chef-provisioning-aws 3.0.4 → 3.0.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (144) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +16 -5
  3. data/Rakefile +15 -6
  4. data/chef-provisioning-aws.gemspec +17 -17
  5. data/lib/chef/provider/aws_auto_scaling_group.rb +5 -6
  6. data/lib/chef/provider/aws_cache_cluster.rb +21 -15
  7. data/lib/chef/provider/aws_cache_replication_group.rb +12 -8
  8. data/lib/chef/provider/aws_cache_subnet_group.rb +3 -3
  9. data/lib/chef/provider/aws_cloudsearch_domain.rb +9 -13
  10. data/lib/chef/provider/aws_cloudwatch_alarm.rb +10 -12
  11. data/lib/chef/provider/aws_dhcp_options.rb +18 -21
  12. data/lib/chef/provider/aws_ebs_volume.rb +24 -26
  13. data/lib/chef/provider/aws_eip_address.rb +10 -13
  14. data/lib/chef/provider/aws_elasticsearch_domain.rb +19 -18
  15. data/lib/chef/provider/aws_iam_instance_profile.rb +5 -7
  16. data/lib/chef/provider/aws_iam_role.rb +14 -17
  17. data/lib/chef/provider/aws_image.rb +6 -6
  18. data/lib/chef/provider/aws_instance.rb +5 -5
  19. data/lib/chef/provider/aws_internet_gateway.rb +8 -11
  20. data/lib/chef/provider/aws_key_pair.rb +15 -17
  21. data/lib/chef/provider/aws_launch_configuration.rb +11 -14
  22. data/lib/chef/provider/aws_load_balancer.rb +1 -2
  23. data/lib/chef/provider/aws_nat_gateway.rb +6 -7
  24. data/lib/chef/provider/aws_network_acl.rb +28 -29
  25. data/lib/chef/provider/aws_network_interface.rb +25 -27
  26. data/lib/chef/provider/aws_rds_instance.rb +12 -13
  27. data/lib/chef/provider/aws_rds_parameter_group.rb +8 -8
  28. data/lib/chef/provider/aws_rds_subnet_group.rb +8 -9
  29. data/lib/chef/provider/aws_route_table.rb +19 -20
  30. data/lib/chef/provider/aws_s3_bucket.rb +22 -25
  31. data/lib/chef/provider/aws_security_group.rb +268 -285
  32. data/lib/chef/provider/aws_server_certificate.rb +6 -5
  33. data/lib/chef/provider/aws_sns_topic.rb +4 -6
  34. data/lib/chef/provider/aws_sqs_queue.rb +3 -4
  35. data/lib/chef/provider/aws_subnet.rb +29 -34
  36. data/lib/chef/provider/aws_vpc.rb +108 -116
  37. data/lib/chef/provider/aws_vpc_peering_connection.rb +11 -11
  38. data/lib/chef/provisioning/aws_driver.rb +4 -2
  39. data/lib/chef/provisioning/aws_driver/aws_provider.rb +234 -241
  40. data/lib/chef/provisioning/aws_driver/aws_rds_resource.rb +5 -7
  41. data/lib/chef/provisioning/aws_driver/aws_resource.rb +182 -185
  42. data/lib/chef/provisioning/aws_driver/aws_resource_with_entry.rb +17 -17
  43. data/lib/chef/provisioning/aws_driver/aws_taggable.rb +13 -15
  44. data/lib/chef/provisioning/aws_driver/aws_tagger.rb +47 -48
  45. data/lib/chef/provisioning/aws_driver/credentials.rb +96 -100
  46. data/lib/chef/provisioning/aws_driver/credentials2.rb +42 -45
  47. data/lib/chef/provisioning/aws_driver/driver.rb +1349 -1362
  48. data/lib/chef/provisioning/aws_driver/exceptions.rb +10 -12
  49. data/lib/chef/provisioning/aws_driver/super_lwrp.rb +60 -60
  50. data/lib/chef/provisioning/aws_driver/tagging_strategy/auto_scaling.rb +49 -50
  51. data/lib/chef/provisioning/aws_driver/tagging_strategy/ec2.rb +37 -38
  52. data/lib/chef/provisioning/aws_driver/tagging_strategy/elasticsearch.rb +14 -15
  53. data/lib/chef/provisioning/aws_driver/tagging_strategy/elb.rb +29 -31
  54. data/lib/chef/provisioning/aws_driver/tagging_strategy/rds.rb +39 -40
  55. data/lib/chef/provisioning/aws_driver/tagging_strategy/s3.rb +41 -43
  56. data/lib/chef/provisioning/aws_driver/version.rb +5 -5
  57. data/lib/chef/provisioning/driver_init/aws.rb +2 -2
  58. data/lib/chef/resource/aws_auto_scaling_group.rb +1 -1
  59. data/lib/chef/resource/aws_cache_cluster.rb +9 -12
  60. data/lib/chef/resource/aws_cache_replication_group.rb +9 -11
  61. data/lib/chef/resource/aws_cache_subnet_group.rb +8 -10
  62. data/lib/chef/resource/aws_cloudsearch_domain.rb +4 -5
  63. data/lib/chef/resource/aws_cloudwatch_alarm.rb +17 -18
  64. data/lib/chef/resource/aws_dhcp_options.rb +2 -2
  65. data/lib/chef/resource/aws_ebs_volume.rb +10 -10
  66. data/lib/chef/resource/aws_eip_address.rb +5 -5
  67. data/lib/chef/resource/aws_elasticsearch_domain.rb +4 -4
  68. data/lib/chef/resource/aws_iam_instance_profile.rb +4 -5
  69. data/lib/chef/resource/aws_iam_role.rb +2 -3
  70. data/lib/chef/resource/aws_image.rb +3 -3
  71. data/lib/chef/resource/aws_instance.rb +4 -4
  72. data/lib/chef/resource/aws_internet_gateway.rb +3 -3
  73. data/lib/chef/resource/aws_key_pair.rb +7 -7
  74. data/lib/chef/resource/aws_launch_configuration.rb +4 -4
  75. data/lib/chef/resource/aws_load_balancer.rb +7 -7
  76. data/lib/chef/resource/aws_nat_gateway.rb +11 -11
  77. data/lib/chef/resource/aws_network_acl.rb +7 -8
  78. data/lib/chef/resource/aws_network_interface.rb +9 -9
  79. data/lib/chef/resource/aws_rds_instance.rb +4 -4
  80. data/lib/chef/resource/aws_rds_parameter_group.rb +3 -3
  81. data/lib/chef/resource/aws_rds_subnet_group.rb +4 -4
  82. data/lib/chef/resource/aws_route53_hosted_zone.rb +37 -40
  83. data/lib/chef/resource/aws_route53_record_set.rb +22 -24
  84. data/lib/chef/resource/aws_route_table.rb +7 -7
  85. data/lib/chef/resource/aws_s3_bucket.rb +7 -7
  86. data/lib/chef/resource/aws_security_group.rb +10 -10
  87. data/lib/chef/resource/aws_server_certificate.rb +6 -8
  88. data/lib/chef/resource/aws_sns_topic.rb +2 -2
  89. data/lib/chef/resource/aws_sqs_queue.rb +5 -7
  90. data/lib/chef/resource/aws_subnet.rb +9 -9
  91. data/lib/chef/resource/aws_vpc.rb +11 -11
  92. data/lib/chef/resource/aws_vpc_peering_connection.rb +4 -4
  93. data/spec/aws_support.rb +44 -45
  94. data/spec/aws_support/aws_resource_run_wrapper.rb +2 -2
  95. data/spec/aws_support/deep_matcher.rb +2 -3
  96. data/spec/aws_support/deep_matcher/fuzzy_match_objects.rb +6 -9
  97. data/spec/aws_support/deep_matcher/match_values_failure_messages.rb +30 -37
  98. data/spec/aws_support/deep_matcher/matchable_array.rb +0 -1
  99. data/spec/aws_support/deep_matcher/matchable_object.rb +1 -2
  100. data/spec/aws_support/deep_matcher/rspec_monkeypatches.rb +4 -4
  101. data/spec/aws_support/delayed_stream.rb +2 -2
  102. data/spec/aws_support/matchers/create_an_aws_object.rb +6 -6
  103. data/spec/aws_support/matchers/destroy_an_aws_object.rb +6 -6
  104. data/spec/aws_support/matchers/have_aws_object_tags.rb +4 -5
  105. data/spec/aws_support/matchers/match_an_aws_object.rb +5 -6
  106. data/spec/aws_support/matchers/update_an_aws_object.rb +6 -7
  107. data/spec/integration/aws_auto_scaling_group_spec.rb +56 -64
  108. data/spec/integration/aws_cache_cluster_spec.rb +70 -71
  109. data/spec/integration/aws_cache_subnet_group_spec.rb +13 -14
  110. data/spec/integration/aws_cloudsearch_domain_spec.rb +6 -8
  111. data/spec/integration/aws_cloudwatch_alarm_spec.rb +200 -208
  112. data/spec/integration/aws_dhcp_options_spec.rb +32 -43
  113. data/spec/integration/aws_ebs_volume_spec.rb +52 -73
  114. data/spec/integration/aws_eip_address_spec.rb +24 -31
  115. data/spec/integration/aws_elasticsearch_domain_spec.rb +31 -33
  116. data/spec/integration/aws_iam_instance_profile_spec.rb +36 -45
  117. data/spec/integration/aws_iam_role_spec.rb +39 -46
  118. data/spec/integration/aws_internet_gateway_spec.rb +64 -75
  119. data/spec/integration/aws_key_pair_spec.rb +6 -6
  120. data/spec/integration/aws_launch_configuration_spec.rb +17 -18
  121. data/spec/integration/aws_nat_gateway_spec.rb +21 -24
  122. data/spec/integration/aws_network_acl_spec.rb +81 -95
  123. data/spec/integration/aws_network_interface_spec.rb +28 -43
  124. data/spec/integration/aws_rds_instance_spec.rb +29 -40
  125. data/spec/integration/aws_rds_parameter_group_spec.rb +32 -35
  126. data/spec/integration/aws_rds_subnet_group_spec.rb +30 -40
  127. data/spec/integration/aws_route53_hosted_zone_spec.rb +205 -205
  128. data/spec/integration/aws_route_table_spec.rb +118 -136
  129. data/spec/integration/aws_s3_bucket_spec.rb +19 -27
  130. data/spec/integration/aws_security_group_spec.rb +369 -388
  131. data/spec/integration/aws_server_certificate_spec.rb +16 -18
  132. data/spec/integration/aws_subnet_spec.rb +44 -58
  133. data/spec/integration/aws_vpc_peering_connection_spec.rb +43 -50
  134. data/spec/integration/aws_vpc_spec.rb +99 -115
  135. data/spec/integration/load_balancer_spec.rb +169 -183
  136. data/spec/integration/machine_batch_spec.rb +24 -31
  137. data/spec/integration/machine_image_spec.rb +54 -66
  138. data/spec/integration/machine_spec.rb +216 -237
  139. data/spec/persistence_file.txt +219 -0
  140. data/spec/spec_helper.rb +16 -17
  141. data/spec/unit/chef/provisioning/aws_driver/credentials_spec.rb +67 -74
  142. data/spec/unit/chef/provisioning/aws_driver/driver_spec.rb +29 -29
  143. data/spec/unit/chef/provisioning/aws_driver/route53_spec.rb +13 -15
  144. metadata +4 -3
data/spec/integration/aws_route_table_spec.rb CHANGED
@@ -1,225 +1,207 @@
1
- require 'spec_helper'
1
+ require "spec_helper"
2
2
 
