mirror of
synced 2025-02-20 11:48:24 -06:00
fixes #9110 An error was found where, static_routes_only was not set on a vpn connection import. This commit introduces setting the static_routes_only to false when no Options are found. This follows the AWS convention as follows: ``` - options (structure) Indicates whether the VPN connection requires static routes. If you are creating a VPN connection for a device that does not support BGP, you must specify true . Default: false ``` So we take it that `static_options_only` is false by default ``` % make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpnConnection_' ==> Checking that code complies with gofmt requirements... go generate $(go list ./... | grep -v /terraform/vendor/) 2016/11/02 10:38:18 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpnConnection_ -timeout 120m === RUN TestAccAWSVpnConnection_importBasic --- PASS: TestAccAWSVpnConnection_importBasic (178.29s) === RUN TestAccAWSVpnConnection_basic --- PASS: TestAccAWSVpnConnection_basic (336.81s) === RUN TestAccAWSVpnConnection_withoutStaticRoutes --- PASS: TestAccAWSVpnConnection_withoutStaticRoutes (195.45s) PASS ok github.com/hashicorp/terraform/builtin/providers/aws 710.572s ```
231 lines
5.6 KiB
231 lines
5.6 KiB
package aws
import (
func TestAccAWSVpnConnection_basic(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
IDRefreshName: "aws_vpn_connection.foo",
Providers: testAccProviders,
CheckDestroy: testAccAwsVpnConnectionDestroy,
Steps: []resource.TestStep{
Config: testAccAwsVpnConnectionConfig,
Check: resource.ComposeTestCheckFunc(
Config: testAccAwsVpnConnectionConfigUpdate,
Check: resource.ComposeTestCheckFunc(
func TestAccAWSVpnConnection_withoutStaticRoutes(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
IDRefreshName: "aws_vpn_connection.foo",
Providers: testAccProviders,
CheckDestroy: testAccAwsVpnConnectionDestroy,
Steps: []resource.TestStep{
Config: testAccAwsVpnConnectionConfigUpdate,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("aws_vpn_connection.foo", "static_routes_only", "false"),
func testAccAwsVpnConnectionDestroy(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).ec2conn
for _, rs := range s.RootModule().Resources {
if rs.Type != "aws_vpn_connection" {
resp, err := conn.DescribeVpnConnections(&ec2.DescribeVpnConnectionsInput{
VpnConnectionIds: []*string{aws.String(rs.Primary.ID)},
if err != nil {
if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVpnConnectionID.NotFound" {
// not found
return nil
return err
var vpn *ec2.VpnConnection
for _, v := range resp.VpnConnections {
if v.VpnConnectionId != nil && *v.VpnConnectionId == rs.Primary.ID {
vpn = v
if vpn == nil {
// vpn connection not found
return nil
if vpn.State != nil && *vpn.State == "deleted" {
return nil
return nil
func testAccAwsVpnConnection(
vpcResource string,
vpnGatewayResource string,
customerGatewayResource string,
vpnConnectionResource string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[vpnConnectionResource]
if !ok {
return fmt.Errorf("Not found: %s", vpnConnectionResource)
if rs.Primary.ID == "" {
return fmt.Errorf("No ID is set")
connection, ok := s.RootModule().Resources[vpnConnectionResource]
if !ok {
return fmt.Errorf("Not found: %s", vpnConnectionResource)
ec2conn := testAccProvider.Meta().(*AWSClient).ec2conn
_, err := ec2conn.DescribeVpnConnections(&ec2.DescribeVpnConnectionsInput{
VpnConnectionIds: []*string{aws.String(connection.Primary.ID)},
if err != nil {
return err
return nil
func TestAWSVpnConnection_xmlconfig(t *testing.T) {
tunnelInfo, err := xmlConfigToTunnelInfo(testAccAwsVpnTunnelInfoXML)
if err != nil {
t.Fatalf("Error unmarshalling XML: %s", err)
if tunnelInfo.Tunnel1Address != "FIRST_ADDRESS" {
t.Fatalf("First address from tunnel XML was incorrect.")
if tunnelInfo.Tunnel1PreSharedKey != "FIRST_KEY" {
t.Fatalf("First key from tunnel XML was incorrect.")
if tunnelInfo.Tunnel2Address != "SECOND_ADDRESS" {
t.Fatalf("Second address from tunnel XML was incorrect.")
if tunnelInfo.Tunnel2PreSharedKey != "SECOND_KEY" {
t.Fatalf("Second key from tunnel XML was incorrect.")
const testAccAwsVpnConnectionConfig = `
resource "aws_vpn_gateway" "vpn_gateway" {
tags {
Name = "vpn_gateway"
resource "aws_customer_gateway" "customer_gateway" {
bgp_asn = 65000
ip_address = ""
type = "ipsec.1"
resource "aws_vpn_connection" "foo" {
vpn_gateway_id = "${aws_vpn_gateway.vpn_gateway.id}"
customer_gateway_id = "${aws_customer_gateway.customer_gateway.id}"
type = "ipsec.1"
static_routes_only = true
// Change static_routes_only to be false, forcing a refresh.
const testAccAwsVpnConnectionConfigUpdate = `
resource "aws_vpn_gateway" "vpn_gateway" {
tags {
Name = "vpn_gateway"
resource "aws_customer_gateway" "customer_gateway" {
bgp_asn = 65000
ip_address = ""
type = "ipsec.1"
resource "aws_vpn_connection" "foo" {
vpn_gateway_id = "${aws_vpn_gateway.vpn_gateway.id}"
customer_gateway_id = "${aws_customer_gateway.customer_gateway.id}"
type = "ipsec.1"
static_routes_only = false
// Test our VPN tunnel config XML parsing
const testAccAwsVpnTunnelInfoXML = `
<vpn_connection id="vpn-abc123">