diff --git a/builtin/providers/vcd/resource_vcd_edgegateway_vpn.go b/builtin/providers/vcd/resource_vcd_edgegateway_vpn.go index d717880248..7ec897da20 100644 --- a/builtin/providers/vcd/resource_vcd_edgegateway_vpn.go +++ b/builtin/providers/vcd/resource_vcd_edgegateway_vpn.go @@ -263,21 +263,28 @@ func resourceVcdEdgeGatewayVpnRead(d *schema.ResourceData, meta interface{}) err } egsc := edgeGateway.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.GatewayIpsecVpnService - for _, t := range egsc.Tunnel { - d.Set("name", t.Name) - d.Set("description", t.Description) - d.Set("encryption_protocol", t.EncryptionProtocol) - d.Set("local_ip_address", t.LocalIPAddress) - d.Set("local_id", t.LocalID) - d.Set("mtu", t.Mtu) - d.Set("peer_ip_address", t.PeerIPAddress) - d.Set("peer_id", t.PeerID) - d.Set("shared_secret", t.SharedSecret) - d.Set("local_subnets", t.LocalSubnet) - d.Set("peer_subnets", t.PeerSubnet) + if len(egsc.Tunnel) == 0 { + d.SetId("") + return nil + } + + if len(egsc.Tunnel) == 1 { + tunnel := egsc.Tunnel[0] + d.Set("name", tunnel.Name) + d.Set("description", tunnel.Description) + d.Set("encryption_protocol", tunnel.EncryptionProtocol) + d.Set("local_ip_address", tunnel.LocalIPAddress) + d.Set("local_id", tunnel.LocalID) + d.Set("mtu", tunnel.Mtu) + d.Set("peer_ip_address", tunnel.PeerIPAddress) + d.Set("peer_id", tunnel.PeerID) + d.Set("shared_secret", tunnel.SharedSecret) + d.Set("local_subnets", tunnel.LocalSubnet) + d.Set("peer_subnets", tunnel.PeerSubnet) + } else { + return fmt.Errorf("Multiple tunnels not currently supported") } - // and all the others return nil } diff --git a/builtin/providers/vcd/resource_vcd_edgegateway_vpn_test.go b/builtin/providers/vcd/resource_vcd_edgegateway_vpn_test.go new file mode 100644 index 0000000000..1fcd96617e --- /dev/null +++ b/builtin/providers/vcd/resource_vcd_edgegateway_vpn_test.go @@ -0,0 +1,80 @@ +package vcd + +import ( + "fmt" + "os" + "testing" + + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccVcdVpn_Basic(t *testing.T) { + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckVcdVpnDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: fmt.Sprintf(testAccCheckVcdVpn_basic, os.Getenv("VCD_EDGE_GATEWAY")), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr( + "vcd_edgegateway_vpn.vpn", "encryption_protocol", "AES256"), + ), + }, + }, + }) +} + +func testAccCheckVcdVpnDestroy(s *terraform.State) error { + + for _, rs := range s.RootModule().Resources { + if rs.Type != "vcd_edgegateway_vpn" { + continue + } + + return nil + } + + return nil +} + +const testAccCheckVcdVpn_basic = ` +resource "vcd_edgegateway_vpn" "vpn" { + edge_gateway = "%s" + name = "west-to-east" + description = "Description" + encryption_protocol = "AES256" + mtu = 1400 + peer_id = "51.179.218.195" + peer_ip_address = "51.179.218.195" + local_id = "51.179.218.196" + local_ip_address = "51.179.218.196" + shared_secret = "yZ4B8pxS5334m6ho692hjbtb7zo2vbesn7pe8ry5hyud86M433tbnnfxt6Dqn73g" + + peer_subnets { + peer_subnet_name = "DMZ_WEST" + peer_subnet_gateway = "10.0.10.1" + peer_subnet_mask = "255.255.255.0" + } + + peer_subnets { + peer_subnet_name = "WEB_WEST" + peer_subnet_gateway = "10.0.20.1" + peer_subnet_mask = "255.255.255.0" + } + + local_subnets { + local_subnet_name = "DMZ_EAST" + local_subnet_gateway = "10.0.1.1" + local_subnet_mask = "255.255.255.0" + } + + local_subnets { + local_subnet_name = "WEB_EAST" + local_subnet_gateway = "10.0.22.1" + local_subnet_mask = "255.255.255.0" + } +} +`