3
3
  describe Chef::Resource::AwsRouteTable do
4
4
  extend AWSSupport
5
5
 
6
- when_the_chef_12_server "exists", organization: 'foo', server_scope: :context do
6
+ when_the_chef_12_server "exists", organization: "foo", server_scope: :context do
7
7
  with_aws "with a VPC with an internet gateway" do
8
8
  purge_all
9
9
  setup_public_vpc
10
10
 
11
- aws_network_interface 'test_network_interface' do
12
- subnet 'test_public_subnet'
11
+ aws_network_interface "test_network_interface" do
12
+ subnet "test_public_subnet"
13
13
  end
14
14
 
15
15
  it "aws_route_table 'test_route_table' with no parameters except VPC creates a route table" do
16
- expect_recipe {
17
- aws_route_table 'test_route_table' do
18
- vpc 'test_vpc'
16
+ expect_recipe do
17
+ aws_route_table "test_route_table" do
18
+ vpc "test_vpc"
19
19
  end
20
- }.to create_an_aws_route_table('test_route_table',
21
- routes: [
22
- { destination_cidr_block: '10.0.0.0/16', gateway_id: 'local', state: "active" }
23
- ]
24
- ).and be_idempotent
20
+ end.to create_an_aws_route_table("test_route_table",
21
+ routes: [
22
+ { destination_cidr_block: "10.0.0.0/16", gateway_id: "local", state: "active" }
23
+ ]).and be_idempotent
25
24
  end
26
25
 
27
26
  it "aws_route_table 'test_route_table' with routes creates a route table" do
28
- expect_recipe {
29
- aws_route_table 'test_route_table' do
30
- vpc 'test_vpc'
31
- routes '0.0.0.0/0' => :internet_gateway
27
+ expect_recipe do
28
+ aws_route_table "test_route_table" do
29
+ vpc "test_vpc"
30
+ routes "0.0.0.0/0" => :internet_gateway
32
31
  end
33
- }.to create_an_aws_route_table('test_route_table',
34
- routes: Set[
35
- { destination_cidr_block: '10.0.0.0/16', gateway_id: 'local', state: "active" },
36
- { destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" }
37
- ]
38
- ).and be_idempotent
32
+ end.to create_an_aws_route_table("test_route_table",
33
+ routes: Set[
34
+ { destination_cidr_block: "10.0.0.0/16", gateway_id: "local", state: "active" },
35
+ { destination_cidr_block: "0.0.0.0/0", gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" }
36
+ ]).and be_idempotent
39
37
  end
40
38
 
41
39
  it "ignores routes whose target matches ignore_route_targets" do
42
- expect_recipe {
43
- aws_route_table 'test_route_table' do
44
- vpc 'test_vpc'
45
- routes(
46
- '0.0.0.0/0' => :internet_gateway,
47
- '172.31.0.0/16' => test_network_interface
48
- )
49
- end
40
+ expect_recipe do
41
+ aws_route_table "test_route_table" do
42
+ vpc "test_vpc"
43
+ routes(
44
+ "0.0.0.0/0" => :internet_gateway,
45
+ "172.31.0.0/16" => test_network_interface
46
+ )
47
+ end
50
48
 
51
- aws_route_table 'test_route_table' do
52
- vpc 'test_vpc'
53
- routes '0.0.0.0/0' => :internet_gateway
54
- ignore_route_targets ['^eni-']
55
- end
56
- }.to create_an_aws_route_table('test_route_table',
57
- routes: Set[
58
- { destination_cidr_block: '10.0.0.0/16', gateway_id: 'local', state: "active" },
59
- { destination_cidr_block: '172.31.0.0/16', network_interface_id: test_network_interface.aws_object.id, state: "blackhole" },
60
- { destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
61
- ]
62
- ).and be_idempotent
49
+ aws_route_table "test_route_table" do
50
+ vpc "test_vpc"
51
+ routes "0.0.0.0/0" => :internet_gateway
52
+ ignore_route_targets ["^eni-"]
53
+ end
54
+ end.to create_an_aws_route_table("test_route_table",
55
+ routes: Set[
56
+ { destination_cidr_block: "10.0.0.0/16", gateway_id: "local", state: "active" },
57
+ { destination_cidr_block: "172.31.0.0/16", network_interface_id: test_network_interface.aws_object.id, state: "blackhole" },
58
+ { destination_cidr_block: "0.0.0.0/0", gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
59
+ ]).and be_idempotent
63
60
  end
64
61
 
65
62
  context "with an existing routing table" do
66
- aws_route_table 'test_route_table' do
67
- vpc 'test_vpc'
68
- routes '0.0.0.0/0' => :internet_gateway,
69
- '1.0.0.0/8' => :internet_gateway
63
+ aws_route_table "test_route_table" do
64
+ vpc "test_vpc"
65
+ routes "0.0.0.0/0" => :internet_gateway,
66
+ "1.0.0.0/8" => :internet_gateway
70
67
  end
71
68
 
72
69
  it "updates an existing routing table" do
73
- expect_recipe {
74
- aws_route_table 'test_route_table' do
75
- vpc 'test_vpc'
76
- routes '0.0.0.0/0' => :internet_gateway,
77
- '2.0.0.0/8' => :internet_gateway
70
+ expect_recipe do
71
+ aws_route_table "test_route_table" do
72
+ vpc "test_vpc"
73
+ routes "0.0.0.0/0" => :internet_gateway,
74
+ "2.0.0.0/8" => :internet_gateway
78
75
  end
79
- }.to update_an_aws_route_table('test_route_table',
80
- routes: Set[
81
- { destination_cidr_block: '2.0.0.0/8', gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
82
- { destination_cidr_block: '10.0.0.0/16', gateway_id: 'local', state: "active" },
83
- { destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
84
- ]
85
- ).and be_idempotent
76
+ end.to update_an_aws_route_table("test_route_table",
77
+ routes: Set[
78
+ { destination_cidr_block: "2.0.0.0/8", gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
79
+ { destination_cidr_block: "10.0.0.0/16", gateway_id: "local", state: "active" },
80
+ { destination_cidr_block: "0.0.0.0/0", gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
81
+ ]).and be_idempotent
86
82
  end
87
83
  end
88
84
 
89
85
  context "with nat gateway" do
90
- aws_eip_address 'test_eip'
91
- aws_nat_gateway 'test_nat_gateway' do
92
- subnet 'test_public_subnet'
93
- eip_address 'test_eip'
86
+ aws_eip_address "test_eip"
87
+ aws_nat_gateway "test_nat_gateway" do
88
+ subnet "test_public_subnet"
89
+ eip_address "test_eip"
94
90
  end
95
91
 
96
92
  it "can route to a nat gateway" do
97
- expect_recipe {
98
- aws_route_table 'test_route_table' do
99
- vpc 'test_vpc'
100
- routes '0.0.0.0/0' => test_nat_gateway
93
+ expect_recipe do
94
+ aws_route_table "test_route_table" do
95
+ vpc "test_vpc"
96
+ routes "0.0.0.0/0" => test_nat_gateway
101
97
  end
102
- }.to create_an_aws_route_table('test_route_table',
103
- routes: Set[
104
- { destination_cidr_block: '10.0.0.0/16', gateway_id: 'local', state: 'active' },
105
- { destination_cidr_block: '0.0.0.0/0', nat_gateway_id: test_nat_gateway.aws_object.nat_gateway_id, state: 'active' },
106
- ]
107
- ).and be_idempotent
98
+ end.to create_an_aws_route_table("test_route_table",
99
+ routes: Set[
100
+ { destination_cidr_block: "10.0.0.0/16", gateway_id: "local", state: "active" },
101
+ { destination_cidr_block: "0.0.0.0/0", nat_gateway_id: test_nat_gateway.aws_object.nat_gateway_id, state: "active" },
102
+ ]).and be_idempotent
108
103
  end
109
104
  end
110
105
 
111
106
  context "with machines", :super_slow do
112
- machine 'test_machine' do
107
+ machine "test_machine" do
113
108
  machine_options bootstrap_options: {
114
- subnet_id: 'test_public_subnet',
115
- key_name: 'test_key_pair'
109
+ subnet_id: "test_public_subnet",
110
+ key_name: "test_key_pair"
116
111
  }
117
112
  action :ready # The box has to be online for AWS to accept it as routable
118
113
  end
119
114
 
120
115
  it "can route to a machine", :super_slow do
121
- expect_recipe {
122
- aws_route_table 'test_route_table' do
123
- vpc 'test_vpc'
124
- routes '0.0.0.0/0' => :internet_gateway,
125
- '11.0.0.0/8' => 'test_machine'
116
+ expect_recipe do
117
+ aws_route_table "test_route_table" do
118
+ vpc "test_vpc"
119
+ routes "0.0.0.0/0" => :internet_gateway,
120
+ "11.0.0.0/8" => "test_machine"
126
121
  end
127
-
128
- }.to create_an_aws_route_table('test_route_table',
129
- routes: Set[
130
- { destination_cidr_block: '10.0.0.0/16', gateway_id: 'local', state: "active" },
131
- { destination_cidr_block: '11.0.0.0/8', instance_id: test_machine.aws_object.id, state: "active" },
132
- { destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
133
- ]
134
- ).and be_idempotent
122
+ end.to create_an_aws_route_table("test_route_table",
123
+ routes: Set[
124
+ { destination_cidr_block: "10.0.0.0/16", gateway_id: "local", state: "active" },
125
+ { destination_cidr_block: "11.0.0.0/8", instance_id: test_machine.aws_object.id, state: "active" },
126
+ { destination_cidr_block: "0.0.0.0/0", gateway_id: test_vpc.aws_object.internet_gateways.first.id, state: "active" },
127
+ ]).and be_idempotent
135
128
  end
136
129
  end
137
130
 
