From e655cbd0fc73753f68fa362b020a33d59d83a3d9 Mon Sep 17 00:00:00 2001 From: Modestas Vainius Date: Thu, 2 Jun 2016 20:28:51 +0300 Subject: [PATCH] provider/aws: Fix reattachment of VPC to VPN gateway. When VPC is detached from VPN gateway, its VpcAttachment stays in place just with state changed to "detached". Since terraform was not checking attachment state, it used to think VPC gateway was still attached. --- .../providers/aws/resource_aws_vpn_gateway.go | 2 +- .../aws/resource_aws_vpn_gateway_test.go | 64 +++++++++++++++++++ 2 files changed, 65 insertions(+), 1 deletion(-) diff --git a/builtin/providers/aws/resource_aws_vpn_gateway.go b/builtin/providers/aws/resource_aws_vpn_gateway.go index 057ee8d77a..53f322555b 100644 --- a/builtin/providers/aws/resource_aws_vpn_gateway.go +++ b/builtin/providers/aws/resource_aws_vpn_gateway.go @@ -83,7 +83,7 @@ func resourceAwsVpnGatewayRead(d *schema.ResourceData, meta interface{}) error { return nil } - if len(vpnGateway.VpcAttachments) == 0 { + if len(vpnGateway.VpcAttachments) == 0 || *vpnGateway.VpcAttachments[0].State == "detached" { // Gateway exists but not attached to the VPC d.Set("vpc_id", "") } else { diff --git a/builtin/providers/aws/resource_aws_vpn_gateway_test.go b/builtin/providers/aws/resource_aws_vpn_gateway_test.go index beca547209..0e3677d6f9 100644 --- a/builtin/providers/aws/resource_aws_vpn_gateway_test.go +++ b/builtin/providers/aws/resource_aws_vpn_gateway_test.go @@ -57,6 +57,60 @@ func TestAccAWSVpnGateway_basic(t *testing.T) { }) } +func TestAccAWSVpnGateway_reattach(t *testing.T) { + var v ec2.VpnGateway + + genTestStateFunc := func(expectedState string) func(*terraform.State) error { + return func(*terraform.State) error { + if len(v.VpcAttachments) == 0 { + if expectedState != "detached" { + return fmt.Errorf("VPN gateway has no VPC attachments") + } + } else if len(v.VpcAttachments) == 1 { + if *v.VpcAttachments[0].State != expectedState { + return fmt.Errorf("Expected VPC gateway VPC attachment to be in '%s' state, but was not: %s", expectedState, v) + } + } else { + return fmt.Errorf("VPN gateway has unexpected number of VPC attachments(more than 1): %s", v) + } + return nil + } + } + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + IDRefreshName: "aws_vpn_gateway.foo", + Providers: testAccProviders, + CheckDestroy: testAccCheckVpnGatewayDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccVpnGatewayConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckVpnGatewayExists( + "aws_vpn_gateway.foo", &v), + genTestStateFunc("attached"), + ), + }, + resource.TestStep{ + Config: testAccVpnGatewayConfigDetach, + Check: resource.ComposeTestCheckFunc( + testAccCheckVpnGatewayExists( + "aws_vpn_gateway.foo", &v), + genTestStateFunc("detached"), + ), + }, + resource.TestStep{ + Config: testAccVpnGatewayConfig, + Check: resource.ComposeTestCheckFunc( + testAccCheckVpnGatewayExists( + "aws_vpn_gateway.foo", &v), + genTestStateFunc("attached"), + ), + }, + }, + }) +} + func TestAccAWSVpnGateway_delete(t *testing.T) { var vpnGateway ec2.VpnGateway @@ -216,6 +270,16 @@ resource "aws_vpn_gateway" "foo" { } ` +const testAccVpnGatewayConfigDetach = ` +resource "aws_vpc" "foo" { + cidr_block = "10.1.0.0/16" +} + +resource "aws_vpn_gateway" "foo" { + vpc_id = "" +} +` + const testAccCheckVpnGatewayConfigTags = ` resource "aws_vpc" "foo" { cidr_block = "10.1.0.0/16"