diff --git a/aws/data_source_aws_route_test.go b/aws/data_source_aws_route_test.go index 29fede2dc29..9bcba44af9f 100644 --- a/aws/data_source_aws_route_test.go +++ b/aws/data_source_aws_route_test.go @@ -48,7 +48,6 @@ func TestAccAWSRouteDataSource_basic(t *testing.T) { } func TestAccAWSRouteDataSource_TransitGatewayID(t *testing.T) { - var route ec2.Route dataSourceName := "data.aws_route.test" resourceName := "aws_route.test" rName := acctest.RandomWithPrefix("tf-acc-test") @@ -62,7 +61,6 @@ func TestAccAWSRouteDataSource_TransitGatewayID(t *testing.T) { { Config: testAccAWSRouteDataSourceConfigIpv4TransitGateway(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists(resourceName, &route), resource.TestCheckResourceAttrPair(resourceName, "destination_cidr_block", dataSourceName, "destination_cidr_block"), resource.TestCheckResourceAttrPair(resourceName, "route_table_id", dataSourceName, "route_table_id"), resource.TestCheckResourceAttrPair(resourceName, "transit_gateway_id", dataSourceName, "transit_gateway_id"), @@ -95,7 +93,6 @@ func TestAccAWSRouteDataSource_IPv6DestinationCidr(t *testing.T) { } func TestAccAWSRouteDataSource_LocalGatewayID(t *testing.T) { - var route ec2.Route dataSourceName := "data.aws_route.by_local_gateway_id" resourceName := "aws_route.test" rName := acctest.RandomWithPrefix("tf-acc-test") @@ -109,7 +106,6 @@ func TestAccAWSRouteDataSource_LocalGatewayID(t *testing.T) { { Config: testAccAWSRouteDataSourceConfigIpv4LocalGateway(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists(resourceName, &route), resource.TestCheckResourceAttrPair(resourceName, "destination_cidr_block", dataSourceName, "destination_cidr_block"), resource.TestCheckResourceAttrPair(resourceName, "route_table_id", dataSourceName, "route_table_id"), resource.TestCheckResourceAttrPair(resourceName, "local_gateway_id", dataSourceName, "local_gateway_id"), diff --git a/aws/resource_aws_route_test.go b/aws/resource_aws_route_test.go index fc284ca32bc..eec6ed53cd3 100644 --- a/aws/resource_aws_route_test.go +++ b/aws/resource_aws_route_test.go @@ -10,27 +10,14 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" ) +// IPv4 to Internet Gateway. func TestAccAWSRoute_basic(t *testing.T) { - var route ec2.Route - - //aws creates a default route - testCheck := func(s *terraform.State) error { - if *route.DestinationCidrBlock != "10.3.0.0/16" { - return fmt.Errorf("Destination Cidr (Expected=%s, Actual=%s)\n", "10.3.0.0/16", *route.DestinationCidrBlock) - } - - name := "aws_internet_gateway.foo" - gwres, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("Not found: %s\n", name) - } - - if *route.GatewayId != gwres.Primary.ID { - return fmt.Errorf("Internet Gateway Id (Expected=%s, Actual=%s)\n", gwres.Primary.ID, *route.GatewayId) - } - - return nil - } + var routeTable ec2.RouteTable + resourceName := "aws_route.test" + igwResourceName := "aws_internet_gateway.test" + rtResourceName := "aws_route_table.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -39,16 +26,31 @@ func TestAccAWSRoute_basic(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteBasicConfig(), + Config: testAccAWSRouteConfigIpv4InternetGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &route), - testCheck, + testAccCheckRouteTableExists(rtResourceName, &routeTable), + testAccCheckAWSRouteTableNumberOfRoutes(&routeTable, 2), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "gateway_id", igwResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.bar", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.bar"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, @@ -56,7 +58,9 @@ func TestAccAWSRoute_basic(t *testing.T) { } func TestAccAWSRoute_disappears(t *testing.T) { - var route ec2.Route + resourceName := "aws_route.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -65,10 +69,9 @@ func TestAccAWSRoute_disappears(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteBasicConfig(), + Config: testAccAWSRouteConfigIpv4InternetGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &route), - testAccCheckResourceDisappears(testAccProvider, resourceAwsRoute(), "aws_route.bar"), + testAccCheckResourceDisappears(testAccProvider, resourceAwsRoute(), resourceName), ), ExpectNonEmptyPlan: true, }, @@ -76,23 +79,33 @@ func TestAccAWSRoute_disappears(t *testing.T) { }) } -func TestAccAWSRoute_ipv6Support(t *testing.T) { - var route ec2.Route - - //aws creates a default route - testCheck := func(s *terraform.State) error { - name := "aws_egress_only_internet_gateway.foo" - gwres, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("Not found: %s\n", name) - } +func TestAccAWSRoute_disappears_RouteTable(t *testing.T) { + rtResourceName := "aws_route_table.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" - if *route.EgressOnlyInternetGatewayId != gwres.Primary.ID { - return fmt.Errorf("Egress Only Internet Gateway Id (Expected=%s, Actual=%s)\n", gwres.Primary.ID, *route.EgressOnlyInternetGatewayId) - } + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteConfigIpv4InternetGateway(rName, destinationCidr), + Check: resource.ComposeTestCheckFunc( + testAccCheckResourceDisappears(testAccProvider, resourceAwsRouteTable(), rtResourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} - return nil - } +func TestAccAWSRoute_IPv6_To_EgressOnlyInternetGateway(t *testing.T) { + resourceName := "aws_route.test" + eoigwResourceName := "aws_egress_only_internet_gateway.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "::/0" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -101,29 +114,45 @@ func TestAccAWSRoute_ipv6Support(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteConfigIpv6(), + Config: testAccAWSRouteConfigIpv6EgressOnlyInternetGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &route), - testCheck, - resource.TestCheckResourceAttr("aws_route.bar", "destination_ipv6_cidr_block", "::/0"), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "egress_only_gateway_id", eoigwResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.bar", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.bar"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, { - Config: testAccAWSRouteConfigIpv6Expanded(), + // Verify that expanded form of the destination CIDR causes no diff. + Config: testAccAWSRouteConfigIpv6EgressOnlyInternetGateway(rName, "::0/0"), PlanOnly: true, }, }, }) } -func TestAccAWSRoute_ipv6ToInternetGateway(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_IPv6_To_InternetGateway(t *testing.T) { + resourceName := "aws_route.test" + igwResourceName := "aws_internet_gateway.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "::/0" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -132,23 +161,40 @@ func TestAccAWSRoute_ipv6ToInternetGateway(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteConfigIpv6InternetGateway(), + Config: testAccAWSRouteConfigIpv6InternetGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.igw", &route), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "gateway_id", igwResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.igw", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.igw"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, }) } -func TestAccAWSRoute_ipv6ToInstance(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_IPv6_To_Instance(t *testing.T) { + resourceName := "aws_route.test" + instanceResourceName := "aws_instance.