138
131
  it "creates aws_route_table tags" do
139
- expect_recipe {
140
- aws_route_table 'test_route_table' do
141
- vpc 'test_vpc'
132
+ expect_recipe do
133
+ aws_route_table "test_route_table" do
134
+ vpc "test_vpc"
142
135
  aws_tags key1: "value"
143
136
  end
144
- }.to create_an_aws_route_table('test_route_table')
145
- .and have_aws_route_table_tags('test_route_table',
146
- {
147
- 'Name' => 'test_route_table',
148
- 'key1' => 'value'
149
- }
150
- ).and be_idempotent
137
+ end.to create_an_aws_route_table("test_route_table")
138
+ .and have_aws_route_table_tags("test_route_table",
139
+ "Name" => "test_route_table",
140
+ "key1" => "value").and be_idempotent
151
141
  end
152
142
 
153
143
  context "with existing tags" do
154
- aws_route_table 'test_route_table' do
155
- vpc 'test_vpc'
144
+ aws_route_table "test_route_table" do
145
+ vpc "test_vpc"
156
146
  aws_tags key1: "value"
157
147
  end
158
148
 
159
149
  it "updates aws_route_table tags" do
160
- expect_recipe {
161
- aws_route_table 'test_route_table' do
162
- vpc 'test_vpc'
150
+ expect_recipe do
151
+ aws_route_table "test_route_table" do
152
+ vpc "test_vpc"
163
153
  aws_tags key1: "value2", key2: nil
164
154
  end
165
- }.to have_aws_route_table_tags('test_route_table',
166
- {
167
- 'Name' => 'test_route_table',
168
- 'key1' => 'value2',
169
- 'key2' => ''
170
- }
171
- ).and be_idempotent
155
+ end.to have_aws_route_table_tags("test_route_table",
156
+ "Name" => "test_route_table",
157
+ "key1" => "value2",
158
+ "key2" => "").and be_idempotent
172
159
  end
173
160
 
174
161
  it "removes all aws_route_table tags except Name" do
175
- expect_recipe {
176
- aws_route_table 'test_route_table' do
177
- vpc 'test_vpc'
162
+ expect_recipe do
163
+ aws_route_table "test_route_table" do
164
+ vpc "test_vpc"
178
165
  aws_tags({})
179
166
  end
180
- }.to have_aws_route_table_tags('test_route_table',
181
- {
182
- 'Name' => 'test_route_table'
183
- }
184
- ).and be_idempotent
167
+ end.to have_aws_route_table_tags("test_route_table",
168
+ "Name" => "test_route_table").and be_idempotent
185
169
  end
186
170
  end
187
-
188
171
  end
189
172
 
190
173
  with_aws "with two VPC's with an internet gateway" do
191
174
  aws_vpc "test_vpc_1" do
192
- cidr_block '10.0.0.0/24'
175
+ cidr_block "10.0.0.0/24"
193
176
  internet_gateway true
194
177
  end
195
178
 
196
179
  aws_vpc "test_vpc_2" do
197
- cidr_block '11.0.0.0/24'
180
+ cidr_block "11.0.0.0/24"
198
181
  internet_gateway false
199
182
  end
200
183
 
201
184
  it "aws_route_table 'test_route_table' with routes to differents targets creates a route table" do
202
185
  pcx = nil
203
- expect_recipe {
204
- pcx = aws_vpc_peering_connection 'test_peering_connection' do
205
- vpc 'test_vpc_1'
206
- peer_vpc 'test_vpc_2'
186
+ expect_recipe do
187
+ pcx = aws_vpc_peering_connection "test_peering_connection" do
188
+ vpc "test_vpc_1"
189
+ peer_vpc "test_vpc_2"
207
190
  end
208
191
 
209
- aws_route_table 'test_route_table' do
210
- vpc 'test_vpc_1'
192
+ aws_route_table "test_route_table" do
193
+ vpc "test_vpc_1"
211
194
  routes(
212
- '100.100.0.0/16' => pcx,
213
- '0.0.0.0/0' => :internet_gateway
195
+ "100.100.0.0/16" => pcx,
196
+ "0.0.0.0/0" => :internet_gateway
214
197
  )
215
198
  end
216
- }.to create_an_aws_route_table('test_route_table',
217
- routes: Set[
218
- { destination_cidr_block: '10.0.0.0/24', gateway_id: 'local', state: "active" },
219
- { destination_cidr_block: '100.100.0.0/16', vpc_peering_connection_id: pcx.aws_object.id, state: "active" },
220
- { destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc_1.aws_object.internet_gateways.first.id, state: "active" }
221
- ]
222
- ).and be_idempotent
199
+ end.to create_an_aws_route_table("test_route_table",
200
+ routes: Set[
201
+ { destination_cidr_block: "10.0.0.0/24", gateway_id: "local", state: "active" },
202
+ { destination_cidr_block: "100.100.0.0/16", vpc_peering_connection_id: pcx.aws_object.id, state: "active" },
203
+ { destination_cidr_block: "0.0.0.0/0", gateway_id: test_vpc_1.aws_object.internet_gateways.first.id, state: "active" }
204
+ ]).and be_idempotent
223
205
  end
224
206
  end
225
207
  end
data/spec/integration/aws_s3_bucket_spec.rb CHANGED
@@ -1,5 +1,5 @@
1
- require 'spec_helper'
2
- require 'securerandom'
1
+ require "spec_helper"
2
+ require "securerandom"
3
3
 
4
4
  def mk_bucket_name
5
5
  bucket_postfix = SecureRandom.hex(8)
@@ -14,22 +14,19 @@ describe Chef::Resource::AwsS3Bucket do
14
14
  bucket_name = mk_bucket_name
15
15
 
16
16
  it "aws_s3_bucket '#{bucket_name}' creates a bucket" do
17
- expect_recipe {
17
+ expect_recipe do
18
18
  aws_s3_bucket bucket_name
19
- }.to create_an_aws_s3_bucket(bucket_name).and be_idempotent
19
+ end.to create_an_aws_s3_bucket(bucket_name).and be_idempotent
20
20
  end
21
21
 
22
22
  it "creates aws_s3_bucket tags" do
23
- expect_recipe {
23
+ expect_recipe do
24
24
  aws_s3_bucket bucket_name do
25
25
  aws_tags key1: "value"
26
26
  end
27
- }.to create_an_aws_s3_bucket(bucket_name)
28
- .and have_aws_s3_bucket_tags(bucket_name,
29
- {
30
- 'key1' => 'value'
31
- }
32
- ).and be_idempotent
27
+ end.to create_an_aws_s3_bucket(bucket_name)
28
+ .and have_aws_s3_bucket_tags(bucket_name,
29
+ "key1" => "value").and be_idempotent
33
30
  end
34
31
 
35
32
  context "with existing tags" do
@@ -38,49 +35,44 @@ describe Chef::Resource::AwsS3Bucket do
38
35
  end
39
36
 
40
37
  it "updates aws_s3_bucket tags" do
41
- expect_recipe {
38
+ expect_recipe do
42
39
  aws_s3_bucket bucket_name do
43
40
  aws_tags key1: "value2", key2: nil
44
41
  end
45
- }.to have_aws_s3_bucket_tags(bucket_name,
46
- {
47
- 'key1' => 'value2',
48
- 'key2' => ''
49
- }
50
- ).and be_idempotent
42
+ end.to have_aws_s3_bucket_tags(bucket_name,
43
+ "key1" => "value2",
44
+ "key2" => "").and be_idempotent
51
45
  end
52
46
 
53
47
  it "removes all aws_s3_bucket tags" do
54
-
55
- expect_recipe {
48
+ expect_recipe do
56
49
  aws_s3_bucket bucket_name do
57
50
  aws_tags({})
58
51
  end
59
- }.to have_aws_s3_bucket_tags(bucket_name, {}).and be_idempotent
52
+ end.to have_aws_s3_bucket_tags(bucket_name, {}).and be_idempotent
60
53
  end
61
54
  end
62
-
63
55
  end
64
56
 
65
57
  with_aws "when a bucket with content exists" do
66
58
  bucket_name = mk_bucket_name
67
- with_converge {
59
+ with_converge do
68
60
  aws_s3_bucket bucket_name
69
61
 
70
62
  ruby_block "upload s3 object" do
71
63
  block do
72
- ::Aws::S3::Resource.new(driver.s3_client).buckets.find { |b| b.name == bucket_name }.object("test-object").put( { body: "test-content" } )
64
+ ::Aws::S3::Resource.new(driver.s3_client).buckets.find { |b| b.name == bucket_name }.object("test-object").put(body: "test-content")
73
65
  end
74
66
  end
75
- }
67
+ end
76
68
 
77
69
  it "aws_s3_bucket '#{bucket_name}' with recursive_delete set to true, deletes the bucket" do
78
- r = recipe {
70
+ r = recipe do
79
71
  aws_s3_bucket bucket_name do
80
72
  recursive_delete true
81
73
  action :delete
82
74
  end
83
- }
75
+ end
84
76
  expect(r).to destroy_an_aws_s3_bucket(bucket_name)
85
77
  end
86
78
  end
data/spec/integration/aws_security_group_spec.rb CHANGED
@@ -1,111 +1,100 @@
1
- require 'spec_helper'
2
- require 'chef/resource/aws_security_group'
3
- require 'chef/provisioning/aws_driver/exceptions'
1
+ require "spec_helper"
2
+ require "chef/resource/aws_security_group"
3
+ require "chef/provisioning/aws_driver/exceptions"
4
4
 
5
5
  describe Chef::Resource::AwsSecurityGroup do
6
6
  extend AWSSupport
7
7
 
8
8
  def set_ip_pemissions_mock_object(options = {})
9
9
  mock_object = Aws::EC2::Types::IpPermission.new(
10
- from_port: options[:from_port] || nil,
11
- to_port: options[:to_port] || nil ,
12
- ip_protocol: options[:ip_protocol] || nil,
13
- ip_ranges: options[:ip_ranges] || [],
14
- ipv_6_ranges: options[:ipv_6_ranges] || [],
15
- prefix_list_ids: options[:prefix_list_ids] || [],
16
- user_id_group_pairs: options[:user_id_group_pairs] || [])
17
- end
10
+ from_port: options[:from_port] || nil,
11
+ to_port: options[:to_port] || nil,
12
+ ip_protocol: options[:ip_protocol] || nil,
13
+ ip_ranges: options[:ip_ranges] || [],
14
+ ipv_6_ranges: options[:ipv_6_ranges] || [],
15
+ prefix_list_ids: options[:prefix_list_ids] || [],
16
+ user_id_group_pairs: options[:user_id_group_pairs] || []
17
+ )
18
+ end
18
19
 
