Skip to content

Commit

Permalink
improve policy test
Browse files Browse the repository at this point in the history
  • Loading branch information
@DrFaust92
DrFaust92 committed Sep 30, 2020
1 parent 05d2693 commit 11ba015
Showing 1 changed file with 51 additions and 1 deletion.
52 changes: 51 additions & 1 deletion aws/resource_aws_glacier_vault_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,14 +165,31 @@ func TestAccAWSGlacierVault_policy(t *testing.T) {
Check: resource.ComposeTestCheckFunc(
testAccCheckGlacierVaultExists(resourceName, &vault),
resource.TestCheckResourceAttr(resourceName, "name", rName),
resource.TestCheckResourceAttrSet(resourceName, "access_policy"),
resource.TestMatchResourceAttr(resourceName, "access_policy",
regexp.MustCompile(`"Sid":"cross-account-upload".+`)),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
{
Config: testAccGlacierVaultPolicyConfigUpdated(rName),
Check: resource.ComposeTestCheckFunc(
testAccCheckGlacierVaultExists(resourceName, &vault),
resource.TestCheckResourceAttr(resourceName, "name", rName),
resource.TestMatchResourceAttr(resourceName, "access_policy",
regexp.MustCompile(`"Sid":"cross-account-upload1".+`)),
),
},
{
Config: testAccGlacierVaultBasicConfig(rName),
Check: resource.ComposeTestCheckFunc(
testAccCheckGlacierVaultExists(resourceName, &vault),
resource.TestCheckResourceAttr(resourceName, "access_policy", ""),
),
},
},
})
}
Expand Down Expand Up @@ -375,6 +392,39 @@ resource "aws_glacier_vault" "test" {
"AWS": ["*"]
},
"Effect":"Allow",
"Action": [
"glacier:InitiateMultipartUpload",
"glacier:AbortMultipartUpload",
"glacier:CompleteMultipartUpload"
],
"Resource": ["arn:aws:glacier:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:vaults/%[1]s"]
}
]
}
EOF
}
`, rName)
}

func testAccGlacierVaultPolicyConfigUpdated(rName string) string {
return fmt.Sprintf(`
data "aws_region" "current" {}
data "aws_caller_identity" "current" {}
resource "aws_glacier_vault" "test" {
name = %[1]q
access_policy = <<EOF
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"cross-account-upload1",
"Principal": {
"AWS": ["*"]
},
"Effect":"Allow",
"Action": [
"glacier:UploadArchive",
"glacier:InitiateMultipartUpload",
Expand Down

0 comments on commit 11ba015

Please sign in to comment.