Skip to content

Commit 1bcea47

Browse files
bfladbflad
authored
Gateway Load Balancer Support (#16131)
* resource/aws_lb: Support load_balancer_type argument value of gateway Reference: #14601 Output from acceptance testing: ``` --- PASS: TestAccAWSLB_LoadBalancerType_Gateway (113.78s) ``` * resource/aws_lb_target_group: Support protocol argument value of GENEVE Reference: #14601 Output from acceptance testing: ``` --- PASS: TestAccAWSLBTargetGroup_Protocol_Geneve (29.03s) ``` * resource/aws_vpc_endpoint_service: Add gateway_load_balancer_arns argument Output from acceptance testing: ``` --- PASS: TestAccAWSVpcEndpointService_GatewayLoadBalancerArns (209.75s) ``` * resource/aws_vpc_endpoint: Support vpc_endpoint_type argument value GatewayLoadBalancer Reference: #14601 Output from acceptance testing: ``` --- PASS: TestAccAWSVpcEndpoint_VpcEndpointType_GatewayLoadBalancer (272.58s) ``` * resource/aws_route: Add vpc_endpoint_id argument Output from acceptance testing: ``` --- PASS: TestAccAWSRoute_VpcEndpointId (275.86s) ``` * resource/aws_route_table: Add route configuration block vpc_endpoint_id argument Output from acceptance testing: ``` --- PASS: TestAccAWSRouteTable_Route_VpcEndpointId (294.12s) ``` * resource/aws_default_route_table: Add route configuration block vpc_endpoint_id argument Output from acceptance testing: ``` --- PASS: TestAccAWSDefaultRouteTable_Route_VpcEndpointId (311.63s) ``` * tests/provider: terrafmt fixes * docs/resource/aws_vpc_endpoint: terrafmt fix * tests/service/ec2: Additional terrafmt fixes
1 parent ae8365c commit 1bcea47

23 files changed

Lines changed: 754 additions & 55 deletions

aws/data_source_aws_route_table.go

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package aws
33
import (
44
"fmt"
55
"log"
6+
"strings"
67

78
"github.com/aws/aws-sdk-go/aws"
89
"github.com/aws/aws-sdk-go/service/ec2"
@@ -82,6 +83,11 @@ func dataSourceAwsRouteTable() *schema.Resource {
8283
Computed: true,
8384
},
8485

86+
"vpc_endpoint_id": {
87+
Type: schema.TypeString,
88+
Computed: true,
89+
},
90+
8591
"vpc_peering_connection_id": {
8692
Type: schema.TypeString,
8793
Computed: true,
@@ -228,7 +234,11 @@ func dataSourceRoutesRead(ec2Routes []*ec2.Route) []map[string]interface{} {
228234
m["egress_only_gateway_id"] = *r.EgressOnlyInternetGatewayId
229235
}
230236
if r.GatewayId != nil {
231-
m["gateway_id"] = *r.GatewayId
237+
if strings.HasPrefix(*r.GatewayId, "vpce-") {
238+
m["vpc_endpoint_id"] = *r.GatewayId
239+
} else {
240+
m["gateway_id"] = *r.GatewayId
241+
}
232242
}
233243
if r.NatGatewayId != nil {
234244
m["nat_gateway_id"] = *r.NatGatewayId

aws/resource_aws_default_route_table.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,11 @@ func resourceAwsDefaultRouteTable() *schema.Resource {
9393
Optional: true,
9494
},
9595

96+
"vpc_endpoint_id": {
97+
Type: schema.TypeString,
98+
Optional: true,
99+
},
100+
96101
"vpc_peering_connection_id": {
97102
Type: schema.TypeString,
98103
Optional: true,

aws/resource_aws_default_route_table_test.go

Lines changed: 159 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -187,6 +187,41 @@ func TestAccAWSDefaultRouteTable_Route_TransitGatewayID(t *testing.T) {
187187
})
188188
}
189189

190+
func TestAccAWSDefaultRouteTable_Route_VpcEndpointId(t *testing.T) {
191+
var routeTable1 ec2.RouteTable
192+
rName := acctest.RandomWithPrefix("tf-acc-test")
193+
resourceName := "aws_default_route_table.test"
194+
195+
resource.ParallelTest(t, resource.TestCase{
196+
PreCheck: func() { testAccPreCheck(t) },
197+
Providers: testAccProviders,
198+
CheckDestroy: testAccCheckRouteTableDestroy,
199+
Steps: []resource.TestStep{
200+
{
201+
Config: testAccAWSDefaultRouteTableConfigRouteVpcEndpointId(rName),
202+
Check: resource.ComposeTestCheckFunc(
203+
testAccCheckRouteTableExists(resourceName, &routeTable1),
204+
),
205+
},
206+
{
207+
ResourceName: resourceName,
208+
ImportState: true,
209+
ImportStateIdFunc: testAccAWSDefaultRouteTableImportStateIdFunc(resourceName),
210+
ImportStateVerify: true,
211+
},
212+
// Default route tables do not currently have a method to remove routes during deletion.
213+
// VPC Endpoints will not delete unless the route is removed prior, otherwise will error:
214+
// InvalidParameter: Endpoint must be removed from route table before deletion
215+
{
216+
Config: testAccAWSDefaultRouteTableConfigRouteVpcEndpointIdNoRoute(rName),
217+
Check: resource.ComposeTestCheckFunc(
218+
testAccCheckRouteTableExists(resourceName, &routeTable1),
219+
),
220+
},
221+
},
222+
})
223+
}
224+
190225
func TestAccAWSDefaultRouteTable_vpc_endpoint(t *testing.T) {
191226
var v ec2.RouteTable
192227
resourceName := "aws_default_route_table.foo"
@@ -570,6 +605,130 @@ resource "aws_default_route_table" "test" {
570605
`
571606
}
572607