19
- when_the_chef_12_server "exists", organization: 'foo', server_scope: :context do
20
+ when_the_chef_12_server "exists", organization: "foo", server_scope: :context do
20
21
  with_aws "without a VPC" do
21
-
22
22
  it "aws_security_group 'test_sg' with no attributes works" do
23
- expect_recipe {
24
- aws_security_group 'test_sg' do
23
+ expect_recipe do
24
+ aws_security_group "test_sg" do
25
25
  end
26
- }.to create_an_aws_security_group('test_sg',
27
- description: 'test_sg',
28
- vpc_id: default_vpc.vpc_id,
29
- ip_permissions: [],
30
- ip_permissions_egress: [set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])]
31
- ).and be_idempotent
26
+ end.to create_an_aws_security_group("test_sg",
27
+ description: "test_sg",
28
+ vpc_id: default_vpc.vpc_id,
29
+ ip_permissions: [],
30
+ ip_permissions_egress: [set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])]).and be_idempotent
32
31
  end
33
32
 
34
33
  it "can reference a security group by name or id" do
35
- expect_recipe {
36
- sg = aws_security_group 'test_sg'
34
+ expect_recipe do
35
+ sg = aws_security_group "test_sg"
37
36
  sg.run_action(:create)
38
37
  id = sg.aws_object.id
39
38
  aws_security_group id do
40
- inbound_rules '0.0.0.0/0' => 22
39
+ inbound_rules "0.0.0.0/0" => 22
41
40
  end
42
- aws_security_group 'test_sg' do
41
+ aws_security_group "test_sg" do
43
42
  security_group_id id
44
- outbound_rules 22 => '0.0.0.0/0'
43
+ outbound_rules 22 => "0.0.0.0/0"
45
44
  end
46
- }.to create_an_aws_security_group('test_sg',
47
- description: 'test_sg',
48
- vpc_id: default_vpc.vpc_id,
49
- ip_permissions: [set_ip_pemissions_mock_object(from_port: 22, to_port: 22, ip_protocol: "tcp", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])],
50
- ip_permissions_egress: [set_ip_pemissions_mock_object(from_port: 22, to_port: 22, ip_protocol: "tcp", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])]
51
- ).and be_idempotent
45
+ end.to create_an_aws_security_group("test_sg",
46
+ description: "test_sg",
47
+ vpc_id: default_vpc.vpc_id,
48
+ ip_permissions: [set_ip_pemissions_mock_object(from_port: 22, to_port: 22, ip_protocol: "tcp", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])],
49
+ ip_permissions_egress: [set_ip_pemissions_mock_object(from_port: 22, to_port: 22, ip_protocol: "tcp", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])]).and be_idempotent
52
50
  end
53
51
 
54
52
  it "raises an error trying to reference a security group by an unknown id" do
55
- expect_converge {
56
- aws_security_group 'sg-12345678'
57
- }.to raise_error(Aws::EC2::Errors::InvalidGroupNotFound, /aws_security_group\[sg-12345678\]/)
58
-
59
- expect_converge {
60
- aws_security_group 'test_sg' do
61
- security_group_id 'sg-12345678'
53
+ expect_converge do
54
+ aws_security_group "sg-12345678"
55
+ end.to raise_error(Aws::EC2::Errors::InvalidGroupNotFound, /aws_security_group\[sg-12345678\]/)
56
+
57
+ expect_converge do
58
+ aws_security_group "test_sg" do
59
+ security_group_id "sg-12345678"
62
60
  end
63
- }.to raise_error(Aws::EC2::Errors::InvalidGroupNotFound, /aws_security_group\[test_sg\]/)
61
+ end.to raise_error(Aws::EC2::Errors::InvalidGroupNotFound, /aws_security_group\[test_sg\]/)
64
62
  end
65
63
 
66
64
  it "creates aws_security_group tags" do
67
- expect_recipe {
68
- aws_security_group 'test_sg' do
65
+ expect_recipe do
66
+ aws_security_group "test_sg" do
69
67
  aws_tags key1: "value"
70
68
  end
71
- }.to create_an_aws_security_group('test_sg')
72
- .and have_aws_security_group_tags('test_sg',
73
- {
74
- 'Name' => 'test_sg',
75
- 'key1' => 'value'
76
- }
77
- ).and be_idempotent
69
+ end.to create_an_aws_security_group("test_sg")
70
+ .and have_aws_security_group_tags("test_sg",
71
+ "Name" => "test_sg",
72
+ "key1" => "value").and be_idempotent
78
73
  end
79
74
 
80
75
  context "with existing tags" do
81
- aws_security_group 'test_sg' do
76
+ aws_security_group "test_sg" do
82
77
  aws_tags key1: "value"
83
78
  end
84
79
 
85
80
  it "updates aws_security_group tags" do
86
- expect_recipe {
87
- aws_security_group 'test_sg' do
81
+ expect_recipe do
82
+ aws_security_group "test_sg" do
88
83
  aws_tags key1: "value2", key2: nil
89
84
  end
90
- }.to have_aws_security_group_tags('test_sg',
91
- {
92
- 'Name' => 'test_sg',
93
- 'key1' => 'value2',
94
- 'key2' => ''
95
- }
96
- ).and be_idempotent
85
+ end.to have_aws_security_group_tags("test_sg",
86
+ "Name" => "test_sg",
87
+ "key1" => "value2",
88
+ "key2" => "").and be_idempotent
97
89
  end
98
90
 
99
91
  it "removes all aws_security_group tags except Name" do
100
- expect_recipe {
101
- aws_security_group 'test_sg' do
92
+ expect_recipe do
93
+ aws_security_group "test_sg" do
102
94
  aws_tags({})
103
95
  end
104
- }.to have_aws_security_group_tags('test_sg',
105
- {
106
- 'Name' => 'test_sg'
107
- }
108
- ).and be_idempotent
96
+ end.to have_aws_security_group_tags("test_sg",
97
+ "Name" => "test_sg").and be_idempotent
109
98
  end
110
99
  end
111
100
  end
@@ -115,171 +104,166 @@ describe Chef::Resource::AwsSecurityGroup do
115
104
  setup_public_vpc
116
105
 
117
106
  load_balancer "testloadbalancer" do
118
- load_balancer_options({
107
+ load_balancer_options(
119
108
  subnets: ["test_public_subnet"],
120
109
  security_groups: ["test_security_group"]
121
- })
110
+ )
122
111
  end
123
112
 
124
- it "aws_security_group 'test_sg' with no attributes works" do
125
- expect_recipe {
126
- aws_security_group 'test_sg' do
127
- vpc 'test_vpc'
113
+ it "aws_security_group 'test_sg' with no attributes works" do
114
+ expect_recipe do
115
+ aws_security_group "test_sg" do
116
+ vpc "test_vpc"
128
117
  end
129
- }.to create_an_aws_security_group('test_sg',
130
- vpc_id: test_vpc.aws_object.id,
131
- ip_permissions: [],
132
- ip_permissions_egress: [set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])]
133
- ).and be_idempotent
118
+ end.to create_an_aws_security_group("test_sg",
119
+ vpc_id: test_vpc.aws_object.id,
120
+ ip_permissions: [],
121
+ ip_permissions_egress: [set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "0.0.0.0/0")])]).and be_idempotent
134
122
  end
135
123
 
136
124
  it "adds inbound and outbound_rules for source security_group " do
137
- expect_recipe {
138
- aws_security_group 'test_sg' do
139
- vpc 'test_vpc'
125
+ expect_recipe do
126
+ aws_security_group "test_sg" do
127
+ vpc "test_vpc"
140
128
  inbound_rules(
141
- 'test_security_group' => 1200,
129
+ "test_security_group" => 1200,
142
130
  test_security_group.aws_object.id => 1201,
143
131
  test_security_group.aws_object => 1202,
144
132
  test_security_group => 1203,
145
- {group_name: 'test_security_group'} => 1204,
146
- {security_group: 'test_security_group'} => 1205
133
+ { group_name: "test_security_group" } => 1204,
134
+ { security_group: "test_security_group" } => 1205
147
135
  )
148
136
  outbound_rules(
149
- 1200 => 'test_security_group',
137
+ 1200 => "test_security_group",
150
138
  1201 => test_security_group.aws_object.id,
151
139
  1202 => test_security_group.aws_object,
152
140
  1203 => test_security_group,
153
- 1204 => {group_name: 'test_security_group'},
154
- 1205 => {security_group: 'test_security_group'}
141
+ 1204 => { group_name: "test_security_group" },
142
+ 1205 => { security_group: "test_security_group" }
155
143
  )
156
144
  end
157
- }.to create_an_aws_security_group('test_sg',
158
- vpc_id: test_vpc.aws_object.id,
159
- ip_permissions: [
160
- set_ip_pemissions_mock_object(from_port: 1204, to_port: 1204, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
161
- set_ip_pemissions_mock_object(from_port: 1201, to_port: 1201, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
162
- set_ip_pemissions_mock_object(from_port: 1200, to_port: 1200, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
163
- set_ip_pemissions_mock_object(from_port: 1203, to_port: 1203, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
164
- set_ip_pemissions_mock_object(from_port: 1202, to_port: 1202, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
165
- set_ip_pemissions_mock_object(from_port: 1205, to_port: 1205, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
166
- ],
167
- ip_permissions_egress: [
168
- set_ip_pemissions_mock_object(from_port: 1204, to_port: 1204, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
169
- set_ip_pemissions_mock_object(from_port: 1201, to_port: 1201, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
170
- set_ip_pemissions_mock_object(from_port: 1200, to_port: 1200, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
171
- set_ip_pemissions_mock_object(from_port: 1203, to_port: 1203, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
172
- set_ip_pemissions_mock_object(from_port: 1202, to_port: 1202, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
173
- set_ip_pemissions_mock_object(from_port: 1205, to_port: 1205, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
174
- ]
175
- ).and be_idempotent
145
+ end.to create_an_aws_security_group("test_sg",
146
+ vpc_id: test_vpc.aws_object.id,
147
+ ip_permissions: [
148
+ set_ip_pemissions_mock_object(from_port: 1204, to_port: 1204, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
149
+ set_ip_pemissions_mock_object(from_port: 1201, to_port: 1201, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
150
+ set_ip_pemissions_mock_object(from_port: 1200, to_port: 1200, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
151
+ set_ip_pemissions_mock_object(from_port: 1203, to_port: 1203, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
152
+ set_ip_pemissions_mock_object(from_port: 1202, to_port: 1202, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
153
+ set_ip_pemissions_mock_object(from_port: 1205, to_port: 1205, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
154
+ ],
155
+ ip_permissions_egress: [
156
+ set_ip_pemissions_mock_object(from_port: 1204, to_port: 1204, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
157
+ set_ip_pemissions_mock_object(from_port: 1201, to_port: 1201, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
158
+ set_ip_pemissions_mock_object(from_port: 1200, to_port: 1200, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
159
+ set_ip_pemissions_mock_object(from_port: 1203, to_port: 1203, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
160
+ set_ip_pemissions_mock_object(from_port: 1202, to_port: 1202, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
161
+ set_ip_pemissions_mock_object(from_port: 1205, to_port: 1205, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
162
+ ]).and be_idempotent
176
163
  end
177
164
 
