2016-07-21 01:29:33 +02:00
|
|
|
package aws
|
|
|
|
|
|
|
|
import (
|
2016-11-04 15:33:07 +01:00
|
|
|
"fmt"
|
2016-07-21 01:29:33 +02:00
|
|
|
"testing"
|
|
|
|
|
2016-11-04 15:33:07 +01:00
|
|
|
"github.com/hashicorp/terraform/helper/acctest"
|
2016-07-21 01:29:33 +02:00
|
|
|
"github.com/hashicorp/terraform/helper/resource"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestAccAWSOpsworksPermission(t *testing.T) {
|
2016-12-02 12:53:06 +01:00
|
|
|
sName := fmt.Sprintf("tf-ops-perm-%d", acctest.RandInt())
|
2016-07-21 01:29:33 +02:00
|
|
|
resource.Test(t, resource.TestCase{
|
|
|
|
PreCheck: func() { testAccPreCheck(t) },
|
|
|
|
Providers: testAccProviders,
|
|
|
|
Steps: []resource.TestStep{
|
|
|
|
resource.TestStep{
|
2016-12-02 12:53:06 +01:00
|
|
|
Config: testAccAwsOpsworksPermissionCreate(sName, "true", "true", "iam_only"),
|
2016-07-21 01:29:33 +02:00
|
|
|
Check: resource.ComposeTestCheckFunc(
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_ssh", "true",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_sudo", "true",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "level", "iam_only",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
2016-12-02 12:53:06 +01:00
|
|
|
resource.TestStep{
|
|
|
|
Config: testAccAwsOpsworksPermissionCreate(sName, "true", "false", "iam_only"),
|
|
|
|
Check: resource.ComposeTestCheckFunc(
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_ssh", "true",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_sudo", "false",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "level", "iam_only",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
resource.TestStep{
|
|
|
|
Config: testAccAwsOpsworksPermissionCreate(sName, "false", "false", "deny"),
|
|
|
|
Check: resource.ComposeTestCheckFunc(
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_ssh", "false",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_sudo", "false",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "level", "deny",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
resource.TestStep{
|
|
|
|
Config: testAccAwsOpsworksPermissionCreate(sName, "false", "false", "show"),
|
|
|
|
Check: resource.ComposeTestCheckFunc(
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_ssh", "false",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "allow_sudo", "false",
|
|
|
|
),
|
|
|
|
resource.TestCheckResourceAttr(
|
|
|
|
"aws_opsworks_permission.tf-acc-perm", "level", "show",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
2016-07-21 01:29:33 +02:00
|
|
|
},
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2016-12-02 12:53:06 +01:00
|
|
|
func testAccAwsOpsworksPermissionCreate(name, ssh, sudo, level string) string {
|
2016-11-04 15:33:07 +01:00
|
|
|
return fmt.Sprintf(`
|
2016-07-21 01:29:33 +02:00
|
|
|
resource "aws_opsworks_permission" "tf-acc-perm" {
|
|
|
|
stack_id = "${aws_opsworks_stack.tf-acc.id}"
|
|
|
|
|
2016-12-02 12:53:06 +01:00
|
|
|
allow_ssh = %s
|
|
|
|
allow_sudo = %s
|
2016-07-21 01:29:33 +02:00
|
|
|
user_arn = "${aws_opsworks_user_profile.user.user_arn}"
|
2016-12-02 12:53:06 +01:00
|
|
|
level = "%s"
|
2016-07-21 01:29:33 +02:00
|
|
|
}
|
2016-11-04 15:33:07 +01:00
|
|
|
|
|
|
|
resource "aws_opsworks_user_profile" "user" {
|
|
|
|
user_arn = "${aws_iam_user.user.arn}"
|
|
|
|
ssh_username = "${aws_iam_user.user.name}"
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "aws_iam_user" "user" {
|
|
|
|
name = "%s"
|
|
|
|
path = "/"
|
|
|
|
}
|
|
|
|
|
|
|
|
%s
|
2016-12-02 12:53:06 +01:00
|
|
|
`, ssh, sudo, level, name, testAccAwsOpsworksStackConfigVpcCreate(name))
|
2016-11-04 15:33:07 +01:00
|
|
|
}
|