608+
func testAccAWSDefaultRouteTableConfigRouteVpcEndpointId(rName string) string {
609+
return composeConfig(
610+
testAccAvailableAZsNoOptInConfig(),
611+
fmt.Sprintf(`
612+
data "aws_caller_identity" "current" {}
613+
614+
resource "aws_vpc" "test" {
615+
cidr_block = "10.10.10.0/25"
616+
617+
tags = {
618+
Name = "tf-acc-test-load-balancer"
619+
}
620+
}
621+
622+
# Another route destination for update
623+
resource "aws_internet_gateway" "test" {
624+
vpc_id = aws_vpc.test.id
625+
}
626+
627+
resource "aws_subnet" "test" {
628+
availability_zone = data.aws_availability_zones.available.names[0]
629+
cidr_block = cidrsubnet(aws_vpc.test.cidr_block, 2, 0)
630+
vpc_id = aws_vpc.test.id
631+
632+
tags = {
633+
Name = "tf-acc-test-load-balancer"
634+
}
635+
}
636+
637+
resource "aws_lb" "test" {
638+
load_balancer_type = "gateway"
639+
name = %[1]q
640+
641+
subnet_mapping {
642+
subnet_id = aws_subnet.test.id
643+
}
644+
}
645+
646+
resource "aws_vpc_endpoint_service" "test" {
647+
acceptance_required = false
648+
allowed_principals = [data.aws_caller_identity.current.arn]
649+
gateway_load_balancer_arns = [aws_lb.test.arn]
650+
}
651+
652+
resource "aws_vpc_endpoint" "test" {
653+
service_name = aws_vpc_endpoint_service.test.service_name
654+
subnet_ids = [aws_subnet.test.id]
655+
vpc_endpoint_type = aws_vpc_endpoint_service.test.service_type
656+
vpc_id = aws_vpc.test.id
657+
}
658+
659+
resource "aws_default_route_table" "test" {
660+
default_route_table_id = aws_vpc.test.default_route_table_id
661+
662+
route {
663+
cidr_block = "0.0.0.0/0"
664+
vpc_endpoint_id = aws_vpc_endpoint.test.id
665+
}
666+
}
667+
`, rName))
668+
}
669+
670+
func testAccAWSDefaultRouteTableConfigRouteVpcEndpointIdNoRoute(rName string) string {
671+
return composeConfig(
672+
testAccAvailableAZsNoOptInConfig(),
673+
fmt.Sprintf(`
674+
data "aws_caller_identity" "current" {}
675+
676+
resource "aws_vpc" "test" {
677+
cidr_block = "10.10.10.0/25"
678+
679+
tags = {
680+
Name = "tf-acc-test-load-balancer"
681+
}
682+
}
683+
684+
# Another route destination for update
685+
resource "aws_internet_gateway" "test" {
686+
vpc_id = aws_vpc.test.id
687+
}
688+
689+
resource "aws_subnet" "test" {
690+
availability_zone = data.aws_availability_zones.available.names[0]
691+
cidr_block = cidrsubnet(aws_vpc.test.cidr_block, 2, 0)
692+
vpc_id = aws_vpc.test.id
693+
694+
tags = {
695+
Name = "tf-acc-test-load-balancer"
696+
}
697+
}
698+
699+
resource "aws_lb" "test" {
700+
load_balancer_type = "gateway"
701+
name = %[1]q
702+
703+
subnet_mapping {
704+
subnet_id = aws_subnet.test.id
705+
}
706+
}
707+
708+
resource "aws_vpc_endpoint_service" "test" {
709+
acceptance_required = false
710+
allowed_principals = [data.aws_caller_identity.current.arn]
711+
gateway_load_balancer_arns = [aws_lb.test.arn]
712+
}
713+
714+
resource "aws_vpc_endpoint" "test" {
715+
service_name = aws_vpc_endpoint_service.test.service_name
716+
subnet_ids = [aws_subnet.test.id]
717+
vpc_endpoint_type = aws_vpc_endpoint_service.test.service_type
718+
vpc_id = aws_vpc.test.id
719+
}
720+
721+
resource "aws_default_route_table" "test" {
722+
default_route_table_id = aws_vpc.test.default_route_table_id
723+
724+
route {
725+
cidr_block = "0.0.0.0/0"
726+
gateway_id = aws_internet_gateway.test.id
727+
}
728+
}
729+
`, rName))
730+
}
731+
573732
const testAccDefaultRouteTable_vpc_endpoint = `
574733
data "aws_region" "current" {}
575734

aws/resource_aws_lb.go

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -74,14 +74,11 @@ func resourceAwsLb() *schema.Resource {
7474
},
7575