178
165
  it "adds inbound and outbound_rules for source security_group specified in hash " do
179
- expect_recipe {
180
- aws_security_group 'test_sg' do
181
- vpc 'test_vpc'
166
+ expect_recipe do
167
+ aws_security_group "test_sg" do
168
+ vpc "test_vpc"
182
169
  inbound_rules([
183
- { port: 1206, sources: 'test_security_group' },
184
- { port: 1207, sources: test_security_group.aws_object.id },
185
- { port: 1208, sources: test_security_group.aws_object },
186
- { port: 1209, sources: test_security_group },
187
- { port: 1210, sources: {group_name: 'test_security_group'} },
188
- { port: 1211, sources: {security_group: 'test_security_group'} }
189
- ])
170
+ { port: 1206, sources: "test_security_group" },
171
+ { port: 1207, sources: test_security_group.aws_object.id },
172
+ { port: 1208, sources: test_security_group.aws_object },
173
+ { port: 1209, sources: test_security_group },
174
+ { port: 1210, sources: { group_name: "test_security_group" } },
175
+ { port: 1211, sources: { security_group: "test_security_group" } }
176
+ ])
190
177
  outbound_rules([
191
- { port: 1206, destinations: 'test_security_group' },
192
- { port: 1207, destinations: test_security_group.aws_object.id },
193
- { port: 1208, destinations: test_security_group.aws_object },
194
- { port: 1209, destinations: test_security_group },
195
- { port: 1210, destinations: {group_name: 'test_security_group'} },
196
- { port: 1211, destinations: {security_group: 'test_security_group'} }
197
- ])
178
+ { port: 1206, destinations: "test_security_group" },
179
+ { port: 1207, destinations: test_security_group.aws_object.id },
180
+ { port: 1208, destinations: test_security_group.aws_object },
181
+ { port: 1209, destinations: test_security_group },
182
+ { port: 1210, destinations: { group_name: "test_security_group" } },
183
+ { port: 1211, destinations: { security_group: "test_security_group" } }
184
+ ])
198
185
  end
199
- }.to create_an_aws_security_group('test_sg',
200
- vpc_id: test_vpc.aws_object.id,
201
- ip_permissions: [
202
- set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
203
- set_ip_pemissions_mock_object(from_port: 1209, to_port: 1209, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
204
- set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
205
- set_ip_pemissions_mock_object(from_port: 1211, to_port: 1211, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
206
- set_ip_pemissions_mock_object(from_port: 1210, to_port: 1210, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
207
- set_ip_pemissions_mock_object(from_port: 1208, to_port: 1208, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
208
- ],
209
- ip_permissions_egress: [
210
- set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
211
- set_ip_pemissions_mock_object(from_port: 1209, to_port: 1209, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
212
- set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
213
- set_ip_pemissions_mock_object(from_port: 1211, to_port: 1211, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
214
- set_ip_pemissions_mock_object(from_port: 1210, to_port: 1210, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
215
- set_ip_pemissions_mock_object(from_port: 1208, to_port: 1208, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
216
- ]
217
- ).and be_idempotent
186
+ end.to create_an_aws_security_group("test_sg",
187
+ vpc_id: test_vpc.aws_object.id,
188
+ ip_permissions: [
189
+ set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
190
+ set_ip_pemissions_mock_object(from_port: 1209, to_port: 1209, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
191
+ set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
192
+ set_ip_pemissions_mock_object(from_port: 1211, to_port: 1211, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
193
+ set_ip_pemissions_mock_object(from_port: 1210, to_port: 1210, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
194
+ set_ip_pemissions_mock_object(from_port: 1208, to_port: 1208, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
195
+ ],
196
+ ip_permissions_egress: [
197
+ set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
198
+ set_ip_pemissions_mock_object(from_port: 1209, to_port: 1209, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
199
+ set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
200
+ set_ip_pemissions_mock_object(from_port: 1211, to_port: 1211, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
201
+ set_ip_pemissions_mock_object(from_port: 1210, to_port: 1210, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
202
+ set_ip_pemissions_mock_object(from_port: 1208, to_port: 1208, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
203
+ ]).and be_idempotent
218
204
  end
219
205
 
220
206
  it "adds inbound and outbound_rules for source load_balancer" do
221
- expect_recipe {
222
- aws_security_group 'test_sg' do
223
- vpc 'test_vpc'
207
+ expect_recipe do
208
+ aws_security_group "test_sg" do
209
+ vpc "test_vpc"
224
210
  inbound_rules(
225
211
  testloadbalancer.aws_object => 1206,
226
- {load_balancer: 'testloadbalancer'} => 1207,
212
+ { load_balancer: "testloadbalancer" } => 1207
227
213
  )
228
214
  outbound_rules(
229
215
  1206 => testloadbalancer.aws_object,
230
- 1207 => {load_balancer: 'testloadbalancer'},
216
+ 1207 => { load_balancer: "testloadbalancer" }
231
217
  )
232
218
  end
233
- }.to create_an_aws_security_group('test_sg',
234
- vpc_id: test_vpc.aws_object.id,
235
- ip_permissions: [
236
- set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
237
- set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
238
- ],
239
- ip_permissions_egress: [
240
- set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
241
- set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
242
- ]
243
- ).and be_idempotent
219
+ end.to create_an_aws_security_group("test_sg",
220
+ vpc_id: test_vpc.aws_object.id,
221
+ ip_permissions: [
222
+ set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
223
+ set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
224
+ ],
225
+ ip_permissions_egress: [
226
+ set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
227
+ set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
228
+ ]).and be_idempotent
244
229
  end
245
230
 
246
231
  it "adds inbound and outbound_rules for source load_balancer specified in hash" do
247
- expect_recipe {
248
- aws_security_group 'test_sg' do
249
- vpc 'test_vpc'
232
+ expect_recipe do
233
+ aws_security_group "test_sg" do
234
+ vpc "test_vpc"
250
235
  inbound_rules([
251
- { port: 1206, sources: testloadbalancer.aws_object },
252
- { port: 1207, sources: {load_balancer: 'testloadbalancer'}}
253
- ])
236
+ { port: 1206, sources: testloadbalancer.aws_object },
237
+ { port: 1207, sources: { load_balancer: "testloadbalancer" } }
238
+ ])
254
239
  outbound_rules([
255
- { port: 1206, destinations: testloadbalancer.aws_object },
256
- { port: 1207, destinations: {load_balancer: 'testloadbalancer'}}
257
- ])
240
+ { port: 1206, destinations: testloadbalancer.aws_object },
241
+ { port: 1207, destinations: { load_balancer: "testloadbalancer" } }
242
+ ])
258
243
  end
259
- }.to create_an_aws_security_group('test_sg',
260
- vpc_id: test_vpc.aws_object.id,
261
- ip_permissions: [
262
- set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
263
- set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
264
- ],
265
- ip_permissions_egress: [
266
- set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
267
- set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
268
- ]
269
- ).and be_idempotent
244
+ end.to create_an_aws_security_group("test_sg",
245
+ vpc_id: test_vpc.aws_object.id,
246
+ ip_permissions: [
247
+ set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
248
+ set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
249
+ ],
250
+ ip_permissions_egress: [
251
+ set_ip_pemissions_mock_object(from_port: 1207, to_port: 1207, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)]),
252
+ set_ip_pemissions_mock_object(from_port: 1206, to_port: 1206, ip_protocol: "tcp", ip_ranges: [], user_id_group_pairs: [Aws::EC2::Types::UserIdGroupPair.new(group_id: test_security_group.aws_object.id, group_name: nil, peering_status: nil, user_id: test_security_group.aws_object.owner_id, vpc_id: nil, vpc_peering_connection_id: nil)])
253
+ ]).and be_idempotent
270
254
  end
271
255
 
272
256
  it "can specify rules as a mapping from source/destination to port and protocol" do
273
- expect_recipe {
274
- aws_security_group 'test_sg' do
257
+ expect_recipe do
258
+ aws_security_group "test_sg" do
275
259
  # We need to define a list of ports and its easier to use a method than
276
260
  # have to add a new number when changing this test
277
- def counter()
261
+ def counter
278
262
  @ip_counter ||= 0
279
263
  @ip_counter += 1
280
264
  end
281
265
 
