Merge pull request #15738 from terraform-providers/t-gov-hardarn-flow…

…-log tests/provider: Fix hardcoded ARN (Flow Log)
hashicorp · Oct 21, 2020 · 8c4a359 · 8c4a359
2 parents 89c5e40 + e5e7834
commit 8c4a359
Showing 1 changed file with 25 additions and 9 deletions.
diff --git a/aws/resource_aws_flow_log_test.go b/aws/resource_aws_flow_log_test.go
@@ -245,7 +245,7 @@ func TestAccAWSFlowLog_LogDestinationType_S3_Invalid(t *testing.T) {
 		Steps: []resource.TestStep{
 			{
 				Config:      testAccFlowLogConfig_LogDestinationType_S3_Invalid(rName),
-				ExpectError: regexp.MustCompile(`Access Denied for LogDestination`),
+				ExpectError: regexp.MustCompile(`(Access Denied for LogDestination|does not exist)`),
 			},
 		},
 	})
@@ -414,6 +414,8 @@ resource "aws_vpc" "test" {
 
 func testAccFlowLogConfig_LogDestinationType_CloudWatchLogs(rName string) string {
 	return testAccFlowLogConfigBase(rName) + fmt.Sprintf(`
+data "aws_partition" "current" {}
+
 resource "aws_iam_role" "test" {
   name = %[1]q
 
@@ -425,7 +427,7 @@ resource "aws_iam_role" "test" {
       "Effect": "Allow",
       "Principal": {
         "Service": [
-          "ec2.amazonaws.com"
+          "ec2.${data.aws_partition.current.dns_suffix}"
         ]
       },
       "Action": [
@@ -469,8 +471,10 @@ resource "aws_flow_log" "test" {
 
 func testAccFlowLogConfig_LogDestinationType_S3_Invalid(rName string) string {
 	return testAccFlowLogConfigBase(rName) + `
+data "aws_partition" "current" {}
+
 resource "aws_flow_log" "test" {
-  log_destination      = "arn:aws:s3:::does-not-exist"
+  log_destination      = "arn:${data.aws_partition.current.partition}:s3:::does-not-exist"
   log_destination_type = "s3"
   traffic_type         = "ALL"
   vpc_id               = aws_vpc.test.id
@@ -489,6 +493,8 @@ resource "aws_subnet" "test" {
   }
 }
 
+data "aws_partition" "current" {}
+
 resource "aws_iam_role" "test" {
   name = %[1]q
 
@@ -500,7 +506,7 @@ resource "aws_iam_role" "test" {
       "Effect": "Allow",
       "Principal": {
         "Service": [
-          "ec2.amazonaws.com"
+          "ec2.${data.aws_partition.current.dns_suffix}"
         ]
       },
       "Action": [
@@ -527,6 +533,8 @@ resource "aws_flow_log" "test" {
 
 func testAccFlowLogConfig_VPCID(rName string) string {
 	return testAccFlowLogConfigBase(rName) + fmt.Sprintf(`
+data "aws_partition" "current" {}
+
 resource "aws_iam_role" "test" {
   name = %[1]q
 
@@ -538,7 +546,7 @@ resource "aws_iam_role" "test" {
       "Effect": "Allow",
       "Principal": {
         "Service": [
-          "ec2.amazonaws.com"
+          "ec2.${data.aws_partition.current.dns_suffix}"
         ]
       },
       "Action": [
@@ -565,6 +573,8 @@ resource "aws_flow_log" "test" {
 
 func testAccFlowLogConfig_LogFormat(rName string) string {
 	return testAccFlowLogConfigBase(rName) + fmt.Sprintf(`
+data "aws_partition" "current" {}
+
 resource "aws_iam_role" "test" {
   name = %[1]q
 
@@ -576,7 +586,7 @@ resource "aws_iam_role" "test" {
       "Effect": "Allow",
       "Principal": {
         "Service": [
-          "ec2.amazonaws.com"
+          "ec2.${data.aws_partition.current.dns_suffix}"
         ]
       },
       "Action": [
@@ -609,6 +619,8 @@ resource "aws_flow_log" "test" {
 
 func testAccFlowLogConfigTags1(rName, tagKey1, tagValue1 string) string {
 	return testAccFlowLogConfigBase(rName) + fmt.Sprintf(`
+data "aws_partition" "current" {}
+
 resource "aws_iam_role" "test" {
   name = %[1]q
 
@@ -620,7 +632,7 @@ resource "aws_iam_role" "test" {
       "Effect": "Allow",
       "Principal": {
         "Service": [
-          "ec2.amazonaws.com"
+          "ec2.${data.aws_partition.current.dns_suffix}"
         ]
       },
       "Action": [
@@ -651,6 +663,8 @@ resource "aws_flow_log" "test" {
 
 func testAccFlowLogConfigTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string {
 	return testAccFlowLogConfigBase(rName) + fmt.Sprintf(`
+data "aws_partition" "current" {}
+
 resource "aws_iam_role" "test" {
   name = %[1]q
 
@@ -662,7 +676,7 @@ resource "aws_iam_role" "test" {
       "Effect": "Allow",
       "Principal": {
         "Service": [
-          "ec2.amazonaws.com"
+          "ec2.${data.aws_partition.current.dns_suffix}"
         ]
       },
       "Action": [
@@ -694,6 +708,8 @@ resource "aws_flow_log" "test" {
 
 func testAccFlowLogConfig_MaxAggregationInterval(rName string) string {
 	return testAccFlowLogConfigBase(rName) + fmt.Sprintf(`
+data "aws_partition" "current" {}
+
 resource "aws_iam_role" "test" {
   name = %[1]q
 
@@ -705,7 +721,7 @@ resource "aws_iam_role" "test" {
       "Effect": "Allow",
       "Principal": {
         "Service": [
-          "ec2.amazonaws.com"
+          "ec2.${data.aws_partition.current.dns_suffix}"
         ]
       },
       "Action": [