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "::/0" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -157,27 +203,40 @@ func TestAccAWSRoute_ipv6ToInstance(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteConfigIpv6Instance(), + Config: testAccAWSRouteConfigIpv6Instance(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.internal-default-route-ipv6", &route), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "instance_id", instanceResourceName, "id"), + testAccCheckResourceAttrAccountID(resourceName, "instance_owner_id"), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "network_interface_id", instanceResourceName, "primary_network_interface_id"), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.internal-default-route-ipv6", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.internal-default-route-ipv6"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, - { - Config: testAccAWSRouteConfigIpv6InstanceExpanded(), - PlanOnly: true, - }, }, }) } -func TestAccAWSRoute_ipv6ToNetworkInterface(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_IPv6_To_NetworkInterface_Unattached(t *testing.T) { + resourceName := "aws_route.test" + eniResourceName := "aws_network_interface.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "::/0" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -186,23 +245,40 @@ func TestAccAWSRoute_ipv6ToNetworkInterface(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteConfigIpv6NetworkInterface(), + Config: testAccAWSRouteConfigIpv6NetworkInterfaceUnattached(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.internal-default-route-ipv6", &route), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "network_interface_id", eniResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateBlackhole), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.internal-default-route-ipv6", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.internal-default-route-ipv6"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, }) } -func TestAccAWSRoute_ipv6ToPeeringConnection(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_IPv6_To_VpcPeeringConnection(t *testing.T) { + resourceName := "aws_route.test" + pcxResourceName := "aws_vpc_peering_connection.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "::/0" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -211,24 +287,40 @@ func TestAccAWSRoute_ipv6ToPeeringConnection(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteConfigIpv6PeeringConnection(), + Config: testAccAWSRouteConfigIpv6VpcPeeringConnection(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.pc", &route), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "vpc_peering_connection_id", pcxResourceName, "id"), ), }, { - ResourceName: "aws_route.pc", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.pc"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, }) } -func TestAccAWSRoute_changeRouteTable(t *testing.T) { - var before ec2.Route - var after ec2.Route +func TestAccAWSRoute_IPv6_To_VpnGateway(t *testing.T) { + resourceName := "aws_route.test" + vgwResourceName := "aws_vpn_gateway.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "::/0" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -237,71 +329,82 @@ func TestAccAWSRoute_changeRouteTable(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteBasicConfig(), + Config: testAccAWSRouteConfigIpv6VpnGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &before), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "gateway_id", vgwResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - Config: testAccAWSRouteNewRouteTable(), + ResourceName: resourceName, + ImportState: true, + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSRoute_IPv4_To_VpnGateway(t *testing.T) { + resourceName := "aws_route.test" + vgwResourceName := "aws_vpn_gateway.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteConfigIpv4VpnGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &after), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "gateway_id", vgwResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.bar", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.bar"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, }) } -func TestAccAWSRoute_changeCidr(t *testing.T) { - var route ec2.Route - var routeTable ec2.RouteTable - - //aws creates a default route - testCheck := func(s *terraform.State) error { - if *route.DestinationCidrBlock != "10.3.0.0/16" { - return fmt.Errorf("Destination Cidr (Expected=%s, Actual=%s)\n", "10.3.0.0/16", *route.DestinationCidrBlock) - } - - name := "aws_internet_gateway.foo" - gwres, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("Not found: %s\n", name) - } - - if *route.GatewayId != gwres.Primary.ID { - return fmt.Errorf("Internet Gateway Id (Expected=%s, Actual=%s)\n", gwres.Primary.ID, *route.GatewayId) - } - - return nil - } - - testCheckChange := func(s *terraform.State) error { - if *route.DestinationCidrBlock != "10.2.0.0/16" { - return fmt.Errorf("Destination Cidr (Expected=%s, Actual=%s)\n", "10.2.0.0/16", *route.DestinationCidrBlock) - } - - name := "aws_internet_gateway.foo" - gwres, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("Not found: %s\n", name) - } - - if *route.GatewayId != gwres.Primary.ID { - return fmt.Errorf("Internet Gateway Id (Expected=%s, Actual=%s)\n", gwres.Primary.ID, *route.GatewayId) - } - - if rtlen := len(routeTable.Routes); rtlen != 2 { - return fmt.Errorf("Route Table has too many routes (Expected=%d, Actual=%d)\n", rtlen, 2) - } - - return nil - } +func TestAccAWSRoute_IPv4_To_Instance(t *testing.T) { + resourceName := "aws_route.test" + instanceResourceName := "aws_instance.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -310,41 +413,83 @@ func TestAccAWSRoute_changeCidr(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteBasicConfig(), + Config: testAccAWSRouteConfigIpv4Instance(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &route), - testCheck, + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "instance_id", instanceResourceName, "id"), + testAccCheckResourceAttrAccountID(resourceName, "instance_owner_id"), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "network_interface_id", instanceResourceName, "primary_network_interface_id"), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - Config: testAccAWSRouteBasicConfigChangeCidr(), + ResourceName: resourceName, + ImportState: true, + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSRoute_IPv4_To_NetworkInterface_Unattached(t *testing.T) { + resourceName := "aws_route.test" + eniResourceName := "aws_network_interface.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteConfigIpv4NetworkInterfaceUnattached(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &route), - testAccCheckRouteTableExists("aws_route_table.foo", &routeTable), - testCheckChange, + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "network_interface_id", eniResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateBlackhole), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.bar", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.bar"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, }) } -func TestAccAWSRoute_noopdiff(t *testing.T) { - var route ec2.Route - var routeTable ec2.RouteTable - - testCheck := func(s *terraform.State) error { - return nil - } - - testCheckChange := func(s *terraform.State) error { - return nil - } +func TestAccAWSRoute_IPv4_To_NetworkInterface_Attached(t *testing.T) { + resourceName := "aws_route.test" + eniResourceName := "aws_network_interface.test" + instanceResourceName := "aws_instance.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -353,32 +498,103 @@ func TestAccAWSRoute_noopdiff(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteNoopChange(), + Config: testAccAWSRouteConfigIpv4NetworkInterfaceAttached(rName, destinationCidr), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "instance_id", instanceResourceName, "id"), + testAccCheckResourceAttrAccountID(resourceName, "instance_owner_id"), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "network_interface_id", eniResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), + ImportStateVerify: true, + }, + }, + }) +} + +/* +func TestAccAWSRoute_IPv4_To_NetworkInterface_TwoAttachments(t *testing.T) { + resourceName := "aws_route.test" + eni1ResourceName := "aws_network_interface.test1" + eni2ResourceName := "aws_network_interface.test2" + instanceResourceName := "aws_instance.