Skip to content

Commit

Permalink
hashicorp#25992 add test
Browse files Browse the repository at this point in the history
  • Loading branch information
nick committed Jul 27, 2022
1 parent 32bf8a5 commit 96f9693
Showing 1 changed file with 84 additions and 0 deletions.
84 changes: 84 additions & 0 deletions internal/service/guardduty/organization_configuration_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,52 @@ func testAccOrganizationConfiguration_kubernetes(t *testing.T) {
})
}

func testAccOrganizationConfiguration_malwareprotection(t *testing.T) {
detectorResourceName := "aws_guardduty_detector.test"
resourceName := "aws_guardduty_organization_configuration.test"

resource.Test(t, resource.TestCase{
PreCheck: func() {
acctest.PreCheck(t)
acctest.PreCheckOrganizationsAccount(t)
},
ErrorCheck: acctest.ErrorCheck(t, guardduty.EndpointsID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckDetectorDestroy,
Steps: []resource.TestStep{
{
Config: testAccOrganizationConfigurationConfig_malwareprotection(true),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(resourceName, "auto_enable", "true"),
resource.TestCheckResourceAttr(resourceName, "datasources.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.0.scan_ec2_instance_with_findings.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.0.scan_ec2_instance_with_findings.0.ebs_volumes.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.0.scan_ec2_instance_with_findings.0.ebs_volumes.0.auto_enable", "true"),
resource.TestCheckResourceAttrPair(resourceName, "detector_id", detectorResourceName, "id"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
{
Config: testAccOrganizationConfigurationConfig_malwareprotection(false),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(resourceName, "auto_enable", "true"),
resource.TestCheckResourceAttr(resourceName, "datasources.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.0.scan_ec2_instance_with_findings.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.0.scan_ec2_instance_with_findings.0.ebs_volumes.#", "1"),
resource.TestCheckResourceAttr(resourceName, "datasources.0.malware_protection.0.scan_ec2_instance_with_findings.0.ebs_volumes.0.auto_enable", "false"),
resource.TestCheckResourceAttrPair(resourceName, "detector_id", detectorResourceName, "id"),
),
},
},
})
}

func testAccOrganizationConfigurationConfig_autoEnable(autoEnable bool) string {
return fmt.Sprintf(`
data "aws_caller_identity" "current" {}
Expand Down Expand Up @@ -230,3 +276,41 @@ resource "aws_guardduty_organization_configuration" "test" {
}
`, autoEnable)
}

func testAccOrganizationConfigurationConfig_malwareprotection(autoEnable bool) string {
return fmt.Sprintf(`
data "aws_caller_identity" "current" {}
data "aws_partition" "current" {}
resource "aws_organizations_organization" "test" {
aws_service_access_principals = ["guardduty.${data.aws_partition.current.dns_suffix}"]
feature_set = "ALL"
}
resource "aws_guardduty_detector" "test" {}
resource "aws_guardduty_organization_admin_account" "test" {
depends_on = [aws_organizations_organization.test]
admin_account_id = data.aws_caller_identity.current.account_id
}
resource "aws_guardduty_organization_configuration" "test" {
depends_on = [aws_guardduty_organization_admin_account.test]
auto_enable = true
detector_id = aws_guardduty_detector.test.id
datasources {
malware_protection {
scan_ec2_instance_with_findings {
ebs_volumes {
auto_enable = %[1]t
}
}
}
}
}
`, autoEnable)
}

0 comments on commit 96f9693

Please sign in to comment.