Skip to content

Commit 5b90500

Browse files
committed
Add 'testAccClientVPNEndpoint_vpcSecurityGroups'.
1 parent 7123c34 commit 5b90500

File tree

2 files changed

+45
-0
lines changed

2 files changed

+45
-0
lines changed

internal/service/ec2/client_vpn_endpoint.go

+2
Original file line numberDiff line numberDiff line change
@@ -412,6 +412,8 @@ func resourceClientVPNEndpointUpdate(d *schema.ResourceData, meta interface{}) e
412412

413413
if d.HasChange("security_group_ids") {
414414
input.SecurityGroupIds = flex.ExpandStringSet(d.Get("security_group_ids").(*schema.Set))
415+
// "InvalidParameterValue: Security Groups cannot be modified without specifying Vpc Id"
416+
input.VpcId = aws.String(d.Get("vpc_id").(string))
415417
}
416418

417419
if d.HasChange("self_service_portal") {

internal/service/ec2/client_vpn_endpoint_test.go

+43
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ func TestAccEC2ClientVPNEndpoint_serial(t *testing.T) {
4646
"simpleAttributesUpdate": testAccClientVPNEndpoint_simpleAttributesUpdate,
4747
"selfServicePortal": testAccClientVPNEndpoint_selfServicePortal,
4848
"vpcNoSecurityGroups": testAccClientVPNEndpoint_vpcNoSecurityGroups,
49+
"vpcSecurityGroups": testAccClientVPNEndpoint_vpcSecurityGroups,
4950
"basicDataSource": testAccClientVPNEndpointDataSource_basic,
5051
},
5152
"AuthorizationRule": {
@@ -658,6 +659,48 @@ func testAccClientVPNEndpoint_vpcNoSecurityGroups(t *testing.T) {
658659
})
659660
}
660661

662+
func testAccClientVPNEndpoint_vpcSecurityGroups(t *testing.T) {
663+
var v ec2.ClientVpnEndpoint
664+
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
665+
resourceName := "aws_ec2_client_vpn_endpoint.test"
666+
securityGroup1ResourceName := "aws_security_group.test1"
667+
securityGroup2ResourceName := "aws_security_group.test2"
668+
vpcResourceName := "aws_vpc.test"
669+
670+
resource.ParallelTest(t, resource.TestCase{
671+
PreCheck: func() { testAccPreCheckClientVPNSyncronize(t); acctest.PreCheck(t) },
672+
ErrorCheck: acctest.ErrorCheck(t, ec2.EndpointsID),
673+
Providers: acctest.Providers,
674+
CheckDestroy: testAccCheckClientVPNEndpointDestroy,
675+
Steps: []resource.TestStep{
676+
{
677+
Config: testAccEc2ClientVpnEndpointConfigSecurityGroups(rName, 2),
678+
Check: resource.ComposeTestCheckFunc(
679+
testAccCheckClientVPNEndpointExists(resourceName, &v),
680+
resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", "2"),
681+
resource.TestCheckTypeSetElemAttrPair(resourceName, "security_group_ids.*", securityGroup1ResourceName, "id"),
682+
resource.TestCheckTypeSetElemAttrPair(resourceName, "security_group_ids.*", securityGroup2ResourceName, "id"),
683+
resource.TestCheckResourceAttrPair(resourceName, "vpc_id", vpcResourceName, "id"),
684+
),
685+
},
686+
{
687+
ResourceName: resourceName,
688+
ImportState: true,
689+
ImportStateVerify: true,
690+
},
691+
{
692+
Config: testAccEc2ClientVpnEndpointConfigSecurityGroups(rName, 1),
693+
Check: resource.ComposeTestCheckFunc(
694+
testAccCheckClientVPNEndpointExists(resourceName, &v),
695+
resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", "1"),
696+
resource.TestCheckTypeSetElemAttrPair(resourceName, "security_group_ids.*", securityGroup1ResourceName, "id"),
697+
resource.TestCheckResourceAttrPair(resourceName, "vpc_id", vpcResourceName, "id"),
698+
),
699+
},
700+
},
701+
})
702+
}
703+
661704
func testAccPreCheckClientVPNSyncronize(t *testing.T) {
662705
sync.TestAccPreCheckSyncronize(t, testAccEc2ClientVpnEndpointSemaphore, "Client VPN")
663706
}

0 commit comments

Comments
 (0)