282
- vpc 'test_vpc'
266
+ vpc "test_vpc"
283
267
  inbound_rules(
284
268
  "10.0.0.#{counter}/32" => { port_range: -1..-1, protocol: -1 },
285
269
  "10.0.0.#{counter}/32" => { port: -1, protocol: -1 },
@@ -287,10 +271,10 @@ describe Chef::Resource::AwsSecurityGroup do
287
271
  "10.0.0.#{counter}/32" => { ports: 1003..1003, protocol: -1 },
288
272
  "10.0.0.#{counter}/32" => { port_range: 1004..1005, protocol: -1 },
289
273
  "10.0.0.#{counter}/32" => { port_range: [1006, 1007, 1108], protocol: -1 },
290
- # If the protocol isn't `-1` and you don't specify all the ports
291
- # aws wants `port_range` to be nil
274
+ # If the protocol isn't `-1` and you don't specify all the ports
275
+ # aws wants `port_range` to be nil
292
276
  "10.0.0.#{counter}/32" => { ports: nil, protocol: :tcp },
293
- "10.0.0.#{counter}/32" => { port_range: 0..65535, protocol: :udp },
277
+ "10.0.0.#{counter}/32" => { port_range: 0..65_535, protocol: :udp },
294
278
  "10.0.0.#{counter}/32" => { port_range: -1, protocol: :icmp },
295
279
  "10.0.0.#{counter}/32" => { port_range: 1011, protocol: :any },
296
280
  "10.0.0.#{counter}/32" => { port_range: 1012, protocol: nil },
@@ -298,25 +282,25 @@ describe Chef::Resource::AwsSecurityGroup do
298
282
  "10.0.0.#{counter}/32" => { port: 1014..1014 },
299
283
  "10.0.0.#{counter}/32" => { port: [1015, 1016, 1117] },
300
284
  "10.0.0.#{counter}/32" => { port: :icmp },
301
- "10.0.0.#{counter}/32" => { port: 'tcp' },
285
+ "10.0.0.#{counter}/32" => { port: "tcp" },
302
286
  "10.0.0.#{counter}/32" => { port: nil },
303
287
  "10.0.0.#{counter}/32" => { protocol: -1 },
304
288
  "10.0.0.#{counter}/32" => { protocol: :any },
305
- "10.0.0.#{counter}/32" => { protocol: 'UDP' },
289
+ "10.0.0.#{counter}/32" => { protocol: "UDP" },
306
290
  "10.0.0.#{counter}/32" => { protocol: nil },
307
291
  "10.0.0.#{counter}/32" => 1020,
308
292
  "10.0.0.#{counter}/32" => 1021..1023,
309
293
  "10.0.0.#{counter}/32" => [1024, 1025, 1125],
310
294
  "10.0.0.#{counter}/32" => :icmp,
311
- "10.0.0.#{counter}/32" => 'Icmp',
295
+ "10.0.0.#{counter}/32" => "Icmp",
312
296
  "10.0.0.#{counter}/32" => :tcp,
313
- "10.0.0.#{counter}/32" => 'UDP',
297
+ "10.0.0.#{counter}/32" => "UDP",
314
298
  "10.0.0.#{counter}/32" => nil,
315
299
  "10.0.0.#{counter}/32" => -1,
316
300
  "10.0.0.#{counter}/32" => :"-1",
317
301
  ["10.0.0.#{counter}/32", "10.0.0.#{counter}/32"] => :all,
318
302
  "10.0.0.#{counter}/32" => { port_range: 1..2, protocol: :icmp }
319
- )
303
+ )
320
304
  outbound_rules(
321
305
  { port_range: -1..-1, protocol: -1 } => "10.0.0.#{counter}/32",
322
306
  { port: -1, protocol: -1 } => "10.0.0.#{counter}/32",
@@ -324,9 +308,9 @@ describe Chef::Resource::AwsSecurityGroup do
324
308
  { ports: 1003..1003, protocol: -1 } => "10.0.0.#{counter}/32",
325
309
  { port_range: 1004..1005, protocol: -1 } => "10.0.0.#{counter}/32",
326
310
  { port_range: [1006, 1007, 1108], protocol: -1 } => "10.0.0.#{counter}/32",
327
- # # If the protocol isn't `-1` and you don't specify all the ports
328
- # # aws wants `port_range` to be nil{ ports: nil, protocol: :tcp } => "10.0.0.#{counter}/32",
329
- { port_range: 0..65535, protocol: :udp } => "10.0.0.#{counter}/32",
311
+ # # If the protocol isn't `-1` and you don't specify all the ports
312
+ # # aws wants `port_range` to be nil{ ports: nil, protocol: :tcp } => "10.0.0.#{counter}/32",
313
+ { port_range: 0..65_535, protocol: :udp } => "10.0.0.#{counter}/32",
330
314
  { port_range: -1, protocol: :icmp } => "10.0.0.#{counter}/32",
331
315
  { port_range: 1..2, protocol: :icmp } => "10.0.0.#{counter}/32",
332
316
  { port_range: 1011, protocol: :any } => "10.0.0.#{counter}/32",
@@ -335,255 +319,252 @@ describe Chef::Resource::AwsSecurityGroup do
335
319
  { port: 1014..1014 } => "10.0.0.#{counter}/32",
336
320
  { port: [1015, 1016, 1117] } => "10.0.0.#{counter}/32",
337
321
  { port: :icmp } => "10.0.0.#{counter}/32",
338
- { port: 'tCp' } => "10.0.0.#{counter}/32",
322
+ { port: "tCp" } => "10.0.0.#{counter}/32",
339
323
  { port: nil } => "10.0.0.#{counter}/32",
340
324
  { protocol: -1 } => "10.0.0.#{counter}/32",
341
325
  { protocol: :any } => "10.0.0.#{counter}/32",
342
- { protocol: 'UDP' } => "10.0.0.#{counter}/32",
326
+ { protocol: "UDP" } => "10.0.0.#{counter}/32",
343
327
  { protocol: nil } => "10.0.0.#{counter}/32",
344
328
  1020 => "10.0.0.#{counter}/32",
345
329
  1021..1023 => "10.0.0.#{counter}/32",
346
330
  [1024, 1025, 1125] => "10.0.0.#{counter}/32",
347
331
  :icmp => "10.0.0.#{counter}/32",
348
- 'Icmp' => "10.0.0.#{counter}/32",
332
+ "Icmp" => "10.0.0.#{counter}/32",
349
333
  :tcp => "10.0.0.#{counter}/32",
350
- 'UDP' => "10.0.0.#{counter}/32",
334
+ "UDP" => "10.0.0.#{counter}/32",
351
335
  nil => "10.0.0.#{counter}/32",
352
336
  -1 => "10.0.0.#{counter}/32",
353
337
  :"-1" => "10.0.0.#{counter}/32",
354
338
  :all => ["10.0.0.#{counter}/32", "10.0.0.#{counter}/32"]
355
- )
339
+ )
356
340
  end
357
- }.to create_an_aws_security_group('test_sg',
358
- vpc_id: test_vpc.aws_object.id,
359
- ip_permissions: [
360
- set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
361
- set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
362
- set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.11/32")], ip_protocol: "tcp"),
363
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.7/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.16/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.17/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.21/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.27/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.30/32")], ip_protocol: "tcp"),
364
- # Note: Sometimes response ip_ranges array sequence changes and test fails
365
- # set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.16/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.17/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.21/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.27/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.30/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.7/32")], ip_protocol: "tcp"),
366
- set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.9/32")], ip_protocol: "icmp"),
367
- set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
368
- set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.13/32")], ip_protocol: "tcp"),
369
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.15/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.25/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.26/32")], ip_protocol: "icmp"),
370
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.20/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.28/32")], ip_protocol: "udp"),
371
- set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [ Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.12/32")], ip_protocol: "tcp"),
372
- set_ip_pemissions_mock_object(ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.1/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.2/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.3/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.4/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.5/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.6/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.10/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.18/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.19/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.29/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.31/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.32/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.33/32")], ip_protocol: "-1"),
373
- # Note: Sometimes response ip_ranges array sequence changes and test fails
374
- # set_ip_pemissions_mock_object(ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.1/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.10/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.18/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.19/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.2/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.29/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.3/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.31/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.32/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.33/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.4/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.5/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.6/32")], ip_protocol: "-1"),
375
- set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
376
- set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
377
- set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.34/32")], ip_protocol: "icmp"),
378
- set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
379
- set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.23/32")], ip_protocol: "tcp"),
380
- set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.22/32")], ip_protocol: "tcp"),
381
- set_ip_pemissions_mock_object(from_port: 0, to_port: 65535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.8/32")], ip_protocol: "udp")
382
- ],
383
- ip_permissions_egress: [
384
- set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
385
- set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
386
- set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.45/32")], ip_protocol: "tcp"),
387
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.50/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.51/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.55/32"),Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.61/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.64/32")], ip_protocol: "tcp"),
388
- set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.42/32")], ip_protocol: "icmp"),
389
- set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
390
- set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.47/32")], ip_protocol: "tcp"),
391
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.49/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.59/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.60/32")], ip_protocol: "icmp"),
392
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.54/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.62/32")], ip_protocol: "udp"),
393
- set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [ Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.46/32")], ip_protocol: "tcp"),
394
- set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.35/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.36/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.37/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.38/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.39/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.40/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.44/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.52/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.53/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.63/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.65/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.66/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.67/32") ]),
395
- set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
396
- set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
397
- set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.43/32")], ip_protocol: "icmp"),
398
- set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
399
- set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.57/32")], ip_protocol: "tcp"),
400
- set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.56/32")], ip_protocol: "tcp"),
401
- set_ip_pemissions_mock_object(from_port: 0, to_port: 65535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.41/32")], ip_protocol: "udp")
402
- ]
403
- ).and be_idempotent
404
- end
341
+ end.to create_an_aws_security_group("test_sg",
342
+ vpc_id: test_vpc.aws_object.id,
343
+ ip_permissions: [
344
+ set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
345
+ set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
346
+ set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.11/32")], ip_protocol: "tcp"),
347
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.7/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.16/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.17/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.21/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.27/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.30/32")], ip_protocol: "tcp"),
348
+ # Note: Sometimes response ip_ranges array sequence changes and test fails
349
+ # set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.16/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.17/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.21/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.27/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.30/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.7/32")], ip_protocol: "tcp"),
350
+ set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.9/32")], ip_protocol: "icmp"),
351
+ set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
352
+ set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.13/32")], ip_protocol: "tcp"),
353
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.15/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.25/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.26/32")], ip_protocol: "icmp"),
354
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.20/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.28/32")], ip_protocol: "udp"),
355
+ set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.12/32")], ip_protocol: "tcp"),
356
+ set_ip_pemissions_mock_object(ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.1/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.2/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.3/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.4/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.5/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.6/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.10/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.18/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.19/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.29/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.31/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.32/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.33/32")], ip_protocol: "-1"),
357
+ # Note: Sometimes response ip_ranges array sequence changes and test fails
358
+ # set_ip_pemissions_mock_object(ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.1/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.10/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.18/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.19/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.2/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.29/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.3/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.31/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.32/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.33/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.4/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.5/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.6/32")], ip_protocol: "-1"),
359
+ set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
360
+ set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
361
+ set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.34/32")], ip_protocol: "icmp"),
362
+ set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
363
+ set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.23/32")], ip_protocol: "tcp"),
364
+ set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.22/32")], ip_protocol: "tcp"),
365
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 65_535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.8/32")], ip_protocol: "udp")
366
+ ],
367
+ ip_permissions_egress: [
368
+ set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
369
+ set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
370
+ set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.45/32")], ip_protocol: "tcp"),
371
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.50/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.51/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.55/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.61/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.64/32")], ip_protocol: "tcp"),
372
+ set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.42/32")], ip_protocol: "icmp"),
373
+ set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
374
+ set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.47/32")], ip_protocol: "tcp"),
375
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.49/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.59/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.60/32")], ip_protocol: "icmp"),
376
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.54/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.62/32")], ip_protocol: "udp"),
377
+ set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.46/32")], ip_protocol: "tcp"),
378
+ set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.35/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.36/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.37/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.38/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.39/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.40/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.44/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.52/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.53/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.63/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.65/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.66/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.67/32")]),
379
+ set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
380
+ set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
381
+ set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.43/32")], ip_protocol: "icmp"),
382
+ set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
383
+ set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.57/32")], ip_protocol: "tcp"),
384
+ set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.56/32")], ip_protocol: "tcp"),
385
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 65_535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.41/32")], ip_protocol: "udp")
386
+ ]).and be_idempotent
387
+ end
405
388
 
406
389
  it "can specify rules as a hash" do
407
- expect_recipe {
408
- aws_security_group 'test_sg' do
390
+ expect_recipe do
391
+ aws_security_group "test_sg" do
409
392
  # We need to define a list of ports and its easier to use a method than
410
393
  # have to add a new number when changing this test
411
- def counter()
394
+ def counter
412
395
  @ip_counter ||= 0
413
396
  @ip_counter += 1
414
397
  end
415
398
 