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + testAccPreCheck(t) + }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteConfigIpv4NetworkInterfaceTwoAttachments(rName, destinationCidr, eni1ResourceName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.test", &route), - testCheck, + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "instance_id", instanceResourceName, "id"), + testAccCheckResourceAttrAccountID(resourceName, "instance_owner_id"), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "network_interface_id", eni1ResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - Config: testAccAWSRouteNoopChange(), + Config: testAccAWSRouteConfigIpv4NetworkInterfaceTwoAttachments(rName, destinationCidr, eni2ResourceName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.test", &route), - testAccCheckRouteTableExists("aws_route_table.test", &routeTable), - testCheckChange, + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "instance_id", instanceResourceName, "id"), + testAccCheckResourceAttrAccountID(resourceName, "instance_owner_id"), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "network_interface_id", eni2ResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - ResourceName: "aws_route.test", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.test"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, }) } +*/ -func TestAccAWSRoute_doesNotCrashWithVPCEndpoint(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_IPv4_To_VpcPeeringConnection(t *testing.T) { + resourceName := "aws_route.test" + pcxResourceName := "aws_vpc_peering_connection.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -387,25 +603,40 @@ func TestAccAWSRoute_doesNotCrashWithVPCEndpoint(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteWithVPCEndpoint(), + Config: testAccAWSRouteConfigIpv4VpcPeeringConnection(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists("aws_route.bar", &route), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "vpc_peering_connection_id", pcxResourceName, "id"), ), }, { - ResourceName: "aws_route.bar", + ResourceName: resourceName, ImportState: true, - ImportStateIdFunc: testAccAWSRouteImportStateIdFunc("aws_route.bar"), + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), ImportStateVerify: true, }, }, }) } -func TestAccAWSRoute_TransitGatewayID_DestinationCidrBlock(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_IPv4_To_NatGateway(t *testing.T) { resourceName := "aws_route.test" - transitGatewayResourceName := "aws_ec2_transit_gateway.test" + ngwResourceName := "aws_nat_gateway.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -414,10 +645,23 @@ func TestAccAWSRoute_TransitGatewayID_DestinationCidrBlock(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteConfigTransitGatewayIDDestinatationCidrBlock(), + Config: testAccAWSRouteConfigIpv4NatGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists(resourceName, &route), - resource.TestCheckResourceAttrPair(resourceName, "transit_gateway_id", transitGatewayResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "nat_gateway_id", ngwResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { @@ -430,22 +674,23 @@ func TestAccAWSRoute_TransitGatewayID_DestinationCidrBlock(t *testing.T) { }) } -func TestAccAWSRoute_LocalGatewayID(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_DoesNotCrashWithVpcEndpoint(t *testing.T) { + var routeTable ec2.RouteTable resourceName := "aws_route.test" - localGatewayDataSourceName := "data.aws_ec2_local_gateway.first" + rtResourceName := "aws_route_table.test" + rName := acctest.RandomWithPrefix("tf-acc-test") resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSOutpostsOutposts(t) }, + PreCheck: func() { testAccPreCheck(t) }, ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), Providers: testAccProviders, CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteResourceConfigLocalGatewayID(), + Config: testAccAWSRouteConfigWithVpcEndpoint(rName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists(resourceName, &route), - resource.TestCheckResourceAttrPair(resourceName, "local_gateway_id", localGatewayDataSourceName, "id"), + testAccCheckRouteTableExists(rtResourceName, &routeTable), + testAccCheckAWSRouteTableNumberOfRoutes(&routeTable, 3), ), }, { @@ -458,10 +703,11 @@ func TestAccAWSRoute_LocalGatewayID(t *testing.T) { }) } -func TestAccAWSRoute_ConditionalCidrBlock(t *testing.T) { - var route ec2.Route +func TestAccAWSRoute_IPv4_To_TransitGateway(t *testing.T) { resourceName := "aws_route.test" + tgwResourceName := "aws_ec2_transit_gateway.test" rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.3.0.0/16" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -470,19 +716,65 @@ func TestAccAWSRoute_ConditionalCidrBlock(t *testing.T) { CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteConfigConditionalIpv4Ipv6(rName, false), + Config: testAccAWSRouteConfigIpv4TransitGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists(resourceName, &route), - resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", "0.0.0.0/0"), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttrPair(resourceName, "transit_gateway_id", tgwResourceName, "id"), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { - Config: testAccAWSRouteConfigConditionalIpv4Ipv6(rName, true), + ResourceName: resourceName, + ImportState: true, + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSRoute_IPv6_To_TransitGateway(t *testing.T) { + resourceName := "aws_route.test" + tgwResourceName := "aws_ec2_transit_gateway.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "::/0" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteConfigIpv6TransitGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists(resourceName, &route), resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), - resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", "::/0"), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttrPair(resourceName, "transit_gateway_id", tgwResourceName, "id"), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { @@ -495,23 +787,36 @@ func TestAccAWSRoute_ConditionalCidrBlock(t *testing.T) { }) } -func TestAccAWSRoute_VpcEndpointId(t *testing.T) { - var route ec2.Route - rName := acctest.RandomWithPrefix("tf-acc-test") +func TestAccAWSRoute_IPv4_To_LocalGateway(t *testing.T) { resourceName := "aws_route.test" - vpcEndpointResourceName := "aws_vpc_endpoint.test" + localGatewayDataSourceName := "data.aws_ec2_local_gateway.first" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "172.16.1.0/24" resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t); testAccPreCheckElbv2GatewayLoadBalancer(t) }, + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSOutpostsOutposts(t) }, ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), Providers: testAccProviders, CheckDestroy: testAccCheckAWSRouteDestroy, Steps: []resource.TestStep{ { - Config: testAccAWSRouteResourceConfigVpcEndpointId(rName), + Config: testAccAWSRouteResourceConfigIpv4LocalGateway(rName, destinationCidr), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSRouteExists(resourceName, &route), - resource.TestCheckResourceAttrPair(resourceName, "vpc_endpoint_id", vpcEndpointResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "local_gateway_id", localGatewayDataSourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), ), }, { @@ -524,43 +829,130 @@ func TestAccAWSRoute_VpcEndpointId(t *testing.T) { }) } -func testAccCheckAWSRouteExists(n string, res *ec2.Route) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[n] - if !ok { - return fmt.Errorf("Not found: %s\n", n) - } - - if rs.Primary.ID == "" { - return fmt.Errorf("No ID is set") - } - - conn := testAccProvider.Meta().