-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwebsite_bucket_test.go
105 lines (85 loc) · 3.88 KB
/
website_bucket_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package test
import (
"fmt"
"strings"
"testing"
"github.com/armakuni/go-terratest-helper"
"github.com/gruntwork-io/terratest/modules/random"
"github.com/gruntwork-io/terratest/modules/terraform"
"github.com/stretchr/testify/assert"
)
func TestTerraformAwsS3WebsiteBucketNameVariableCorrectlyAppliedNamed(t *testing.T) {
/* ARRANGE */
// Give this S3 Bucket a unique ID for a name tag so we can distinguish it from any other Buckets provisioned
// in your AWS account
expectedBucketName := fmt.Sprintf("terratest-website-bucket-test-%s", strings.ToLower(random.UniqueId()))
/* ACTION */
// This will run `terraform init` and `terraform plan` and fail the test if there are any errors
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: "../../examples/complete",
Vars: map[string]interface{}{
"name": expectedBucketName,
"region": "eu-west-3",
},
})
/* ACTION */
plan := terraform.InitAndPlanAndShowWithStructNoLogTempPlanFile(t, terraformOptions)
/* ASSERTIONS */
// Verify that our Bucket name matches variable
bucket, err := tfplanstruct.GetResourceChangeAfterByAddressE("module.test_website_bucket.module.bucket.aws_s3_bucket.this[0]", plan)
assert.Empty(t, err)
assert.Equal(t, expectedBucketName, bucket["bucket"])
}
func TestTerraformAwsS3WebsiteBucketPublicAccessConfig(t *testing.T) {
/* ARRANGE */
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: "../../examples/complete",
Vars: map[string]interface{}{
"name": fmt.Sprintf("terratest-website-bucket-test-%s", strings.ToLower(random.UniqueId())),
"region": "eu-west-3",
},
})
/* ACTION */
plan := terraform.InitAndPlanAndShowWithStructNoLogTempPlanFile(t, terraformOptions)
bucketPublicAccess, err := tfplanstruct.GetResourceChangeAfterByAddressE("module.test_website_bucket.module.bucket.aws_s3_bucket_public_access_block.this[0]", plan)
/* ASSERTIONS */
assert.Empty(t, err)
assert.Equal(t, false, bucketPublicAccess["block_public_acls"])
assert.Equal(t, false, bucketPublicAccess["block_public_policy"])
assert.Equal(t, false, bucketPublicAccess["ignore_public_acls"])
assert.Equal(t, false, bucketPublicAccess["restrict_public_buckets"])
}
func TestTerraformAwsS3WebsiteBucketOwnershipControls(t *testing.T) {
/* ARRANGE */
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: "../../examples/complete",
Vars: map[string]interface{}{
"name": fmt.Sprintf("terratest-website-bucket-test-%s", strings.ToLower(random.UniqueId())),
"region": "eu-west-3",
},
})
/* ACTION */
plan := terraform.InitAndPlanAndShowWithStructNoLogTempPlanFile(t, terraformOptions)
bucketOwnershipControls, err := tfplanstruct.GetResourceChangeAfterByAddressE("module.test_website_bucket.module.bucket.aws_s3_bucket_ownership_controls.this[0]", plan)
assert.Empty(t, err)
ownershipControlRules := bucketOwnershipControls["rule"].([]interface{})[0].(map[string]interface{})
/* ASSERTIONS */
assert.Equal(t, "ObjectWriter", ownershipControlRules["object_ownership"])
}
func TestTerraformAwsS3WebsiteBucketVersioningIsDisabled(t *testing.T) {
/* ARRANGE */
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: "../../examples/complete",
Vars: map[string]interface{}{
"name": fmt.Sprintf("terratest-website-bucket-test-%s", strings.ToLower(random.UniqueId())),
"region": "eu-west-3",
},
})
/* ACTION */
plan := terraform.InitAndPlanAndShowWithStructNoLogTempPlanFile(t, terraformOptions)
bucketVersioning, err := tfplanstruct.GetResourceChangeAfterByAddressE("module.test_website_bucket.module.bucket.aws_s3_bucket_versioning.this[0]", plan)
assert.Empty(t, err)
isVersionEnabled := bucketVersioning["versioning_configuration"].([]interface{})[0].(map[string]interface{})["status"]
/* ASSERTIONS */
assert.Equal(t, "Disabled", isVersionEnabled)
}