From c558b34bcde2c4f46f08b2728fbd02644e661b84 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Sat, 28 Sep 2019 18:33:11 -0400 Subject: [PATCH] tests/resource/aws_ec2_client_vpn_network_association: Use internal implementation for TLS key/certificate Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/10023 Output from acceptance testing: ``` --- PASS: TestAccAwsEc2ClientVpnNetworkAssociation_basic (549.92s) --- PASS: TestAccAwsEc2ClientVpnNetworkAssociation_disappears (581.03s) ``` --- ...ec2_client_vpn_network_association_test.go | 49 +++++++------------ 1 file changed, 17 insertions(+), 32 deletions(-) diff --git a/aws/resource_aws_ec2_client_vpn_network_association_test.go b/aws/resource_aws_ec2_client_vpn_network_association_test.go index bd6434c4b2b..42f328509a7 100644 --- a/aws/resource_aws_ec2_client_vpn_network_association_test.go +++ b/aws/resource_aws_ec2_client_vpn_network_association_test.go @@ -18,7 +18,7 @@ func TestAccAwsEc2ClientVpnNetworkAssociation_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProvidersWithTLS, + Providers: testAccProviders, CheckDestroy: testAccCheckAwsEc2ClientVpnNetworkAssociationDestroy, Steps: []resource.TestStep{ { @@ -37,7 +37,7 @@ func TestAccAwsEc2ClientVpnNetworkAssociation_disappears(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProvidersWithTLS, + Providers: testAccProviders, CheckDestroy: testAccCheckAwsEc2ClientVpnNetworkAssociationDestroy, Steps: []resource.TestStep{ { @@ -134,8 +134,20 @@ func testAccCheckAwsEc2ClientVpnNetworkAssociationExists(name string, assoc *ec2 } } -func testAccEc2ClientVpnNetworkAssociationConfig(rName string) string { +func testAccEc2ClientVpnNetworkAssociationConfigAcmCertificateBase() string { + key := tlsRsaPrivateKeyPem(2048) + certificate := tlsRsaX509SelfSignedCertificatePem(key, "example.com") + return fmt.Sprintf(` +resource "aws_acm_certificate" "test" { + certificate_body = "%[1]s" + private_key = "%[2]s" +} +`, tlsPemEscapeNewlines(certificate), tlsPemEscapeNewlines(key)) +} + +func testAccEc2ClientVpnNetworkAssociationConfig(rName string) string { + return testAccEc2ClientVpnNetworkAssociationConfigAcmCertificateBase() + fmt.Sprintf(` resource "aws_vpc" "test" { cidr_block = "10.1.0.0/16" @@ -154,41 +166,14 @@ resource "aws_subnet" "test" { } } -resource "tls_private_key" "example" { - algorithm = "RSA" -} - -resource "tls_self_signed_cert" "example" { - key_algorithm = "RSA" - private_key_pem = "${tls_private_key.example.private_key_pem}" - - subject { - common_name = "example.com" - organization = "ACME Examples, Inc" - } - - validity_period_hours = 12 - - allowed_uses = [ - "key_encipherment", - "digital_signature", - "server_auth", - ] -} - -resource "aws_acm_certificate" "cert" { - private_key = "${tls_private_key.example.private_key_pem}" - certificate_body = "${tls_self_signed_cert.example.cert_pem}" -} - resource "aws_ec2_client_vpn_endpoint" "test" { description = "terraform-testacc-clientvpn-%s" - server_certificate_arn = "${aws_acm_certificate.cert.arn}" + server_certificate_arn = "${aws_acm_certificate.test.arn}" client_cidr_block = "10.0.0.0/16" authentication_options { type = "certificate-authentication" - root_certificate_chain_arn = "${aws_acm_certificate.cert.arn}" + root_certificate_chain_arn = "${aws_acm_certificate.test.arn}" } connection_log_options {