package aws import ( "fmt" "testing" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/directoryservice" "github.com/hashicorp/terraform/helper/acctest" "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/terraform" ) func TestAccAWSDirectoryServiceDirectory_basic(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy, Steps: []resource.TestStep{ resource.TestStep{ Config: testAccDirectoryServiceDirectoryConfig, Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar"), ), }, }, }) } func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy, Steps: []resource.TestStep{ resource.TestStep{ Config: testAccDirectoryServiceDirectoryConfig_microsoft, Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar"), ), }, }, }) } func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy, Steps: []resource.TestStep{ resource.TestStep{ Config: testAccDirectoryServiceDirectoryConfig_connector, Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists("aws_directory_service_directory.connector"), ), }, }, }) } func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy, Steps: []resource.TestStep{ resource.TestStep{ Config: testAccDirectoryServiceDirectoryConfig_withAlias, Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar_a"), testAccCheckServiceDirectoryAlias("aws_directory_service_directory.bar_a", fmt.Sprintf("tf-d-%d", randomInteger)), testAccCheckServiceDirectorySso("aws_directory_service_directory.bar_a", false), ), }, resource.TestStep{ Config: testAccDirectoryServiceDirectoryConfig_withSso, Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar_a"), testAccCheckServiceDirectoryAlias("aws_directory_service_directory.bar_a", fmt.Sprintf("tf-d-%d", randomInteger)), testAccCheckServiceDirectorySso("aws_directory_service_directory.bar_a", true), ), }, resource.TestStep{ Config: testAccDirectoryServiceDirectoryConfig_withSso_modified, Check: resource.ComposeTestCheckFunc( testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar_a"), testAccCheckServiceDirectoryAlias("aws_directory_service_directory.bar_a", fmt.Sprintf("tf-d-%d", randomInteger)), testAccCheckServiceDirectorySso("aws_directory_service_directory.bar_a", false), ), }, }, }) } func testAccCheckDirectoryServiceDirectoryDestroy(s *terraform.State) error { dsconn := testAccProvider.Meta().(*AWSClient).dsconn for _, rs := range s.RootModule().Resources { if rs.Type != "aws_directory_service_directory" { continue } input := directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, } out, err := dsconn.DescribeDirectories(&input) if err != nil { // EntityDoesNotExistException means it's gone, this is good if dserr, ok := err.(awserr.Error); ok && dserr.Code() == "EntityDoesNotExistException" { return nil } return err } if out != nil && len(out.DirectoryDescriptions) > 0 { return fmt.Errorf("Expected AWS Directory Service Directory to be gone, but was still found") } return nil } return fmt.Errorf("Default error in Service Directory Test") } func testAccCheckServiceDirectoryExists(name string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[name] if !ok { return fmt.Errorf("Not found: %s", name) } if rs.Primary.ID == "" { return fmt.Errorf("No ID is set") } dsconn := testAccProvider.Meta().(*AWSClient).dsconn out, err := dsconn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, }) if err != nil { return err } if len(out.DirectoryDescriptions) < 1 { return fmt.Errorf("No DS directory found") } if *out.DirectoryDescriptions[0].DirectoryId != rs.Primary.ID { return fmt.Errorf("DS directory ID mismatch - existing: %q, state: %q", *out.DirectoryDescriptions[0].DirectoryId, rs.Primary.ID) } return nil } } func testAccCheckServiceDirectoryAlias(name, alias string) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[name] if !ok { return fmt.Errorf("Not found: %s", name) } if rs.Primary.ID == "" { return fmt.Errorf("No ID is set") } dsconn := testAccProvider.Meta().(*AWSClient).dsconn out, err := dsconn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, }) if err != nil { return err } if *out.DirectoryDescriptions[0].Alias != alias { return fmt.Errorf("DS directory Alias mismatch - actual: %q, expected: %q", *out.DirectoryDescriptions[0].Alias, alias) } return nil } } func testAccCheckServiceDirectorySso(name string, ssoEnabled bool) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[name] if !ok { return fmt.Errorf("Not found: %s", name) } if rs.Primary.ID == "" { return fmt.Errorf("No ID is set") } dsconn := testAccProvider.Meta().(*AWSClient).dsconn out, err := dsconn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ DirectoryIds: []*string{aws.String(rs.Primary.ID)}, }) if err != nil { return err } if *out.DirectoryDescriptions[0].SsoEnabled != ssoEnabled { return fmt.Errorf("DS directory SSO mismatch - actual: %t, expected: %t", *out.DirectoryDescriptions[0].SsoEnabled, ssoEnabled) } return nil } } const testAccDirectoryServiceDirectoryConfig = ` resource "aws_directory_service_directory" "bar" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" vpc_settings { vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] } } resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" } resource "aws_subnet" "foo" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2a" cidr_block = "10.0.1.0/24" } resource "aws_subnet" "bar" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2b" cidr_block = "10.0.2.0/24" } ` const testAccDirectoryServiceDirectoryConfig_connector = ` resource "aws_directory_service_directory" "bar" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" vpc_settings { vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] } } resource "aws_directory_service_directory" "connector" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" type = "ADConnector" connect_settings { customer_dns_ips = ["${aws_directory_service_directory.bar.dns_ip_addresses}"] customer_username = "Administrator" vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] } } resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" } resource "aws_subnet" "foo" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2a" cidr_block = "10.0.1.0/24" } resource "aws_subnet" "bar" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2b" cidr_block = "10.0.2.0/24" } ` const testAccDirectoryServiceDirectoryConfig_microsoft = ` resource "aws_directory_service_directory" "bar" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" type = "MicrosoftAD" vpc_settings { vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] } } resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" } resource "aws_subnet" "foo" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2a" cidr_block = "10.0.1.0/24" } resource "aws_subnet" "bar" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2b" cidr_block = "10.0.2.0/24" } ` var randomInteger = acctest.RandInt() var testAccDirectoryServiceDirectoryConfig_withAlias = fmt.Sprintf(` resource "aws_directory_service_directory" "bar_a" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" alias = "tf-d-%d" vpc_settings { vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] } } resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" } resource "aws_subnet" "foo" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2a" cidr_block = "10.0.1.0/24" } resource "aws_subnet" "bar" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2b" cidr_block = "10.0.2.0/24" } `, randomInteger) var testAccDirectoryServiceDirectoryConfig_withSso = fmt.Sprintf(` resource "aws_directory_service_directory" "bar_a" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" alias = "tf-d-%d" enable_sso = true vpc_settings { vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] } } resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" } resource "aws_subnet" "foo" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2a" cidr_block = "10.0.1.0/24" } resource "aws_subnet" "bar" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2b" cidr_block = "10.0.2.0/24" } `, randomInteger) var testAccDirectoryServiceDirectoryConfig_withSso_modified = fmt.Sprintf(` resource "aws_directory_service_directory" "bar_a" { name = "corp.notexample.com" password = "SuperSecretPassw0rd" size = "Small" alias = "tf-d-%d" enable_sso = false vpc_settings { vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] } } resource "aws_vpc" "main" { cidr_block = "10.0.0.0/16" } resource "aws_subnet" "foo" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2a" cidr_block = "10.0.1.0/24" } resource "aws_subnet" "bar" { vpc_id = "${aws_vpc.main.id}" availability_zone = "us-west-2b" cidr_block = "10.0.2.0/24" } `, randomInteger)