(*AWSClient).ec2conn - r, err := resourceAwsRouteFindRoute( - conn, - rs.Primary.Attributes["route_table_id"], - rs.Primary.Attributes["destination_cidr_block"], - rs.Primary.Attributes["destination_ipv6_cidr_block"], - ) - - if err != nil { - return err - } - - if r == nil { - return fmt.Errorf("Route not found") - } - - *res = *r +func TestAccAWSRoute_IPv6_To_LocalGateway(t *testing.T) { + resourceName := "aws_route.test" + localGatewayDataSourceName := "data.aws_ec2_local_gateway.first" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "2002:bc9:1234:1a00::/56" - return nil - } + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSOutpostsOutposts(t) }, + ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteResourceConfigIpv6LocalGateway(rName, destinationCidr), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "local_gateway_id", localGatewayDataSourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "vpc_endpoint_id", ""), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), + ImportStateVerify: true, + }, + }, + }) } -func testAccCheckAWSRouteDestroy(s *terraform.State) error { - for _, rs := range s.RootModule().Resources { - if rs.Type != "aws_route" { - continue +func TestAccAWSRoute_ConditionalCidrBlock(t *testing.T) { + resourceName := "aws_route.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + destinationCidr := "10.2.0.0/16" + destinationIpv6Cidr := "::/0" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteConfigConditionalIpv4Ipv6(rName, destinationCidr, destinationIpv6Cidr, false), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + ), + }, + { + Config: testAccAWSRouteConfigConditionalIpv4Ipv6(rName, destinationCidr, destinationIpv6Cidr, true), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", destinationIpv6Cidr), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccAWSRoute_IPv4_To_VpcEndpoint(t *testing.T) { + rName := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_route.test" + vpcEndpointResourceName := "aws_vpc_endpoint.test" + destinationCidr := "172.16.1.0/24" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckElbv2GatewayLoadBalancer(t) }, + ErrorCheck: testAccErrorCheck(t, ec2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSRouteDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSRouteResourceConfigIpv4VpcEndpoint(rName, destinationCidr), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "destination_cidr_block", destinationCidr), + resource.TestCheckResourceAttr(resourceName, "destination_ipv6_cidr_block", ""), + resource.TestCheckResourceAttr(resourceName, "destination_prefix_list_id", ""), + resource.TestCheckResourceAttr(resourceName, "egress_only_gateway_id", ""), + // TODO resource.TestCheckResourceAttr(resourceName, "gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_id", ""), + resource.TestCheckResourceAttr(resourceName, "instance_owner_id", ""), + resource.TestCheckResourceAttr(resourceName, "local_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "nat_gateway_id", ""), + resource.TestCheckResourceAttr(resourceName, "network_interface_id", ""), + resource.TestCheckResourceAttr(resourceName, "origin", ec2.RouteOriginCreateRoute), + resource.TestCheckResourceAttr(resourceName, "state", ec2.RouteStateActive), + resource.TestCheckResourceAttr(resourceName, "transit_gateway_id", ""), + resource.TestCheckResourceAttrPair(resourceName, "vpc_endpoint_id", vpcEndpointResourceName, "id"), + resource.TestCheckResourceAttr(resourceName, "vpc_peering_connection_id", ""), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateIdFunc: testAccAWSRouteImportStateIdFunc(resourceName), + ImportStateVerify: true, + }, + }, + }) +} + +func testAccCheckAWSRouteDestroy(s *terraform.State) error { + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_route" { + continue } conn := testAccProvider.Meta().(*AWSClient).ec2conn @@ -595,682 +987,946 @@ func testAccAWSRouteImportStateIdFunc(resourceName string) resource.ImportStateI } } -func testAccAWSRouteBasicConfig() string { - return ` -resource "aws_vpc" "foo" { +func testAccAWSRouteConfigIpv4InternetGateway(rName, destinationCidr string) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { cidr_block = "10.1.0.0/16" tags = { - Name = "terraform-testacc-route-basic" + Name = %[1]q + } +} + +resource "aws_internet_gateway" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q } } -resource "aws_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id tags = { - Name = "terraform-testacc-route-basic" + Name = %[1]q } } -resource "aws_route_table" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + gateway_id = aws_internet_gateway.test.id +} +`, rName, destinationCidr) } -resource "aws_route" "bar" { - route_table_id = aws_route_table.foo.id - destination_cidr_block = "10.3.0.0/16" - gateway_id = aws_internet_gateway.foo.id +func testAccAWSRouteConfigIpv6InternetGateway(rName, destinationCidr string) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + assign_generated_ipv6_cidr_block = true + + tags = { + Name = %[1]q + } +} + +resource "aws_egress_only_internet_gateway" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_internet_gateway" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_ipv6_cidr_block = %[2]q + gateway_id = aws_internet_gateway.test.id } -` +`, rName, destinationCidr) } -func testAccAWSRouteConfigIpv6InternetGateway() string { - return ` -resource "aws_vpc" "foo" { +func testAccAWSRouteConfigIpv6NetworkInterfaceUnattached(rName, destinationCidr string) string { + return composeConfig( + testAccAvailableAZsNoOptInConfig(), + fmt.Sprintf(` +resource "aws_vpc" "test" { cidr_block = "10.1.0.0/16" assign_generated_ipv6_cidr_block = true tags = { - Name = "terraform-testacc-route-ipv6-igw" + Name = %[1]q } } -resource "aws_egress_only_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + availability_zone = data.aws_availability_zones.available.names[0] + ipv6_cidr_block = cidrsubnet(aws_vpc.test.ipv6_cidr_block, 8, 1) + + tags = { + Name = %[1]q + } } -resource "aws_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_network_interface" "test" { + subnet_id = aws_subnet.test.id tags = { - Name = "terraform-testacc-route-ipv6-igw" + Name = %[1]q } } -resource "aws_route_table" "external" { - vpc_id = aws_vpc.foo.id +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } -resource "aws_route" "igw" { - route_table_id = aws_route_table.external.id - destination_ipv6_cidr_block = "::/0" - gateway_id = aws_internet_gateway.foo.id +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_ipv6_cidr_block = %[2]q + network_interface_id = aws_network_interface.test.id } -` +`, rName, destinationCidr)) } -func testAccAWSRouteConfigIpv6NetworkInterface() string { +func testAccAWSRouteConfigIpv6Instance(rName, destinationCidr string) string { return composeConfig( - testAccAvailableEc2InstanceTypeForAvailabilityZone("aws_subnet.router-network.availability_zone", "t2.small", "t3.small"), - testAccLatestAmazonLinuxHvmEbsAmiConfig(), ` -resource "aws_vpc" "examplevpc" { - cidr_block = "10.100.0.0/16" - enable_dns_hostnames = true + testAccLatestAmazonNatInstanceAmiConfig(), + testAccAvailableAZsNoOptInConfig(), + testAccAvailableEc2InstanceTypeForAvailabilityZone("data.aws_availability_zones.available.names[0]", "t3.micro", "t2.micro"), + fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" assign_generated_ipv6_cidr_block = true tags = { - Name = "terraform-testacc-route-ipv6-network-interface" + Name = %[1]q } } -data "aws_availability_zones" "available" { - state = "available" +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + availability_zone = data.aws_availability_zones.available.names[0] + ipv6_cidr_block = cidrsubnet(aws_vpc.test.ipv6_cidr_block, 8, 1) - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] + tags = { + Name = %[1]q } } -resource "aws_internet_gateway" "internet" { - vpc_id = aws_vpc.examplevpc.id +resource "aws_instance" "test" { + ami = data.aws_ami.amzn-ami-nat-instance.id + instance_type = data.aws_ec2_instance_type_offering.available.instance_type + subnet_id = aws_subnet.test.id + + ipv6_address_count = 1 tags = { - Name = "terraform-testacc-route-ipv6-network-interface" + Name = %[1]q } } -resource "aws_route" "igw" { - route_table_id = aws_vpc.examplevpc.main_route_table_id - destination_cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.internet.id +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } -resource "aws_route" "igw-ipv6" { - route_table_id = aws_vpc.examplevpc.main_route_table_id - destination_ipv6_cidr_block = "::/0" - gateway_id = aws_internet_gateway.internet.id +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_ipv6_cidr_block = %[2]q + instance_id = aws_instance.test.id +} +`, rName, destinationCidr)) } -resource "aws_subnet" "router-network" { - cidr_block = "10.100.1.0/24" - vpc_id = aws_vpc.examplevpc.id - ipv6_cidr_block = cidrsubnet(aws_vpc.examplevpc.ipv6_cidr_block, 8, 1) - assign_ipv6_address_on_creation = true - map_public_ip_on_launch = true - availability_zone = data.aws_availability_zones.available.names[0] +func testAccAWSRouteConfigIpv6VpcPeeringConnection(rName, destinationCidr string) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + assign_generated_ipv6_cidr_block = true tags = { - Name = "tf-acc-route-ipv6-network-interface-router" + Name = %[1]q } } -resource "aws_subnet" "client-network" { - cidr_block = "10.100.10.0/24" - vpc_id = aws_vpc.examplevpc.id - ipv6_cidr_block = cidrsubnet(aws_vpc.examplevpc.ipv6_cidr_block, 8, 2) - assign_ipv6_address_on_creation = true - map_public_ip_on_launch = false - availability_zone = data.aws_availability_zones.available.names[0] +resource "aws_vpc" "target" { + cidr_block = "10.0.0.0/16" + assign_generated_ipv6_cidr_block = true tags = { - Name = "tf-acc-route-ipv6-network-interface-client" + Name = %[1]q } } -resource "aws_route_table" "client-routes" { - vpc_id = aws_vpc.examplevpc.id +resource "aws_vpc_peering_connection" "test" { + vpc_id = aws_vpc.test.id + peer_vpc_id = aws_vpc.target.id + auto_accept = true + + tags = { + Name = %[1]q + } } -resource "aws_route_table_association" "client-routes" { - route_table_id = aws_route_table.client-routes.id - subnet_id = aws_subnet.client-network.id +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } -resource "aws_instance" "test-router" { - ami = data.aws_ami.amzn-ami-minimal-hvm-ebs.id - instance_type = data.aws_ec2_instance_type_offering.available.instance_type - subnet_id = aws_subnet.router-network.id +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_ipv6_cidr_block = %[2]q + vpc_peering_connection_id = aws_vpc_peering_connection.test.id +} +`, rName, destinationCidr) +} + +func testAccAWSRouteConfigIpv6EgressOnlyInternetGateway(rName, destinationCidr string) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + assign_generated_ipv6_cidr_block = true + + tags = { + Name = %[1]q + } +} + +resource "aws_egress_only_internet_gateway" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_ipv6_cidr_block = %[2]q + egress_only_gateway_id = aws_egress_only_internet_gateway.test.id +} +`, rName, destinationCidr) +} + +func testAccAWSRouteConfigWithVpcEndpoint(rName string) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + + tags = { + Name = %[1]q + } +} + +resource "aws_internet_gateway" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } -resource "aws_network_interface" "router-internal" { - subnet_id = aws_subnet.client-network.id - source_dest_check = false +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = "10.3.0.0/16" + gateway_id = aws_internet_gateway.test.id + + # Forcing endpoint to create before route - without this the crash is a race. + depends_on = [aws_vpc_endpoint.test] } -resource "aws_network_interface_attachment" "router-internal" { - device_index = 1 - instance_id = aws_instance.test-router.id - network_interface_id = aws_network_interface.router-internal.id +data "aws_region" "current" {} + +resource "aws_vpc_endpoint" "test" { + vpc_id = aws_vpc.test.id + service_name = "com.amazonaws.${data.aws_region.current.name}.s3" + route_table_ids = [aws_route_table.test.id] +} +`, rName) } -resource "aws_route" "internal-default-route" { - route_table_id = aws_route_table.client-routes.id - destination_cidr_block = "0.0.0.0/0" - network_interface_id = aws_network_interface.router-internal.id +func testAccAWSRouteConfigIpv4TransitGateway(rName, destinationCidr string) string { + return composeConfig( + testAccAvailableAZsNoOptInDefaultExcludeConfig(), + fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + + tags = { + Name = %[1]q + } } -resource "aws_route" "internal-default-route-ipv6" { - route_table_id = aws_route_table.client-routes.id - destination_ipv6_cidr_block = "::/0" - network_interface_id = aws_network_interface.router-internal.id +resource "aws_subnet" "test" { + availability_zone = data.aws_availability_zones.available.names[0] + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_ec2_transit_gateway" "test" { + tags = { + Name = %[1]q + } +} + +resource "aws_ec2_transit_gateway_vpc_attachment" "test" { + subnet_ids = [aws_subnet.test.id] + transit_gateway_id = aws_ec2_transit_gateway.test.id + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } -`) + +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } -func testAccAWSRouteConfigIpv6Instance() string { +resource "aws_route" "test" { + destination_cidr_block = %[2]q + route_table_id = aws_route_table.test.id + transit_gateway_id = aws_ec2_transit_gateway_vpc_attachment.test.transit_gateway_id +} +`, rName, destinationCidr)) +} + +func testAccAWSRouteConfigIpv6TransitGateway(rName, destinationCidr string) string { return composeConfig( - testAccAvailableEc2InstanceTypeForAvailabilityZone("aws_subnet.router-network.availability_zone", "t2.small", "t3.small"), - testAccLatestAmazonLinuxHvmEbsAmiConfig(), ` -resource "aws_vpc" "examplevpc" { - cidr_block = "10.100.0.0/16" - enable_dns_hostnames = true + testAccAvailableAZsNoOptInDefaultExcludeConfig(), + fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + assign_generated_ipv6_cidr_block = true + + tags = { + Name = %[1]q + } +} + +resource "aws_subnet" "test" { + availability_zone = data.aws_availability_zones.available.names[0] + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_ec2_transit_gateway" "test" { + tags = { + Name = %[1]q + } +} + +resource "aws_ec2_transit_gateway_vpc_attachment" "test" { + subnet_ids = [aws_subnet.test.id] + transit_gateway_id = aws_ec2_transit_gateway.test.id + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route" "test" { + destination_ipv6_cidr_block = %[2]q + route_table_id = aws_route_table.test.id + transit_gateway_id = aws_ec2_transit_gateway_vpc_attachment.test.transit_gateway_id +} +`, rName, destinationCidr)) +} + +func testAccAWSRouteConfigConditionalIpv4Ipv6(rName, destinationCidr, destinationIpv6Cidr string, ipv6Route bool) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" assign_generated_ipv6_cidr_block = true tags = { - Name = "terraform-testacc-route-ipv6-instance" + Name = %[1]q + } +} + +resource "aws_internet_gateway" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q } } -data "aws_availability_zones" "available" { - state = "available" +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] + tags = { + Name = %[1]q } } -resource "aws_internet_gateway" "internet" { - vpc_id = aws_vpc.examplevpc.id +locals { + ipv6 = %[4]t + destination = %[2]q + destination_ipv6 = %[3]q +} + +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + gateway_id = aws_internet_gateway.test.id + + destination_cidr_block = local.ipv6 ? "" : local.destination + destination_ipv6_cidr_block = local.ipv6 ? local.destination_ipv6 : "" +} +`, rName, destinationCidr, destinationIpv6Cidr, ipv6Route) +} + +func testAccAWSRouteConfigIpv4Instance(rName, destinationCidr string) string { + return composeConfig( + testAccLatestAmazonNatInstanceAmiConfig(), + testAccAvailableAZsNoOptInConfig(), + testAccAvailableEc2InstanceTypeForAvailabilityZone("data.aws_availability_zones.available.names[0]", "t3.micro", "t2.micro"), + fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + + tags = { + Name = %[1]q + } +} + +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + availability_zone = data.aws_availability_zones.available.names[0] + + tags = { + Name = %[1]q + } +} + +resource "aws_instance" "test" { + ami = data.aws_ami.amzn-ami-nat-instance.id + instance_type = data.aws_ec2_instance_type_offering.available.instance_type + subnet_id = aws_subnet.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + instance_id = aws_instance.test.id +} +`, rName, destinationCidr)) +} + +func testAccAWSRouteConfigIpv4NetworkInterfaceUnattached(rName, destinationCidr string) string { + return composeConfig( + testAccAvailableAZsNoOptInConfig(), + fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" + + tags = { + Name = %[1]q + } +} + +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + availability_zone = data.aws_availability_zones.available.names[0] + + tags = { + Name = %[1]q + } +} + +resource "aws_network_interface" "test" { + subnet_id = aws_subnet.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } +} + +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + network_interface_id = aws_network_interface.test.id +} +`, rName, destinationCidr)) +} + +func testAccAWSRouteResourceConfigIpv4LocalGateway(rName, destinationCidr string) string { + return fmt.Sprintf(` +data "aws_ec2_local_gateways" "all" {} + +data "aws_ec2_local_gateway" "first" { + id = tolist(data.aws_ec2_local_gateways.all.ids)[0] +} + +data "aws_ec2_local_gateway_route_tables" "all" {} + +data "aws_ec2_local_gateway_route_table" "first" { + local_gateway_route_table_id = tolist(data.aws_ec2_local_gateway_route_tables.all.ids)[0] +} + +resource "aws_vpc" "test" { + cidr_block = "10.0.0.0/16" tags = { - Name = "terraform-testacc-route-ipv6-instance" + Name = %[1]q } } -resource "aws_route" "igw" { - route_table_id = aws_vpc.examplevpc.main_route_table_id - destination_cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.internet.id -} - -resource "aws_route" "igw-ipv6" { - route_table_id = aws_vpc.examplevpc.main_route_table_id - destination_ipv6_cidr_block = "::/0" - gateway_id = aws_internet_gateway.internet.id -} - -resource "aws_subnet" "router-network" { - cidr_block = "10.100.1.0/24" - vpc_id = aws_vpc.examplevpc.id - ipv6_cidr_block = cidrsubnet(aws_vpc.examplevpc.ipv6_cidr_block, 8, 1) - assign_ipv6_address_on_creation = true - map_public_ip_on_launch = true - availability_zone = data.aws_availability_zones.available.names[0] +resource "aws_ec2_local_gateway_route_table_vpc_association" "example" { + local_gateway_route_table_id = data.aws_ec2_local_gateway_route_table.first.id + vpc_id = aws_vpc.test.id tags = { - Name = "tf-acc-route-ipv6-instance-router" + Name = %[1]q } } -resource "aws_subnet" "client-network" { - cidr_block = "10.100.10.0/24" - vpc_id = aws_vpc.examplevpc.id - ipv6_cidr_block = cidrsubnet(aws_vpc.examplevpc.ipv6_cidr_block, 8, 2) - assign_ipv6_address_on_creation = true - map_public_ip_on_launch = false - availability_zone = data.aws_availability_zones.available.names[0] +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id tags = { - Name = "tf-acc-route-ipv6-instance-client" + Name = %[1]q } -} -resource "aws_route_table" "client-routes" { - vpc_id = aws_vpc.examplevpc.id + depends_on = [aws_ec2_local_gateway_route_table_vpc_association.example] } -resource "aws_route_table_association" "client-routes" { - route_table_id = aws_route_table.client-routes.id - subnet_id = aws_subnet.client-network.id +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + local_gateway_id = data.aws_ec2_local_gateway.first.id } - -resource "aws_instance" "test-router" { - ami = data.aws_ami.amzn-ami-minimal-hvm-ebs.id - instance_type = data.aws_ec2_instance_type_offering.available.instance_type - subnet_id = aws_subnet.router-network.id +`, rName, destinationCidr) } -resource "aws_route" "internal-default-route" { - route_table_id = aws_route_table.client-routes.id - destination_cidr_block = "0.0.0.0/0" - instance_id = aws_instance.test-router.id -} +func testAccAWSRouteResourceConfigIpv6LocalGateway(rName, destinationCidr string) string { + return fmt.Sprintf(` +data "aws_ec2_local_gateways" "all" {} -resource "aws_route" "internal-default-route-ipv6" { - route_table_id = aws_route_table.client-routes.id - destination_ipv6_cidr_block = "::/0" - instance_id = aws_instance.test-router.id +data "aws_ec2_local_gateway" "first" { + id = tolist(data.aws_ec2_local_gateways.all.ids)[0] } -`) + +data "aws_ec2_local_gateway_route_tables" "all" {} + +data "aws_ec2_local_gateway_route_table" "first" { + local_gateway_route_table_id = tolist(data.aws_ec2_local_gateway_route_tables.all.ids)[0] } -func testAccAWSRouteConfigIpv6InstanceExpanded() string { - return composeConfig( - testAccAvailableEc2InstanceTypeForAvailabilityZone("aws_subnet.router-network.availability_zone", "t2.small", "t3.small"), - testAccLatestAmazonLinuxHvmEbsAmiConfig(), ` -resource "aws_vpc" "examplevpc" { - cidr_block = "10.100.0.0/16" - enable_dns_hostnames = true +resource "aws_vpc" "test" { + cidr_block = "10.0.0.0/16" assign_generated_ipv6_cidr_block = true tags = { - Name = "terraform-testacc-route-ipv6-instance" + Name = %[1]q } } -data "aws_availability_zones" "available" { - state = "available" +resource "aws_ec2_local_gateway_route_table_vpc_association" "example" { + local_gateway_route_table_id = data.aws_ec2_local_gateway_route_table.first.id + vpc_id = aws_vpc.test.id - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] + tags = { + Name = %[1]q } } -resource "aws_internet_gateway" "internet" { - vpc_id = aws_vpc.examplevpc.id +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id tags = { - Name = "terraform-testacc-route-ipv6-instance" + Name = %[1]q } -} -resource "aws_route" "igw" { - route_table_id = aws_vpc.examplevpc.main_route_table_id - destination_cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.internet.id + depends_on = [aws_ec2_local_gateway_route_table_vpc_association.example] } -resource "aws_route" "igw-ipv6" { - route_table_id = aws_vpc.examplevpc.main_route_table_id - destination_ipv6_cidr_block = "::0/0" - gateway_id = aws_internet_gateway.internet.id +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_ipv6_cidr_block = %[2]q + local_gateway_id = data.aws_ec2_local_gateway.first.id +} +`, rName, destinationCidr) } -resource "aws_subnet" "router-network" { - cidr_block = "10.100.1.0/24" - vpc_id = aws_vpc.examplevpc.id - ipv6_cidr_block = cidrsubnet(aws_vpc.examplevpc.ipv6_cidr_block, 8, 1) - assign_ipv6_address_on_creation = true - map_public_ip_on_launch = true - availability_zone = data.aws_availability_zones.available.names[0] +func testAccAWSRouteConfigIpv4NetworkInterfaceAttached(rName, destinationCidr string) string { + return composeConfig( + testAccLatestAmazonNatInstanceAmiConfig(), + testAccAvailableAZsNoOptInConfig(), + testAccAvailableEc2InstanceTypeForAvailabilityZone("data.aws_availability_zones.available.names[0]", "t3.micro", "t2.micro"), + fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" tags = { - Name = "tf-acc-route-ipv6-instance-router" + Name = %[1]q } } -resource "aws_subnet" "client-network" { - cidr_block = "10.100.10.0/24" - vpc_id = aws_vpc.examplevpc.id - ipv6_cidr_block = cidrsubnet(aws_vpc.examplevpc.ipv6_cidr_block, 8, 2) - assign_ipv6_address_on_creation = true - map_public_ip_on_launch = false - availability_zone = data.aws_availability_zones.available.names[0] +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + availability_zone = data.aws_availability_zones.available.names[0] tags = { - Name = "tf-acc-route-ipv6-instance-client" + Name = %[1]q } } -resource "aws_route_table" "client-routes" { - vpc_id = aws_vpc.examplevpc.id -} +resource "aws_network_interface" "test" { + subnet_id = aws_subnet.test.id -resource "aws_route_table_association" "client-routes" { - route_table_id = aws_route_table.client-routes.id - subnet_id = aws_subnet.client-network.id + tags = { + Name = %[1]q + } } -resource "aws_instance" "test-router" { - ami = data.aws_ami.amzn-ami-minimal-hvm-ebs.id +resource "aws_instance" "test" { + ami = data.aws_ami.amzn-ami-nat-instance.id instance_type = data.aws_ec2_instance_type_offering.available.instance_type - subnet_id = aws_subnet.router-network.id -} - -resource "aws_route" "internal-default-route" { - route_table_id = aws_route_table.client-routes.id - destination_cidr_block = "0.0.0.0/0" - instance_id = aws_instance.test-router.id -} -resource "aws_route" "internal-default-route-ipv6" { - route_table_id = aws_route_table.client-routes.id - destination_ipv6_cidr_block = "::0/0" - instance_id = aws_instance.test-router.id -} -`) -} - -func testAccAWSRouteConfigIpv6PeeringConnection() string { - return ` -resource "aws_vpc" "foo" { - cidr_block = "10.0.0.0/16" - assign_generated_ipv6_cidr_block = true + network_interface { + device_index = 0 + network_interface_id = aws_network_interface.test.id + } tags = { - Name = "terraform-testacc-route-ipv6-peering-connection" + Name = %[1]q } } -resource "aws_vpc" "bar" { - cidr_block = "10.1.0.0/16" - assign_generated_ipv6_cidr_block = true -} - -resource "aws_vpc_peering_connection" "foo" { - vpc_id = aws_vpc.foo.id - peer_vpc_id = aws_vpc.bar.id - auto_accept = true -} - -resource "aws_route_table" "peering" { - vpc_id = aws_vpc.foo.id -} - -resource "aws_route" "pc" { - route_table_id = aws_route_table.peering.id - destination_ipv6_cidr_block = aws_vpc.bar.ipv6_cidr_block - vpc_peering_connection_id = aws_vpc_peering_connection.foo.id -} -` -} - -func testAccAWSRouteConfigIpv6() string { - return ` -resource "aws_vpc" "foo" { - cidr_block = "10.1.0.0/16" - assign_generated_ipv6_cidr_block = true +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id tags = { - Name = "terraform-testacc-route-ipv6" + Name = %[1]q } } -resource "aws_egress_only_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id -} - -resource "aws_route_table" "foo" { - vpc_id = aws_vpc.foo.id -} +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + network_interface_id = aws_network_interface.test.id -resource "aws_route" "bar" { - route_table_id = aws_route_table.foo.id - destination_ipv6_cidr_block = "::/0" - egress_only_gateway_id = aws_egress_only_internet_gateway.foo.id + # Wait for the ENI attachment. + depends_on = [aws_instance.test] } -` +`, rName, destinationCidr)) } -func testAccAWSRouteConfigIpv6Expanded() string { - return ` -resource "aws_vpc" "foo" { - cidr_block = "10.1.0.0/16" - assign_generated_ipv6_cidr_block = true +/* +func testAccAWSRouteConfigIpv4NetworkInterfaceTwoAttachments(rName, destinationCidr, targetResourceName string) string { + return composeConfig( + testAccLatestAmazonNatInstanceAmiConfig(), + testAccAvailableAZsNoOptInConfig(), + testAccAvailableEc2InstanceTypeForAvailabilityZone("data.aws_availability_zones.available.names[0]", "t3.micro", "t2.micro"), + fmt.Sprintf(` +resource "aws_vpc" "test" { + cidr_block = "10.1.0.0/16" tags = { - Name = "terraform-testacc-route-ipv6" + Name = %[1]q } } -resource "aws_egress_only_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id -} - -resource "aws_route_table" "foo" { - vpc_id = aws_vpc.foo.id -} - -resource "aws_route" "bar" { - route_table_id = aws_route_table.foo.id - destination_ipv6_cidr_block = "::0/0" - egress_only_gateway_id = aws_egress_only_internet_gateway.foo.id -} -` -} - -func testAccAWSRouteBasicConfigChangeCidr() string { - return ` -resource "aws_vpc" "foo" { - cidr_block = "10.1.0.0/16" +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + availability_zone = data.aws_availability_zones.available.names[0] tags = { - Name = "terraform-testacc-route-change-cidr" + Name = %[1]q } } -resource "aws_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_network_interface" "test1" { + subnet_id = aws_subnet.test.id tags = { - Name = "terraform-testacc-route-change-cidr" + Name = %[1]q } } -resource "aws_route_table" "foo" { - vpc_id = aws_vpc.foo.id -} +resource "aws_network_interface" "test2" { + subnet_id = aws_subnet.test.id -resource "aws_route" "bar" { - route_table_id = aws_route_table.foo.id - destination_cidr_block = "10.2.0.0/16" - gateway_id = aws_internet_gateway.foo.id -} -` + tags = { + Name = %[1]q + } } -func testAccAWSRouteNoopChange() string { - return composeConfig( - testAccAvailableEc2InstanceTypeForAvailabilityZone("aws_subnet.test.availability_zone", "t2.nano", "t3.nano"), - testAccLatestAmazonLinuxHvmEbsAmiConfig(), ` -data "aws_availability_zones" "available" { - state = "available" +resource "aws_instance" "test" { + ami = data.aws_ami.amzn-ami-nat-instance.id + instance_type = data.aws_ec2_instance_type_offering.available.instance_type - filter { - name = "opt-in-status" - values = ["opt-in-not-required"] + network_interface { + device_index = 0 + network_interface_id = aws_network_interface.test1.id } -} -resource "aws_vpc" "test" { - cidr_block = "10.10.0.0/16" + network_interface { + device_index = 1 + network_interface_id = aws_network_interface.test2.id + } tags = { - Name = "terraform-testacc-route-noop-change" + Name = %[1]q } } resource "aws_route_table" "test" { vpc_id = aws_vpc.test.id -} - -resource "aws_subnet" "test" { - availability_zone = data.aws_availability_zones.available.names[0] - vpc_id = aws_vpc.test.id - cidr_block = "10.10.10.0/24" tags = { - Name = "tf-acc-route-noop-change" + Name = %[1]q } } resource "aws_route" "test" { route_table_id = aws_route_table.test.id - destination_cidr_block = "0.0.0.0/0" - instance_id = aws_instance.nat.id -} + destination_cidr_block = %[2]q + network_interface_id = %[3]s.id -resource "aws_instance" "nat" { - ami = data.aws_ami.amzn-ami-minimal-hvm-ebs.id - instance_type = data.aws_ec2_instance_type_offering.available.instance_type - subnet_id = aws_subnet.test.id + # Wait for the ENI attachment. + depends_on = [aws_instance.test] } -`) +`, rName, destinationCidr, targetResourceName)) } +*/ -func testAccAWSRouteWithVPCEndpoint() string { - return ` -data "aws_region" "current" {} - -resource "aws_vpc" "foo" { +func testAccAWSRouteConfigIpv4VpcPeeringConnection(rName, destinationCidr string) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { cidr_block = "10.1.0.0/16" tags = { - Name = "terraform-testacc-route-with-vpc-endpoint" + Name = %[1]q } } -resource "aws_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_vpc" "target" { + cidr_block = "10.0.0.0/16" tags = { - Name = "terraform-testacc-route-with-vpc-endpoint" + Name = %[1]q } } -resource "aws_route_table" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_vpc_peering_connection" "test" { + vpc_id = aws_vpc.test.id + peer_vpc_id = aws_vpc.target.id + auto_accept = true + + tags = { + Name = %[1]q + } } -resource "aws_route" "bar" { - route_table_id = aws_route_table.foo.id - destination_cidr_block = "10.3.0.0/16" - gateway_id = aws_internet_gateway.foo.id +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id - # Forcing endpoint to create before route - without this the crash is a race. - depends_on = [aws_vpc_endpoint.baz] + tags = { + Name = %[1]q + } } -resource "aws_vpc_endpoint" "baz" { - vpc_id = aws_vpc.foo.id - service_name = "com.amazonaws.