416
- vpc 'test_vpc'
399
+ vpc "test_vpc"
417
400
  inbound_rules([
418
- { sources: "10.0.0.#{counter}/32", port_range: -1..-1, protocol: -1 },
419
- { sources: "10.0.0.#{counter}/32", port: -1, protocol: -1 },
420
- { sources: "10.0.0.#{counter}/32", port: 1002, protocol: -1 },
421
- { sources: "10.0.0.#{counter}/32", ports: 1003..1003, protocol: -1 },
422
- { sources: "10.0.0.#{counter}/32", port_range: 1004..1005, protocol: -1 },
423
- { sources: "10.0.0.#{counter}/32", port_range: [1006, 1007, 1108], protocol: -1 },
424
- # If the protocol isn't `-1` and you don't specify all the ports
425
- # aws wants `port_range` to be nil
426
- { sources: "10.0.0.#{counter}/32", ports: nil, protocol: :tcp },
427
- { sources: "10.0.0.#{counter}/32", port_range: 0..65535, protocol: :udp },
428
- { sources: "10.0.0.#{counter}/32", port_range: -1, protocol: :icmp },
429
- { sources: "10.0.0.#{counter}/32", port_range: 1011, protocol: :any },
430
- { sources: "10.0.0.#{counter}/32", port_range: 1012, protocol: nil },
431
- { sources: "10.0.0.#{counter}/32", port: 1013 },
432
- { sources: "10.0.0.#{counter}/32", port: 1014..1014 },
433
- { sources: "10.0.0.#{counter}/32", port: [1015, 1016, 1117] },
434
- { sources: "10.0.0.#{counter}/32", port: :icmp },
435
- { sources: "10.0.0.#{counter}/32", port: 'tCp' },
436
- { sources: "10.0.0.#{counter}/32", port: nil },
437
- { sources: "10.0.0.#{counter}/32", protocol: -1 },
438
- { sources: "10.0.0.#{counter}/32", protocol: :any },
439
- { sources: "10.0.0.#{counter}/32", protocol: 'UDP' },
440
- { sources: "10.0.0.#{counter}/32", protocol: nil },
441
- { sources: "10.0.0.#{counter}/32", port_range: 1020 },
442
- { sources: "10.0.0.#{counter}/32", port_range: 1021..1023 },
443
- { sources: "10.0.0.#{counter}/32", port_range: [1024, 1025, 1125] },
444
- { sources: "10.0.0.#{counter}/32", port_range: :icmp },
445
- { sources: "10.0.0.#{counter}/32", port_range: 'Icmp' },
446
- { sources: "10.0.0.#{counter}/32", port_range: :tcp },
447
- { sources: "10.0.0.#{counter}/32", port_range: 'UDP' },
448
- { sources: "10.0.0.#{counter}/32", port_range: nil },
449
- { sources: "10.0.0.#{counter}/32", port_range: -1 },
450
- { sources: "10.0.0.#{counter}/32", port_range: :"-1" },
451
- { sources: ["10.0.0.#{counter}/32", "10.0.0.#{counter}/32"], port_range: :all },
452
- { sources: "10.0.0.#{counter}/32", port_range: 1..2, protocol: :icmp }
453
- ])
401
+ { sources: "10.0.0.#{counter}/32", port_range: -1..-1, protocol: -1 },
402
+ { sources: "10.0.0.#{counter}/32", port: -1, protocol: -1 },
403
+ { sources: "10.0.0.#{counter}/32", port: 1002, protocol: -1 },
404
+ { sources: "10.0.0.#{counter}/32", ports: 1003..1003, protocol: -1 },
405
+ { sources: "10.0.0.#{counter}/32", port_range: 1004..1005, protocol: -1 },
406
+ { sources: "10.0.0.#{counter}/32", port_range: [1006, 1007, 1108], protocol: -1 },
407
+ # If the protocol isn't `-1` and you don't specify all the ports
408
+ # aws wants `port_range` to be nil
409
+ { sources: "10.0.0.#{counter}/32", ports: nil, protocol: :tcp },
410
+ { sources: "10.0.0.#{counter}/32", port_range: 0..65_535, protocol: :udp },
411
+ { sources: "10.0.0.#{counter}/32", port_range: -1, protocol: :icmp },
412
+ { sources: "10.0.0.#{counter}/32", port_range: 1011, protocol: :any },
413
+ { sources: "10.0.0.#{counter}/32", port_range: 1012, protocol: nil },
414
+ { sources: "10.0.0.#{counter}/32", port: 1013 },
415
+ { sources: "10.0.0.#{counter}/32", port: 1014..1014 },
416
+ { sources: "10.0.0.#{counter}/32", port: [1015, 1016, 1117] },
417
+ { sources: "10.0.0.#{counter}/32", port: :icmp },
418
+ { sources: "10.0.0.#{counter}/32", port: "tCp" },
419
+ { sources: "10.0.0.#{counter}/32", port: nil },
420
+ { sources: "10.0.0.#{counter}/32", protocol: -1 },
421
+ { sources: "10.0.0.#{counter}/32", protocol: :any },
422
+ { sources: "10.0.0.#{counter}/32", protocol: "UDP" },
423
+ { sources: "10.0.0.#{counter}/32", protocol: nil },
424
+ { sources: "10.0.0.#{counter}/32", port_range: 1020 },
425
+ { sources: "10.0.0.#{counter}/32", port_range: 1021..1023 },
426
+ { sources: "10.0.0.#{counter}/32", port_range: [1024, 1025, 1125] },
427
+ { sources: "10.0.0.#{counter}/32", port_range: :icmp },
428
+ { sources: "10.0.0.#{counter}/32", port_range: "Icmp" },
429
+ { sources: "10.0.0.#{counter}/32", port_range: :tcp },
430
+ { sources: "10.0.0.#{counter}/32", port_range: "UDP" },
431
+ { sources: "10.0.0.#{counter}/32", port_range: nil },
432
+ { sources: "10.0.0.#{counter}/32", port_range: -1 },
433
+ { sources: "10.0.0.#{counter}/32", port_range: :"-1" },
434
+ { sources: ["10.0.0.#{counter}/32", "10.0.0.#{counter}/32"], port_range: :all },
435
+ { sources: "10.0.0.#{counter}/32", port_range: 1..2, protocol: :icmp }
436
+ ])
454
437
  outbound_rules([
455
- { port_range: -1..-1, protocol: -1, destinations: "10.0.0.#{counter}/32" },
456
- { port: -1, protocol: -1, destinations: "10.0.0.#{counter}/32" },
457
- { port: 1002, protocol: -1, destinations: "10.0.0.#{counter}/32" },
458
- { ports: 1003..1003, protocol: -1, destinations: "10.0.0.#{counter}/32" },
459
- { port_range: 1004..1005, protocol: -1, destinations: "10.0.0.#{counter}/32" },
460
- { port_range: [1006, 1007, 1108], protocol: -1, destinations: "10.0.0.#{counter}/32" },
461
- # If the protocol isn't `-1` and you don't specify all the ports
462
- # aws wants `port_range` to be nil{ ports: nil, protocol: :tcp } => "10.0.0.#{counter}/32",
463
- { port_range: 0..65535, protocol: :udp, destinations: "10.0.0.#{counter}/32" },
464
- { port_range: -1, protocol: :icmp, destinations: "10.0.0.#{counter}/32" },
465
- { port_range: 1..2, protocol: :icmp, destinations: "10.0.0.#{counter}/32" },
466
- { port_range: 1011, protocol: :any, destinations: "10.0.0.#{counter}/32" },
467
- { port_range: 1012, protocol: nil, destinations: "10.0.0.#{counter}/32" },
468
- { port: 1013, destinations: "10.0.0.#{counter}/32" },
469
- { port: 1014..1014, destinations: "10.0.0.#{counter}/32" },
470
- { port: [1015, 1016, 1117], destinations: "10.0.0.#{counter}/32" },
471
- { port: :icmp, destinations: "10.0.0.#{counter}/32" },
472
- { port: 'tCp', destinations: "10.0.0.#{counter}/32" },
473
- { port: nil, destinations: "10.0.0.#{counter}/32" },
474
- { protocol: -1, destinations: "10.0.0.#{counter}/32" },
475
- { protocol: :any, destinations: "10.0.0.#{counter}/32" },
476
- { protocol: 'UDP', destinations: "10.0.0.#{counter}/32" },
477
- { protocol: nil, destinations: "10.0.0.#{counter}/32" },
478
- { port_range: 1020, destinations: "10.0.0.#{counter}/32" },
479
- { port_range: 1021..1023, destinations: "10.0.0.#{counter}/32" },
480
- { port_range: [1024, 1025, 1125], destinations: "10.0.0.#{counter}/32" },
481
- { port_range: :icmp, destinations: "10.0.0.#{counter}/32" },
482
- { port_range: 'Icmp', destinations: "10.0.0.#{counter}/32" },
483
- { port_range: :tcp, destinations: "10.0.0.#{counter}/32" },
484
- { port_range: 'UDP', destinations: "10.0.0.#{counter}/32" },
485
- { port_range: nil, destinations: "10.0.0.#{counter}/32" },
486
- { port_range: -1, destinations: "10.0.0.#{counter}/32" },
487
- { port_range: :"-1", destinations: "10.0.0.#{counter}/32" },
488
- { port_range: :all, destinations: ["10.0.0.#{counter}/32", "10.0.0.#{counter}/32"] },
489
- ])
438
+ { port_range: -1..-1, protocol: -1, destinations: "10.0.0.#{counter}/32" },
439
+ { port: -1, protocol: -1, destinations: "10.0.0.#{counter}/32" },
440
+ { port: 1002, protocol: -1, destinations: "10.0.0.#{counter}/32" },
441
+ { ports: 1003..1003, protocol: -1, destinations: "10.0.0.#{counter}/32" },
442
+ { port_range: 1004..1005, protocol: -1, destinations: "10.0.0.#{counter}/32" },
443
+ { port_range: [1006, 1007, 1108], protocol: -1, destinations: "10.0.0.#{counter}/32" },
444
+ # If the protocol isn't `-1` and you don't specify all the ports
445
+ # aws wants `port_range` to be nil{ ports: nil, protocol: :tcp } => "10.0.0.#{counter}/32",
446
+ { port_range: 0..65_535, protocol: :udp, destinations: "10.0.0.#{counter}/32" },
447
+ { port_range: -1, protocol: :icmp, destinations: "10.0.0.#{counter}/32" },
448
+ { port_range: 1..2, protocol: :icmp, destinations: "10.0.0.#{counter}/32" },
449
+ { port_range: 1011, protocol: :any, destinations: "10.0.0.#{counter}/32" },
450
+ { port_range: 1012, protocol: nil, destinations: "10.0.0.#{counter}/32" },
451
+ { port: 1013, destinations: "10.0.0.#{counter}/32" },
452
+ { port: 1014..1014, destinations: "10.0.0.#{counter}/32" },
453
+ { port: [1015, 1016, 1117], destinations: "10.0.0.#{counter}/32" },
454
+ { port: :icmp, destinations: "10.0.0.#{counter}/32" },
455
+ { port: "tCp", destinations: "10.0.0.#{counter}/32" },
456
+ { port: nil, destinations: "10.0.0.#{counter}/32" },
457
+ { protocol: -1, destinations: "10.0.0.#{counter}/32" },
458
+ { protocol: :any, destinations: "10.0.0.#{counter}/32" },
459
+ { protocol: "UDP", destinations: "10.0.0.#{counter}/32" },
460
+ { protocol: nil, destinations: "10.0.0.#{counter}/32" },
461
+ { port_range: 1020, destinations: "10.0.0.#{counter}/32" },
462
+ { port_range: 1021..1023, destinations: "10.0.0.#{counter}/32" },
463
+ { port_range: [1024, 1025, 1125], destinations: "10.0.0.#{counter}/32" },
464
+ { port_range: :icmp, destinations: "10.0.0.#{counter}/32" },
465
+ { port_range: "Icmp", destinations: "10.0.0.#{counter}/32" },
466
+ { port_range: :tcp, destinations: "10.0.0.#{counter}/32" },
467
+ { port_range: "UDP", destinations: "10.0.0.#{counter}/32" },
468
+ { port_range: nil, destinations: "10.0.0.#{counter}/32" },
469
+ { port_range: -1, destinations: "10.0.0.#{counter}/32" },
470
+ { port_range: :"-1", destinations: "10.0.0.#{counter}/32" },
471
+ { port_range: :all, destinations: ["10.0.0.#{counter}/32", "10.0.0.#{counter}/32"] }
472
+ ])
490
473
  end
491
- }.to create_an_aws_security_group('test_sg',
492
- vpc_id: test_vpc.aws_object.id,
493
- ip_permissions: [
494
- set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
495
- set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
496
- set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.11/32")], ip_protocol: "tcp"),
497
- # Note: Sometimes response ip_ranges array sequence changes and test fails
498
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.7/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.16/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.17/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.21/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.27/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.29/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.30/32")], ip_protocol: "tcp"),
499
- set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.9/32")], ip_protocol: "icmp"),
500
- set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
501
- set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.13/32")], ip_protocol: "tcp"),
502
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.15/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.25/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.26/32")], ip_protocol: "icmp"),
503
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.20/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.28/32")], ip_protocol: "udp"),
504
- set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [ Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.12/32")], ip_protocol: "tcp"),
505
- # Note: Sometimes response ip_ranges array sequence changes and test fails
506
- set_ip_pemissions_mock_object(ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.1/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.2/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.3/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.4/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.5/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.6/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.10/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.18/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.19/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.31/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.32/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.33/32")], ip_protocol: "-1"),
507
- set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
508
- set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
509
- set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.34/32")], ip_protocol: "icmp"),
510
- set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
511
- set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.23/32")], ip_protocol: "tcp"),
512
- set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.22/32")], ip_protocol: "tcp"),
513
- set_ip_pemissions_mock_object(from_port: 0, to_port: 65535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.8/32")], ip_protocol: "udp")
514
- ],
515
- ip_permissions_egress: [
516
- set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
517
- set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
518
- set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.45/32")], ip_protocol: "tcp"),
519
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.50/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.51/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.55/32"),Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.61/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.63/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.64/32")], ip_protocol: "tcp"),
520
- set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.42/32")], ip_protocol: "icmp"),
521
- set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
522
- set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.47/32")], ip_protocol: "tcp"),
523
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.49/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.59/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.60/32")], ip_protocol: "icmp"),
524
- set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.54/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.62/32")], ip_protocol: "udp"),
525
- set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [ Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.46/32")], ip_protocol: "tcp"),
526
- set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.35/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.36/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.37/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.38/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.39/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.40/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.44/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.52/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.53/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.65/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.66/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.67/32") ]),
527
- set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
528
- set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
529
- set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.43/32")], ip_protocol: "icmp"),
530
- set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
531
- set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.57/32")], ip_protocol: "tcp"),
532
- set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.56/32")], ip_protocol: "tcp"),
533
- set_ip_pemissions_mock_object(from_port: 0, to_port: 65535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.41/32")], ip_protocol: "udp")
534
- ]
535
- ).and be_idempotent
474
+ end.to create_an_aws_security_group("test_sg",
475
+ vpc_id: test_vpc.aws_object.id,
476
+ ip_permissions: [
477
+ set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
478
+ set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
479
+ set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.11/32")], ip_protocol: "tcp"),
480
+ # Note: Sometimes response ip_ranges array sequence changes and test fails
481
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.7/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.16/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.17/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.21/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.27/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.29/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.30/32")], ip_protocol: "tcp"),
482
+ set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.9/32")], ip_protocol: "icmp"),
483
+ set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
484
+ set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.13/32")], ip_protocol: "tcp"),
485
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.15/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.25/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.26/32")], ip_protocol: "icmp"),
486
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.20/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.28/32")], ip_protocol: "udp"),
487
+ set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.12/32")], ip_protocol: "tcp"),
488
+ # Note: Sometimes response ip_ranges array sequence changes and test fails
489
+ set_ip_pemissions_mock_object(ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.1/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.2/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.3/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.4/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.5/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.6/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.10/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.18/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.19/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.31/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.32/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.33/32")], ip_protocol: "-1"),
490
+ set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
491
+ set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.24/32")], ip_protocol: "tcp"),
492
+ set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.34/32")], ip_protocol: "icmp"),
493
+ set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.14/32")], ip_protocol: "tcp"),
494
+ set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.23/32")], ip_protocol: "tcp"),
495
+ set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.22/32")], ip_protocol: "tcp"),
496
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 65_535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.8/32")], ip_protocol: "udp")
497
+ ],
498
+ ip_permissions_egress: [
499
+ set_ip_pemissions_mock_object(from_port: 1125, to_port: 1125, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
500
+ set_ip_pemissions_mock_object(from_port: 1025, to_port: 1025, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
501
+ set_ip_pemissions_mock_object(from_port: 1012, to_port: 1012, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.45/32")], ip_protocol: "tcp"),
502
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.50/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.51/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.55/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.61/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.63/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.64/32")], ip_protocol: "tcp"),
503
+ set_ip_pemissions_mock_object(from_port: -1, to_port: -1, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.42/32")], ip_protocol: "icmp"),
504
+ set_ip_pemissions_mock_object(from_port: 1117, to_port: 1117, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
505
+ set_ip_pemissions_mock_object(from_port: 1014, to_port: 1014, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.47/32")], ip_protocol: "tcp"),
506
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.49/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.59/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.60/32")], ip_protocol: "icmp"),
507
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 0, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.54/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.62/32")], ip_protocol: "udp"),
508
+ set_ip_pemissions_mock_object(from_port: 1013, to_port: 1013, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.46/32")], ip_protocol: "tcp"),
509
+ set_ip_pemissions_mock_object(ip_protocol: "-1", ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.35/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.36/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.37/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.38/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.39/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.40/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.44/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.52/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.53/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.65/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.66/32"), Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.67/32")]),
510
+ set_ip_pemissions_mock_object(from_port: 1016, to_port: 1016, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
511
+ set_ip_pemissions_mock_object(from_port: 1024, to_port: 1024, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.58/32")], ip_protocol: "tcp"),
512
+ set_ip_pemissions_mock_object(from_port: 1, to_port: 2, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.43/32")], ip_protocol: "icmp"),
513
+ set_ip_pemissions_mock_object(from_port: 1015, to_port: 1015, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.48/32")], ip_protocol: "tcp"),
514
+ set_ip_pemissions_mock_object(from_port: 1021, to_port: 1023, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.57/32")], ip_protocol: "tcp"),
515
+ set_ip_pemissions_mock_object(from_port: 1020, to_port: 1020, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.56/32")], ip_protocol: "tcp"),
516
+ set_ip_pemissions_mock_object(from_port: 0, to_port: 65_535, ip_ranges: [Aws::EC2::Types::IpRange.new(cidr_ip: "10.0.0.41/32")], ip_protocol: "udp")
517
+ ]).and be_idempotent
536
518
  end
537
519
  end
538
520
 
