aws/provider: Fixes issue for aws_lb_ssl_negotiation_policy of already deleted ELB (#12360)

* Ensures elb exists before negotiation policy check; Fixes #11260 * Adds acceptance test case for missing elb * Adds back https properties for test elb
9 years ago · 22f69b1592
parent bed8940953
commit 22f69b1592
2 changed files with 56 additions and 14 deletions
--- a/builtin/providers/aws/resource_aws_lb_ssl_negotiation_policy.go
+++ b/builtin/providers/aws/resource_aws_lb_ssl_negotiation_policy.go
@ -127,6 +127,10 @@ func resourceAwsLBSSLNegotiationPolicyRead(d *schema.ResourceData, meta interfac
 			// The policy is gone.
 			d.SetId("")
 			return nil
+		} else if isLoadBalancerNotFound(err) {
+			// The ELB is gone now, so just remove it from the state
+			d.SetId("")
+			return nil
 		}
 		return fmt.Errorf("Error retrieving policy: %s", err)
 	}
--- a/builtin/providers/aws/resource_aws_lb_ssl_negotiation_policy_test.go
+++ b/builtin/providers/aws/resource_aws_lb_ssl_negotiation_policy_test.go
@ -21,7 +21,7 @@ func TestAccAWSLBSSLNegotiationPolicy_basic(t *testing.T) {
 		Steps: []resource.TestStep{
 			resource.TestStep{
 				Config: testAccSslNegotiationPolicyConfig(
-					fmt.Sprintf("tf-acctest-%s", acctest.RandString(10))),
+					fmt.Sprintf("tf-acctest-%s", acctest.RandString(10)), fmt.Sprintf("tf-test-lb-%s", acctest.RandString(5))),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckLBSSLNegotiationPolicy(
 						"aws_elb.lb",
@ -35,6 +35,44 @@ func TestAccAWSLBSSLNegotiationPolicy_basic(t *testing.T) {
 	})
 }

+func TestAccAWSLBSSLNegotiationPolicy_missingLB(t *testing.T) {
+	lbName := fmt.Sprintf("tf-test-lb-%s", acctest.RandString(5))
+
+	// check that we can destroy the policy if the LB is missing
+	removeLB := func() {
+		conn := testAccProvider.Meta().(*AWSClient).elbconn
+		deleteElbOpts := elb.DeleteLoadBalancerInput{
+			LoadBalancerName: aws.String(lbName),
+		}
+		if _, err := conn.DeleteLoadBalancer(&deleteElbOpts); err != nil {
+			t.Fatalf("Error deleting ELB: %s", err)
+		}
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckLBSSLNegotiationPolicyDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccSslNegotiationPolicyConfig(fmt.Sprintf("tf-acctest-%s", acctest.RandString(10)), lbName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckLBSSLNegotiationPolicy(
+						"aws_elb.lb",
+						"aws_lb_ssl_negotiation_policy.foo",
+					),
+					resource.TestCheckResourceAttr(
+						"aws_lb_ssl_negotiation_policy.foo", "attribute.#", "7"),
+				),
+			},
+			resource.TestStep{
+				PreConfig: removeLB,
+				Config:    testAccSslNegotiationPolicyConfig(fmt.Sprintf("tf-acctest-%s", acctest.RandString(10)), lbName),
+			},
+		},
+	})
+}
+
 func testAccCheckLBSSLNegotiationPolicyDestroy(s *terraform.State) error {
 	elbconn := testAccProvider.Meta().(*AWSClient).elbconn

@ -155,7 +193,7 @@ func policyAttributesToMap(attributes *[]*elb.PolicyAttributeDescription) map[st
 // Sets the SSL Negotiation policy with attributes.
 // The IAM Server Cert config is lifted from
 // builtin/providers/aws/resource_aws_iam_server_certificate_test.go
-func testAccSslNegotiationPolicyConfig(certName string) string {
+func testAccSslNegotiationPolicyConfig(certName string, lbName string) string {
 	return fmt.Sprintf(`
 resource "aws_iam_server_certificate" "test_cert" {
  name = "%s"
@ -216,14 +254,14 @@ wbEcTx10meJdinnhawqW7L0bhifeiTaPxbaCBXv/wiiL
 EOF
 }
 resource "aws_elb" "lb" {
-  name = "test-lb"
-    availability_zones = ["us-west-2a"]
-    listener {
-      instance_port = 8000
-      instance_protocol = "https"
-      lb_port = 443
-      lb_protocol = "https"
-      ssl_certificate_id = "${aws_iam_server_certificate.test_cert.arn}"
+	name = "%s"
+	availability_zones = ["us-west-2a"]
+	listener {
+		instance_port = 8000
+		instance_protocol = "https"
+		lb_port = 443
+		lb_protocol = "https"
+		ssl_certificate_id = "${aws_iam_server_certificate.test_cert.arn}"
 	}
 }
 resource "aws_lb_ssl_negotiation_policy" "foo" {
@ -236,8 +274,8 @@ resource "aws_lb_ssl_negotiation_policy" "foo" {
    }
    attribute {
        name = "Protocol-TLSv1.1"
-        value = "false" 
-    }       
+        value = "false"
+    }
    attribute {
        name = "Protocol-TLSv1.2"
        value = "true"
@ -245,7 +283,7 @@ resource "aws_lb_ssl_negotiation_policy" "foo" {
    attribute {
        name = "Server-Defined-Cipher-Order"
        value = "true"
-    }       
+    }
    attribute {
        name = "ECDHE-RSA-AES128-GCM-SHA256"
        value = "true"
@ -259,5 +297,5 @@ resource "aws_lb_ssl_negotiation_policy" "foo" {
        value = "false"
    }
 }
-`, certName)
+`, certName, lbName)
 }