${data.aws_region.current.name}.s3" - route_table_ids = [aws_route_table.foo.id] +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + vpc_peering_connection_id = aws_vpc_peering_connection.test.id } -` +`, rName, destinationCidr) } -func testAccAWSRouteNewRouteTable() string { - return ` -resource "aws_vpc" "foo" { +func testAccAWSRouteConfigIpv4NatGateway(rName, destinationCidr string) string { + return fmt.Sprintf(` +resource "aws_vpc" "test" { cidr_block = "10.1.0.0/16" tags = { - Name = "terraform-testacc-route-basic" + Name = %[1]q } } -resource "aws_vpc" "bar" { - cidr_block = "10.2.0.0/16" +resource "aws_subnet" "test" { + cidr_block = "10.1.1.0/24" + vpc_id = aws_vpc.test.id + + map_public_ip_on_launch = true tags = { - Name = "terraform-testacc-route-new-route-table" + Name = %[1]q } } -resource "aws_internet_gateway" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_internet_gateway" "test" { + vpc_id = aws_vpc.test.id tags = { - Name = "terraform-testacc-route-basic" + Name = %[1]q } } -resource "aws_internet_gateway" "bar" { - vpc_id = aws_vpc.bar.id +resource "aws_eip" "test" { + vpc = true tags = { - Name = "terraform-testacc-route-new-route-table" + Name = %[1]q } } -resource "aws_route_table" "foo" { - vpc_id = aws_vpc.foo.id +resource "aws_nat_gateway" "test" { + allocation_id = aws_eip.test.id + subnet_id = aws_subnet.test.id tags = { - Name = "terraform-testacc-route-basic" + Name = %[1]q } + + depends_on = [aws_internet_gateway.test] } -resource "aws_route_table" "bar" { - vpc_id = aws_vpc.bar.id +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id tags = { - Name = "terraform-testacc-route-new-route-table" + Name = %[1]q } } -resource "aws_route" "bar" { - route_table_id = aws_route_table.bar.id - destination_cidr_block = "10.4.0.0/16" - gateway_id = aws_internet_gateway.bar.id +resource "aws_route" "test" { + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + nat_gateway_id = aws_nat_gateway.test.id } -` +`, rName, destinationCidr) } -func testAccAWSRouteConfigTransitGatewayIDDestinatationCidrBlock() string { - return composeConfig(testAccAvailableAZsNoOptInDefaultExcludeConfig(), - ` -# IncorrectState: Transit Gateway is not available in availability zone usw2-az4 - +func testAccAWSRouteConfigIpv4VpnGateway(rName, destinationCidr string) string { + return fmt.Sprintf(` resource "aws_vpc" "test" { - cidr_block = "10.0.0.0/16" + cidr_block = "10.1.0.0/16" tags = { - Name = "tf-acc-test-ec2-route-transit-gateway-id" + Name = %[1]q } } -resource "aws_subnet" "test" { - availability_zone = data.aws_availability_zones.available.names[0] - cidr_block = "10.0.0.0/24" - vpc_id = aws_vpc.test.id +resource "aws_vpn_gateway" "test" { + vpc_id = aws_vpc.test.id tags = { - Name = "tf-acc-test-ec2-route-transit-gateway-id" + Name = %[1]q } } -resource "aws_ec2_transit_gateway" "test" {} +resource "aws_route_table" "test" { + vpc_id = aws_vpc.test.id -resource "aws_ec2_transit_gateway_vpc_attachment" "test" { - subnet_ids = [aws_subnet.test.id] - transit_gateway_id = aws_ec2_transit_gateway.test.id - vpc_id = aws_vpc.test.id + tags = { + Name = %[1]q + } } resource "aws_route" "test" { - destination_cidr_block = "0.0.0.0/0" - route_table_id = aws_vpc.test.default_route_table_id - transit_gateway_id = aws_ec2_transit_gateway_vpc_attachment.test.transit_gateway_id + route_table_id = aws_route_table.test.id + destination_cidr_block = %[2]q + gateway_id = aws_vpn_gateway.test.id } -`) +`, rName, destinationCidr) } -func testAccAWSRouteConfigConditionalIpv4Ipv6(rName string, ipv6Route bool) string { +func testAccAWSRouteConfigIpv6VpnGateway(rName, destinationCidr string) string { return fmt.Sprintf(` resource "aws_vpc" "test" { cidr_block = "10.1.0.0/16" @@ -1281,15 +1937,7 @@ resource "aws_vpc" "test" { } } -resource "aws_egress_only_internet_gateway" "test" { - vpc_id = aws_vpc.test.id - - tags = { - Name = %[1]q - } -} - -resource "aws_internet_gateway" "test" { +resource "aws_vpn_gateway" "test" { vpc_id = aws_vpc.test.id tags = { @@ -1305,57 +1953,15 @@ resource "aws_route_table" "test" { } } -locals { - ipv6 = %[2]t - destination = "0.0.0.0/0" - destination_ipv6 = "::/0" -} - -resource "aws_route" "test" { - route_table_id = aws_route_table.test.id - gateway_id = aws_internet_gateway.test.id - - destination_cidr_block = local.ipv6 ? "" : local.destination - destination_ipv6_cidr_block = local.ipv6 ? local.destination_ipv6 : "" -} -`, rName, ipv6Route) -} - -func testAccAWSRouteResourceConfigLocalGatewayID() string { - return ` -data "aws_ec2_local_gateways" "all" {} -data "aws_ec2_local_gateway" "first" { - id = tolist(data.aws_ec2_local_gateways.all.ids)[0] -} - -data "aws_ec2_local_gateway_route_tables" "all" {} -data "aws_ec2_local_gateway_route_table" "first" { - local_gateway_route_table_id = tolist(data.aws_ec2_local_gateway_route_tables.all.ids)[0] -} - -resource "aws_vpc" "test" { - cidr_block = "10.0.0.0/16" -} - -resource "aws_ec2_local_gateway_route_table_vpc_association" "example" { - local_gateway_route_table_id = data.aws_ec2_local_gateway_route_table.first.id - vpc_id = aws_vpc.test.id -} - -resource "aws_route_table" "test" { - vpc_id = aws_vpc.test.id - depends_on = [aws_ec2_local_gateway_route_table_vpc_association.example] -} - resource "aws_route" "test" { - route_table_id = aws_route_table.test.id - destination_cidr_block = "172.16.1.0/24" - local_gateway_id = data.aws_ec2_local_gateway.first.id + route_table_id = aws_route_table.test.id + destination_ipv6_cidr_block = %[2]q + gateway_id = aws_vpn_gateway.test.id } -` +`, rName, destinationCidr) } -func testAccAWSRouteResourceConfigVpcEndpointId(rName string) string { +func testAccAWSRouteResourceConfigIpv4VpcEndpoint(rName, destinationCidr string) string { return composeConfig( testAccAvailableAZsNoOptInConfig(), fmt.Sprintf(` @@ -1365,7 +1971,7 @@ resource "aws_vpc" "test" { cidr_block = "10.10.10.0/25" tags = { - Name = "tf-acc-test-load-balancer" + Name = %[1]q } } @@ -1375,7 +1981,7 @@ resource "aws_subnet" "test" { vpc_id = aws_vpc.test.id tags = { - Name = "tf-acc-test-load-balancer" + Name = %[1]q } } @@ -1392,6 +1998,10 @@ resource "aws_vpc_endpoint_service" "test" { acceptance_required = false allowed_principals = [data.aws_caller_identity.current.arn] gateway_load_balancer_arns = [aws_lb.test.arn] + + tags = { + Name = %[1]q + } } resource "aws_vpc_endpoint" "test" { @@ -1399,16 +2009,24 @@ resource "aws_vpc_endpoint" "test" { subnet_ids = [aws_subnet.test.id] vpc_endpoint_type = aws_vpc_endpoint_service.test.service_type vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } resource "aws_route_table" "test" { vpc_id = aws_vpc.test.id + + tags = { + Name = %[1]q + } } resource "aws_route" "test" { route_table_id = aws_route_table.test.id - destination_cidr_block = "172.16.1.0/24" + destination_cidr_block = %[2]q vpc_endpoint_id = aws_vpc_endpoint.test.id } -`, rName)) +`, rName, destinationCidr)) }