7676
"load_balancer_type": {
77-
Type: schema.TypeString,
78-
ForceNew: true,
79-
Optional: true,
80-
Default: elbv2.LoadBalancerTypeEnumApplication,
81-
ValidateFunc: validation.StringInSlice([]string{
82-
elbv2.LoadBalancerTypeEnumApplication,
83-
elbv2.LoadBalancerTypeEnumNetwork,
84-
}, false),
77+
Type: schema.TypeString,
78+
ForceNew: true,
79+
Optional: true,
80+
Default: elbv2.LoadBalancerTypeEnumApplication,
81+
ValidateFunc: validation.StringInSlice(elbv2.LoadBalancerTypeEnum_Values(), false),
8582
},
8683

8784
"security_groups": {

aws/resource_aws_lb_target_group.go

Lines changed: 4 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -66,17 +66,10 @@ func resourceAwsLbTargetGroup() *schema.Resource {
6666
},
6767

6868
"protocol": {
69-
Type: schema.TypeString,
70-
Optional: true,
71-
ForceNew: true,
72-
ValidateFunc: validation.StringInSlice([]string{
73-
elbv2.ProtocolEnumHttp,
74-
elbv2.ProtocolEnumHttps,
75-
elbv2.ProtocolEnumTcp,
76-
elbv2.ProtocolEnumTls,
77-
elbv2.ProtocolEnumUdp,
78-
elbv2.ProtocolEnumTcpUdp,
79-
}, true),
69+
Type: schema.TypeString,
70+
Optional: true,
71+
ForceNew: true,
72+
ValidateFunc: validation.StringInSlice(elbv2.ProtocolEnum_Values(), true),
8073
},
8174

8275
"vpc_id": {

aws/resource_aws_lb_target_group_test.go

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -271,6 +271,38 @@ func TestAccAWSLBTargetGroup_networkLB_TargetGroup(t *testing.T) {
271271
})
272272
}
273273

274+
func TestAccAWSLBTargetGroup_Protocol_Geneve(t *testing.T) {
275+
var conf elbv2.TargetGroup
276+
rName := acctest.RandomWithPrefix("tf-acc-test")
277+
resourceName := "aws_lb_target_group.test"
278+
279+
resource.ParallelTest(t, resource.TestCase{
280+
PreCheck: func() { testAccPreCheck(t) },
281+
ProviderFactories: testAccProviderFactories,
282+
CheckDestroy: testAccCheckAWSLBTargetGroupDestroy,
283+
Steps: []resource.TestStep{
284+
{
285+
Config: testAccAWSLBTargetGroupConfigProtocolGeneve(rName),
286+
Check: resource.ComposeAggregateTestCheckFunc(
287+
testAccCheckAWSLBTargetGroupExists(resourceName, &conf),
288+
resource.TestCheckResourceAttr(resourceName, "port", "6081"),
289+
resource.TestCheckResourceAttr(resourceName, "protocol", elbv2.ProtocolEnumGeneve),
290+
),
291+
},
292+
{
293+
ResourceName: resourceName,
294+
ImportState: true,
295+
ImportStateVerify: true,
296+
ImportStateVerifyIgnore: []string{
297+
"lambda_multi_value_headers_enabled",
298+
"proxy_protocol_v2",
299+
"slow_start",
300+
},
301+
},
302+
},
303+
})
304+
}
305+
274306
func TestAccAWSLBTargetGroup_Protocol_Tcp_HealthCheck_Protocol(t *testing.T) {
275307
var targetGroup1, targetGroup2 elbv2.TargetGroup
276308
targetGroupName := fmt.Sprintf("test-target-group-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
@@ -1434,6 +1466,30 @@ resource "aws_vpc" "test" {
14341466
`, targetGroupName)
14351467
}
14361468

1469+
func testAccAWSLBTargetGroupConfigProtocolGeneve(rName string) string {
1470+
return fmt.Sprintf(`
1471+
resource "aws_vpc" "test" {
1472+
cidr_block = "10.10.10.0/25"
1473+
1474+
tags = {
1475+
Name = "tf-acc-test-lb-target-group"
1476+
}
1477+
}
1478+
1479+
resource "aws_lb_target_group" "test" {
1480+
name = %[1]q
1481+
port = 6081
1482+
protocol = "GENEVE"
1483+
vpc_id = aws_vpc.test.id
1484+
1485+
health_check {
1486+
port = 80
1487+
protocol = "HTTP"
1488+
}
1489+
}
1490+
`, rName)
1491+
}
1492+
14371493
func testAccAWSLBTargetGroupConfigTags1(targetGroupName, tagKey1, tagValue1 string) string {
14381494
return fmt.Sprintf(`
14391495
resource "aws_lb_target_group" "test" {

0 commit comments

Comments
 (0)