provider/aws: Add the enable_sni attribute for Route53 health checks.

In #8502 it was requested that we add support for the EnableSNI parameter of Route53's health checks; this enables customers to manually specify whether or not the health check will use SNI when communicating with the endpoint. The customer originally requested we default to `false`. While implementing the issue, I discovered that when creating health checks with a Type set to HTTP, Amazon's default value for EnableSNI is `false`. However, when creating health checks with a Type set to HTTPS, Amazon's default value is `true`. So rather than setting a default value, I made the attribute computed.
2016-11-02 11:58:57 -07:00 · 2016-11-02 11:58:57 -07:00 · 42049e984f
parent 61a1501731
commit 42049e984f
2 changed files with 102 additions and 0 deletions
--- a/builtin/providers/aws/resource_aws_route53_health_check.go
+++ b/builtin/providers/aws/resource_aws_route53_health_check.go
@ -115,6 +115,11 @@ func resourceAwsRoute53HealthCheck() *schema.Resource {
 				Optional: true,
 				ForceNew: true,
 			},
+			"enable_sni": &schema.Schema{
+				Type:     schema.TypeBool,
+				Optional: true,
+				Computed: true,
+			},

 			"tags": tagsSchema(),
 		},
@ -173,6 +178,10 @@ func resourceAwsRoute53HealthCheckUpdate(d *schema.ResourceData, meta interface{
 		updateHealthCheck.InsufficientDataHealthStatus = aws.String(d.Get("insufficient_data_health_status").(string))
 	}

+	if d.HasChange("enable_sni") {
+		updateHealthCheck.EnableSNI = aws.Bool(d.Get("enable_sni").(bool))
+	}
+
 	_, err := conn.UpdateHealthCheck(updateHealthCheck)
 	if err != nil {
 		return err
@ -230,6 +239,10 @@ func resourceAwsRoute53HealthCheckCreate(d *schema.ResourceData, meta interface{
 		healthConfig.Inverted = aws.Bool(v.(bool))
 	}

+	if v, ok := d.GetOk("enable_sni"); ok {
+		healthConfig.EnableSNI = aws.Bool(v.(bool))
+	}
+
 	if *healthConfig.Type == route53.HealthCheckTypeCalculated {
 		if v, ok := d.GetOk("child_healthchecks"); ok {
 			healthConfig.ChildHealthChecks = expandStringList(v.(*schema.Set).List())
@ -314,6 +327,7 @@ func resourceAwsRoute53HealthCheckRead(d *schema.ResourceData, meta interface{})
 	d.Set("child_healthchecks", updated.ChildHealthChecks)
 	d.Set("child_health_threshold", updated.HealthThreshold)
 	d.Set("insufficient_data_health_status", updated.InsufficientDataHealthStatus)
+	d.Set("enable_sni", updated.EnableSNI)

 	if updated.AlarmIdentifier != nil {
 		d.Set("cloudwatch_alarm_name", updated.AlarmIdentifier.Name)
--- a/builtin/providers/aws/resource_aws_route53_health_check_test.go
+++ b/builtin/providers/aws/resource_aws_route53_health_check_test.go
@ -122,6 +122,41 @@ func TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck(t *testing.T) {
 	})
 }

+func TestAccAWSRoute53HealthCheck_withSNI(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:      func() { testAccPreCheck(t) },
+		IDRefreshName: "aws_route53_health_check.foo",
+		Providers:     testAccProviders,
+		CheckDestroy:  testAccCheckRoute53HealthCheckDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccRoute53HealthCheckConfigWithoutSNI,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckRoute53HealthCheckExists("aws_route53_health_check.foo"),
+					resource.TestCheckResourceAttr(
+						"aws_route53_health_check.foo", "enable_sni", "true"),
+				),
+			},
+			resource.TestStep{
+				Config: testAccRoute53HealthCheckConfigWithSNIDisabled,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckRoute53HealthCheckExists("aws_route53_health_check.foo"),
+					resource.TestCheckResourceAttr(
+						"aws_route53_health_check.foo", "enable_sni", "false"),
+				),
+			},
+			resource.TestStep{
+				Config: testAccRoute53HealthCheckConfigWithSNI,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckRoute53HealthCheckExists("aws_route53_health_check.foo"),
+					resource.TestCheckResourceAttr(
+						"aws_route53_health_check.foo", "enable_sni", "true"),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckRoute53HealthCheckDestroy(s *terraform.State) error {
 	conn := testAccProvider.Meta().(*AWSClient).r53conn

@ -314,3 +349,56 @@ resource "aws_route53_health_check" "foo" {
   }
 }
 `
+
+const testAccRoute53HealthCheckConfigWithoutSNI = `
+resource "aws_route53_health_check" "foo" {
+  fqdn = "dev.notexample.com"
+  port = 443
+  type = "HTTPS"
+  resource_path = "/"
+  failure_threshold = "2"
+  request_interval = "30"
+  measure_latency = true
+  invert_healthcheck = true
+
+  tags = {
+    Name = "tf-test-health-check"
+   }
+}
+`
+
+const testAccRoute53HealthCheckConfigWithSNI = `
+resource "aws_route53_health_check" "foo" {
+	fqdn = "dev.notexample.com"
+  port = 443
+  type = "HTTPS"
+  resource_path = "/"
+  failure_threshold = "2"
+  request_interval = "30"
+  measure_latency = true
+  invert_healthcheck = true
+  enable_sni = true
+
+  tags = {
+    Name = "tf-test-health-check"
+   }
+}
+`
+
+const testAccRoute53HealthCheckConfigWithSNIDisabled = `
+resource "aws_route53_health_check" "foo" {
+	fqdn = "dev.notexample.com"
+  port = 443
+  type = "HTTPS"
+  resource_path = "/"
+  failure_threshold = "2"
+  request_interval = "30"
+  measure_latency = true
+  invert_healthcheck = true
+  enable_sni = false
+
+  tags = {
+    Name = "tf-test-health-check"
+   }
+}
+`