoleResource]
if !ok {
return fmt.Errorf("Not Found: %s", iamRoleResource)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
policy, ok := s.RootModule().Resources[iamRolePolicyResource]
if !ok {
return fmt.Errorf("Not Found: %s", iamRolePolicyResource)
}
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
role, name := resourceAwsIamRolePolicyParseId(policy.Primary.ID)
_, err := iamconn.GetRolePolicy(&iam.GetRolePolicyInput{
RoleName: aws.String(role),
PolicyName: aws.String(name),
})
if err != nil {
return err
}
return nil
}
}
const testAccIAMRolePolicyConfig = `
resource "aws_iam_role" "role" {
name = "test_role"
path = "/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Effect\":\"Allow\",\"Sid\":\"\"}]}"
}
resource "aws_iam_role_policy" "foo" {
name = "foo_policy"
role = "${aws_iam_role.role.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
`
const testAccIAMRolePolicyConfigUpdate = `
resource "aws_iam_role" "role" {
name = "test_role"
path = "/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Effect\":\"Allow\",\"Sid\":\"\"}]}"
}
resource "aws_iam_role_policy" "foo" {
name = "foo_policy"
role = "${aws_iam_role.role.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
resource "aws_iam_role_policy" "bar" {
name = "bar_policy"
role = "${aws_iam_role.role.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
`

View File

@ -0,0 +1,106 @@
package aws
import (
"fmt"
"testing"
"github.com/awslabs/aws-sdk-go/aws"
"github.com/awslabs/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAWSRole_normal(t *testing.T) {
var conf iam.GetRoleOutput
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSRoleDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSRoleConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSRoleExists("aws_iam_role.role", &conf),
testAccCheckAWSRoleAttributes(&conf),
),
},
},
})
}
func testAccCheckAWSRoleDestroy(s *terraform.State) error {
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
for _, rs := range s.RootModule().Resources {
if rs.Type != "aws_iam_role" {
continue
}
// Try to get role
_, err := iamconn.GetRole(&iam.GetRoleInput{
RoleName: aws.String(rs.Primary.ID),
})
if err == nil {
return fmt.Errorf("still exist.")
}
// Verify the error is what we want
ec2err, ok := err.(aws.APIError)
if !ok {
return err
}
if ec2err.Code != "NoSuchEntity" {
return err
}
}
return nil
}
func testAccCheckAWSRoleExists(n string, res *iam.GetRoleOutput) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No Role name is set")
}
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
resp, err := iamconn.GetRole(&iam.GetRoleInput{
RoleName: aws.String(rs.Primary.ID),
})
if err != nil {
return err
}
*res = *resp
return nil
}
}
func testAccCheckAWSRoleAttributes(role *iam.GetRoleOutput) resource.TestCheckFunc {
return func(s *terraform.State) error {
if *role.Role.RoleName != "test-role" {
return fmt.Errorf("Bad name: %s", *role.Role.RoleName)
}
if *role.Role.Path != "/" {
return fmt.Errorf("Bad path: %s", *role.Role.Path)
}
return nil
}
}
const testAccAWSRoleConfig = `
resource "aws_iam_role" "role" {
name = "test-role"
path = "/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
}
`

View File

@ -59,7 +59,7 @@ func resourceAwsIamUserPolicyPut(d *schema.ResourceData, meta interface{}) error
func resourceAwsIamUserPolicyRead(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
user, name := resourceAwsIamUserPolicyParseId(d)
user, name := resourceAwsIamUserPolicyParseId(d.Id())
request := &iam.GetUserPolicyInput{
PolicyName: aws.String(name),
@ -89,7 +89,7 @@ func resourceAwsIamUserPolicyRead(d *schema.ResourceData, meta interface{}) erro
func resourceAwsIamUserPolicyDelete(d *schema.ResourceData, meta interface{}) error {
iamconn := meta.(*AWSClient).iamconn
user, name := resourceAwsIamUserPolicyParseId(d)
user, name := resourceAwsIamUserPolicyParseId(d.Id())
request := &iam.DeleteUserPolicyInput{
PolicyName: aws.String(name),
@ -102,8 +102,8 @@ func resourceAwsIamUserPolicyDelete(d *schema.ResourceData, meta interface{}) er
return nil
}
func resourceAwsIamUserPolicyParseId(d *schema.ResourceData) (userName, policyName string) {
parts := strings.SplitN(d.Id(), ":", 2)
func resourceAwsIamUserPolicyParseId(id string) (userName, policyName string) {
parts := strings.SplitN(id, ":", 2)
userName = parts[0]
policyName = parts[1]
return