539
521
  with_aws "when narrowing from multiple VPCs" do
540
- aws_vpc 'test_vpc1' do
541
- cidr_block '10.0.0.0/24'
522
+ aws_vpc "test_vpc1" do
523
+ cidr_block "10.0.0.0/24"
542
524
  end
543
525
 
544
- aws_vpc 'test_vpc2' do
545
- cidr_block '10.0.0.0/24'
526
+ aws_vpc "test_vpc2" do
527
+ cidr_block "10.0.0.0/24"
546
528
  end
547
- aws_security_group 'test_sg' do
548
- vpc 'test_vpc1'
529
+ aws_security_group "test_sg" do
530
+ vpc "test_vpc1"
549
531
  end
550
- aws_security_group 'test_sg' do
551
- vpc 'test_vpc2'
532
+ aws_security_group "test_sg" do
533
+ vpc "test_vpc2"
552
534
  end
553
535
 
554
536
  # We need to manually delete these because the auto-delete
555
537
  # won't specify VPC
556
538
  after(:context) do
557
- converge {
558
- aws_security_group 'test_sg' do
559
- vpc 'test_vpc1'
539
+ converge do
540
+ aws_security_group "test_sg" do
541
+ vpc "test_vpc1"
560
542
  action :destroy
561
543
  end
562
- aws_security_group 'test_sg' do
563
- vpc 'test_vpc2'
544
+ aws_security_group "test_sg" do
545
+ vpc "test_vpc2"
564
546
  action :destroy
565
547
  end
566
- }
548
+ end
567
549
  end
568
550
 
569
551
  it "raises an error if it finds multiple security groups" do
570
- expect_converge {
571
- r = aws_security_group 'test_sg'
552
+ expect_converge do
553
+ r = aws_security_group "test_sg"
572
554
  r.aws_object
573
- }.to raise_error(::Chef::Provisioning::AWSDriver::Exceptions::MultipleSecurityGroupError)
555
+ end.to raise_error(::Chef::Provisioning::AWSDriver::Exceptions::MultipleSecurityGroupError)
574
556
  end
575
557
 
576
558
  it "correctly returns the security group when vpc is specified" do
577
559
  aws_obj = nil
578
- expect_converge {
579
- r = aws_security_group 'test_sg' do
580
- vpc 'test_vpc1'
560
+ expect_converge do
561
+ r = aws_security_group "test_sg" do
562
+ vpc "test_vpc1"
581
563
  end
582
564
  aws_obj = r.aws_object
583
- }.to_not raise_error
584
- expect(aws_obj.vpc_id).to eq(driver.ec2.describe_vpcs({filters: [{name: "tag-value", values: ["test_vpc1"]}]})[:vpcs].first.vpc_id)
565
+ end.to_not raise_error
566
+ expect(aws_obj.vpc_id).to eq(driver.ec2.describe_vpcs(filters: [{ name: "tag-value", values: ["test_vpc1"] }])[:vpcs].first.vpc_id)
585
567
  end
586
568
  end
587
-
588
569
  end
589
570
  end