diff --git a/builtin/providers/aws/resource_aws_vpn_gateway.go b/builtin/providers/aws/resource_aws_vpn_gateway.go index 057ee8d77..53f322555 100644 --- a/builtin/providers/aws/resource_aws_vpn_gateway.go +++ b/builtin/providers/aws/resource_aws_vpn_gateway.go @@ -83,7 +83,7 @@ func resourceAwsVpnGatewayRead(d *schema.ResourceData, meta interface{}) error { return nil } - if len(vpnGateway.VpcAttachments) == 0 { + if len(vpnGateway.VpcAttachments) == 0 || *vpnGateway.VpcAttachments[0].State == "detached" { // Gateway exists but not attached to the VPC d.Set("vpc_id", "") } else { diff --git a/builtin/providers/aws/resource_aws_vpn_gateway_test.go b/builtin/providers/aws/resource_aws_vpn_gateway_test.go index beca54720..0e3677d6f 100644 --- a/builtin/providers/aws/resource_aws_vpn_gateway_test.go +++ b/builtin/providers/aws/resource_aws_vpn_gateway_test.go @@ -57,6 +57,60 @@ func TestAccAWSVpnGateway_basic(t *testing.T) { }) } +func TestAccAWSVpnGateway_reattach(t *testing.T) { + var v ec2.VpnGateway + + genTestStateFunc := func(expectedState string) func(*terraform.State) error { + return func(*terraform.State) error { + if len(v.VpcAttachments) == 0 { + if expectedState != "detached" { + return fmt.Errorf("VPN gateway has no VPC attachments") + } + } else if len(v.VpcAttachments) == 1 { + if *v.VpcAttachments[0].State != expectedState { + return fmt.Errorf("Expected VPC gateway VPC attachment to be in '%s' state, but was not: %s", expectedState, v) + } + } else { + return fmt.Errorf("VPN gateway has unexpected number of VPC attachments(more than 1): %s", v) + } + return nil + } + } + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + IDRefreshName: "aws_vpn_gateway.foo", + Providers: testAccProviders, + CheckDestroy: testAccCheckVpnGatewayDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccVpnGatewayConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckVpnGatewayExists( + "aws_vpn_gateway.foo", &v), + genTestStateFunc("attached"), + ), + }, + resource.TestStep{ + Config: testAccVpnGatewayConfigDetach, + Check: resource.ComposeTestCheckFunc( + testAccCheckVpnGatewayExists( + "aws_vpn_gateway.foo", &v), + genTestStateFunc("detached"), + ), + }, + resource.TestStep{ + Config: testAccVpnGatewayConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckVpnGatewayExists( + "aws_vpn_gateway.foo", &v), + genTestStateFunc("attached"), + ), + }, + }, + }) +} + func TestAccAWSVpnGateway_delete(t *testing.T) { var vpnGateway ec2.VpnGateway @@ -216,6 +270,16 @@ resource "aws_vpn_gateway" "foo" { } ` +const testAccVpnGatewayConfigDetach = ` +resource "aws_vpc" "foo" { + cidr_block = "10.1.0.0/16" +} + +resource "aws_vpn_gateway" "foo" { + vpc_id = "" +} +` + const testAccCheckVpnGatewayConfigTags = ` resource "aws_vpc" "foo" { cidr_block = "10.1.0.0/16"