ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

provider/aws: Set aws_alb security_groups computed (#8269) 

This commit fixes #8264 by making the security_groups attribute on
aws_alb resources computed, allowing the default security group assigned
by AWS to not generate perpetual plans forcing new resources.
This commit is contained in:
James Nugent 2016-08-18 16:52:29 +01:00 committed by Radek Simko
parent b2a3104118
commit d7e9a2ecf2
2 changed files with 77 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
builtin/providers/aws/resource_aws_alb.go
View File

@ -39,6 +39,7 @@ func resourceAwsAlb() *schema.Resource {
"security_groups": { "security_groups": {
Type: schema.TypeSet, Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString}, Elem: &schema.Schema{Type: schema.TypeString},
Computed: true,
ForceNew: true, ForceNew: true,
Optional: true, Optional: true,
Set: schema.HashString, Set: schema.HashString,

76
builtin/providers/aws/resource_aws_alb_test.go
View File

@ -44,6 +44,40 @@ func TestAccAWSALB_basic(t *testing.T) {
}) })
} }
// TestAccAWSALB_noSecurityGroup regression tests the issue in #8264,
// where if an ALB is created without a security group, a default one
// is assigned.
func TestAccAWSALB_noSecurityGroup(t *testing.T) {
var conf elbv2.LoadBalancer
albName := fmt.Sprintf("testaccawsalb-nosg-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
IDRefreshName: "aws_alb.alb_test",
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSALBDestroy,
Steps: []resource.TestStep{
{
Config: testAccAWSALBConfig_nosg(albName),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckAWSALBExists("aws_alb.alb_test", &conf),
resource.TestCheckResourceAttr("aws_alb.alb_test", "name", albName),
resource.TestCheckResourceAttr("aws_alb.alb_test", "internal", "false"),
resource.TestCheckResourceAttr("aws_alb.alb_test", "subnets.#", "2"),
resource.TestCheckResourceAttr("aws_alb.alb_test", "security_groups.#", "1"),
resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.%", "1"),
resource.TestCheckResourceAttr("aws_alb.alb_test", "tags.TestName", "TestAccAWSALB_basic"),
resource.TestCheckResourceAttr("aws_alb.alb_test", "enable_deletion_protection", "false"),
resource.TestCheckResourceAttr("aws_alb.alb_test", "idle_timeout", "30"),
resource.TestCheckResourceAttrSet("aws_alb.alb_test", "vpc_id"),
resource.TestCheckResourceAttrSet("aws_alb.alb_test", "zone_id"),
resource.TestCheckResourceAttrSet("aws_alb.alb_test", "dns_name"),
),
},
},
})
}
func TestAccAWSALB_accesslogs(t *testing.T) { func TestAccAWSALB_accesslogs(t *testing.T) {
var conf elbv2.LoadBalancer var conf elbv2.LoadBalancer
bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum)) bucketName := fmt.Sprintf("testaccawsalbaccesslogs-%s", acctest.RandStringFromCharSet(6, acctest.CharSetAlphaNum))
@ -334,3 +368,45 @@ resource "aws_security_group" "alb_test" {
} }
}`, albName, bucketName) }`, albName, bucketName)
} }
func testAccAWSALBConfig_nosg(albName string) string {
return fmt.Sprintf(`resource "aws_alb" "alb_test" {
name = "%s"
internal = false
subnets = ["${aws_subnet.alb_test.*.id}"]
idle_timeout = 30
enable_deletion_protection = false
tags {
TestName = "TestAccAWSALB_basic"
}
}
variable "subnets" {
default = ["10.0.1.0/24", "10.0.2.0/24"]
type = "list"
}
data "aws_availability_zones" "available" {}
resource "aws_vpc" "alb_test" {
cidr_block = "10.0.0.0/16"
tags {
TestName = "TestAccAWSALB_basic"
}
}
resource "aws_subnet" "alb_test" {
count = 2
vpc_id = "${aws_vpc.alb_test.id}"
cidr_block = "${element(var.subnets, count.index)}"
map_public_ip_on_launch = true
availability_zone = "${element(data.aws_availability_zones.available.names, count.index)}"
tags {
TestName = "TestAccAWSALB_basic"
}
}`, albName)
}