View File

@ -0,0 +1,112 @@
package aws
import (
"fmt"
"testing"
"github.com/awslabs/aws-sdk-go/aws"
"github.com/awslabs/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAWSIAMUserPolicy(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckIAMUserPolicyDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccIAMUserPolicyConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckIAMUserPolicy(
"aws_iam_user.user",
"aws_iam_user_policy.foo",
),
),
},
resource.TestStep{
Config: testAccIAMUserPolicyConfigUpdate,
Check: resource.ComposeTestCheckFunc(
testAccCheckIAMUserPolicy(
"aws_iam_user.user",
"aws_iam_user_policy.bar",
),
),
},
},
})
}
func testAccCheckIAMUserPolicyDestroy(s *terraform.State) error {
if len(s.RootModule().Resources) > 0 {
return fmt.Errorf("Expected all resources to be gone, but found: %#v", s.RootModule().Resources)
}
return nil
}
func testAccCheckIAMUserPolicy(
iamUserResource string,
iamUserPolicyResource string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[iamUserResource]
if !ok {
return fmt.Errorf("Not Found: %s", iamUserResource)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
}
policy, ok := s.RootModule().Resources[iamUserPolicyResource]
if !ok {
return fmt.Errorf("Not Found: %s", iamUserPolicyResource)
}
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
username, name := resourceAwsIamUserPolicyParseId(policy.Primary.ID)
_, err := iamconn.GetUserPolicy(&iam.GetUserPolicyInput{
UserName: aws.String(username),
PolicyName: aws.String(name),
})
if err != nil {
return err
}
return nil
}
}
const testAccIAMUserPolicyConfig = `
resource "aws_iam_user" "user" {
name = "test_user"
path = "/"
}
resource "aws_iam_user_policy" "foo" {
name = "foo_policy"
user = "${aws_iam_user.user.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
`
const testAccIAMUserPolicyConfigUpdate = `
resource "aws_iam_user" "user" {
name = "test_user"
path = "/"
}
resource "aws_iam_user_policy" "foo" {
name = "foo_policy"
user = "${aws_iam_user.user.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
resource "aws_iam_user_policy" "bar" {
name = "bar_policy"
user = "${aws_iam_user.user.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
}
`

View File

@ -0,0 +1,106 @@
package aws
import (
"fmt"
"testing"
"github.com/awslabs/aws-sdk-go/aws"
"github.com/awslabs/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccAWSUser_normal(t *testing.T) {
var conf iam.GetUserOutput
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSUserDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSUserConfig,
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSUserExists("aws_iam_user.user", &conf),
testAccCheckAWSUserAttributes(&conf),
),
},
},
})
}
func testAccCheckAWSUserDestroy(s *terraform.State) error {
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
for _, rs := range s.RootModule().Resources {
if rs.Type != "aws_iam_user" {
continue
}
// Try to get user
_, err := iamconn.GetUser(&iam.GetUserInput{
UserName: aws.String(rs.Primary.ID),
})
if err == nil {
return fmt.Errorf("still exist.")
}
// Verify the error is what we want
ec2err, ok := err.(aws.APIError)
if !ok {
return err
}
if ec2err.Code != "NoSuchEntity" {
return err
}
}
return nil
}
func testAccCheckAWSUserExists(n string, res *iam.GetUserOutput) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
if rs.Primary.ID == "" {
return fmt.Errorf("No User name is set")
}
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
resp, err := iamconn.GetUser(&iam.GetUserInput{
UserName: aws.String(rs.Primary.ID),
})
if err != nil {
return err
}
*res = *resp
return nil
}
}
func testAccCheckAWSUserAttributes(user *iam.GetUserOutput) resource.TestCheckFunc {
return func(s *terraform.State) error {
if *user.User.UserName != "test-user" {
return fmt.Errorf("Bad name: %s", *user.User.UserName)
}
if *user.User.Path != "/" {
return fmt.Errorf("Bad path: %s", *user.User.Path)
}
return nil
}
}
const testAccAWSUserConfig = `
resource "aws_iam_user" "user" {
name = "test-user"
path = "/"
}
`