mirror of
https://github.com/opentofu/opentofu.git
synced 2025-02-14 17:44:26 -06:00
118 lines
2.6 KiB
Go
118 lines
2.6 KiB
Go
package aws
|
|
|
|
import (
|
|
"fmt"
|
|
"testing"
|
|
|
|
"github.com/awslabs/aws-sdk-go/aws"
|
|
"github.com/awslabs/aws-sdk-go/service/iam"
|
|
"github.com/hashicorp/terraform/helper/resource"
|
|
"github.com/hashicorp/terraform/terraform"
|
|
)
|
|
|
|
func TestAccAWSAccessKey_normal(t *testing.T) {
|
|
var conf iam.AccessKeyMetadata
|
|
|
|
resource.Test(t, resource.TestCase{
|
|
PreCheck: func() { testAccPreCheck(t) },
|
|
Providers: testAccProviders,
|
|
CheckDestroy: testAccCheckAWSAccessKeyDestroy,
|
|
Steps: []resource.TestStep{
|
|
resource.TestStep{
|
|
Config: testAccAWSAccessKeyConfig,
|
|
Check: resource.ComposeTestCheckFunc(
|
|
testAccCheckAWSAccessKeyExists("aws_iam_access_key.a_key", &conf),
|
|
testAccCheckAWSAccessKeyAttributes(&conf),
|
|
),
|
|
},
|
|
},
|
|
})
|
|
}
|
|
|
|
func testAccCheckAWSAccessKeyDestroy(s *terraform.State) error {
|
|
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
|
|
|
|
for _, rs := range s.RootModule().Resources {
|
|
if rs.Type != "aws_access_key" {
|
|
continue
|
|
}
|
|
|
|
// Try to get access key
|
|
resp, err := iamconn.ListAccessKeys(&iam.ListAccessKeysInput{
|
|
UserName: aws.String(rs.Primary.ID),
|
|
})
|
|
if err == nil {
|
|
if len(resp.AccessKeyMetadata) > 0 {
|
|
return fmt.Errorf("still exist.")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Verify the error is what we want
|
|
ec2err, ok := err.(aws.APIError)
|
|
if !ok {
|
|
return err
|
|
}
|
|
if ec2err.Code != "NoSuchEntity" {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func testAccCheckAWSAccessKeyExists(n string, res *iam.AccessKeyMetadata) resource.TestCheckFunc {
|
|
return func(s *terraform.State) error {
|
|
rs, ok := s.RootModule().Resources[n]
|
|
if !ok {
|
|
return fmt.Errorf("Not found: %s", n)
|
|
}
|
|
|
|
if rs.Primary.ID == "" {
|
|
return fmt.Errorf("No Role name is set")
|
|
}
|
|
|
|
iamconn := testAccProvider.Meta().(*AWSClient).iamconn
|
|
|
|
resp, err := iamconn.ListAccessKeys(&iam.ListAccessKeysInput{
|
|
UserName: aws.String("testuser"),
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if len(resp.AccessKeyMetadata) != 1 ||
|
|
*resp.AccessKeyMetadata[0].UserName != "testuser" {
|
|
return fmt.Errorf("User not found not found")
|
|
}
|
|
|
|
*res = *resp.AccessKeyMetadata[0]
|
|
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func testAccCheckAWSAccessKeyAttributes(accessKeyMetadata *iam.AccessKeyMetadata) resource.TestCheckFunc {
|
|
return func(s *terraform.State) error {
|
|
if *accessKeyMetadata.UserName != "testuser" {
|
|
return fmt.Errorf("Bad username: %s", *accessKeyMetadata.UserName)
|
|
}
|
|
|
|
if *accessKeyMetadata.Status != "Active" {
|
|
return fmt.Errorf("Bad status: %s", *accessKeyMetadata.Status)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
}
|
|
|
|
const testAccAWSAccessKeyConfig = `
|
|
resource "aws_iam_user" "a_user" {
|
|
name = "testuser"
|
|
}
|
|
|
|
resource "aws_iam_access_key" "a_key" {
|
|
user = "${aws_iam_user.a_user.name}"
|
|
}
|
|
`
|