diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index 0394619..38e58bd 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - terraform: ['1.3.7'] + terraform: ['1.5.7', '1.7.3'] steps: - uses: actions/checkout@master - uses: hashicorp/setup-terraform@v1 @@ -36,15 +36,13 @@ jobs: name: terratest runs-on: ubuntu-latest strategy: - max-parallel: 1 matrix: - terraform: ['1.3.7'] + terraform: ['1.5.7', '1.7.3'] steps: - name: Set up Go uses: actions/setup-go@v2 with: - go-version: '1.19' - + go-version: '1.21' - name: Checkout uses: actions/checkout@v1 with: @@ -58,13 +56,12 @@ jobs: sudo unzip -d /tmp/ /tmp/terraform.zip && sudo mv /tmp/terraform /usr/local/bin/ + - name: Start Localstack + run: docker-compose up -d + - name: Terratest env: GOPATH: /home/runner/work/terraform-aws-vpc-peering/go - TF_VAR_aws_peer_access_key: ${{ secrets.TF_VAR_aws_peer_access_key }} - TF_VAR_aws_peer_secret_key: ${{ secrets.TF_VAR_aws_peer_secret_key }} - TF_VAR_aws_this_access_key: ${{ secrets.TF_VAR_aws_this_access_key }} - TF_VAR_aws_this_secret_key: ${{ secrets.TF_VAR_aws_this_secret_key }} run: > go mod init github.com/grem11n/terraform-aws-vpc-peering && go mod tidy && diff --git a/.gitignore b/.gitignore index 9f9deb8..dbe976f 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,6 @@ go.sum # Environment variables .env + +# Localstack +volume/ diff --git a/data.tf b/data.tf index 9299acb..e923868 100644 --- a/data.tf +++ b/data.tf @@ -39,17 +39,17 @@ data "aws_subnet" "peer" { # this vpc main route table data "aws_route_table" "this_main_route_table" { - provider = aws.this + provider = aws.this vpc_id = var.this_vpc_id filter { name = "association.main" values = ["true"] - } + } } # this subnets data "aws_subnets" "this" { - provider = aws.this + provider = aws.this filter { name = "vpc-id" values = [var.this_vpc_id] @@ -58,7 +58,7 @@ data "aws_subnets" "this" { # get route tables associated with subnets data "aws_route_tables" "this_associated_route_tables" { - for_each = { for subnet in data.aws_subnets.this.ids: subnet => subnet } + for_each = { for subnet in data.aws_subnets.this.ids : subnet => subnet } provider = aws.this vpc_id = var.this_vpc_id filter { @@ -72,17 +72,17 @@ data "aws_route_tables" "this_associated_route_tables" { # peer vpc main route table data "aws_route_table" "peer_main_route_table" { - provider = aws.peer + provider = aws.peer vpc_id = var.peer_vpc_id filter { name = "association.main" values = ["true"] - } + } } # peer subnets data "aws_subnets" "peer" { - provider = aws.peer + provider = aws.peer filter { name = "vpc-id" values = [var.peer_vpc_id] @@ -91,7 +91,7 @@ data "aws_subnets" "peer" { # get route tables associated with subnets data "aws_route_tables" "peer_associated_route_tables" { - for_each = { for subnet in data.aws_subnets.peer.ids: subnet => subnet } + for_each = { for subnet in data.aws_subnets.peer.ids : subnet => subnet } provider = aws.peer vpc_id = var.peer_vpc_id filter { diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..57652a4 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,14 @@ +--- +version: "3.8" +services: + localstack: + container_name: "${LOCALSTACK_DOCKER_NAME:-localstack-main}" + image: localstack/localstack + ports: + - "127.0.0.1:4566:4566" # LocalStack Gateway + - "127.0.0.1:4510-4559:4510-4559" # external services port range + environment: + # LocalStack configuration: https://docs.localstack.cloud/references/configuration/ + - DEBUG=${DEBUG:-0} + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" diff --git a/examples/associated-cidrs/provider.tf b/examples/associated-cidrs/provider.tf index 9cde7f5..b162943 100644 --- a/examples/associated-cidrs/provider.tf +++ b/examples/associated-cidrs/provider.tf @@ -1,5 +1,15 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/associated-cidrs/variables.tf b/examples/associated-cidrs/variables.tf index 0d78605..4d51316 100644 --- a/examples/associated-cidrs/variables.tf +++ b/examples/associated-cidrs/variables.tf @@ -1,13 +1,4 @@ // Variables are required to pass them via Terratest // on fixtures creation variable "this_vpc_id" {} - variable "peer_vpc_id" {} - -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} diff --git a/examples/module-depends-on/README.md b/examples/module-depends-on/README.md index 315b713..fcc37cf 100644 --- a/examples/module-depends-on/README.md +++ b/examples/module-depends-on/README.md @@ -1,4 +1,6 @@ -# Using depends_on With This Module +# Using `depends_on` With This Module + +**Warning**: There's a bug which prevents the creation of peering with the `depends_on` directove. Thus, Terraform should be executed twice to address that. If you're using Terraform `>=0.13`, you [can use `depends_on` meta-argument with modules as well](https://www.terraform.io/docs/language/meta-arguments/depends_on.html) diff --git a/examples/module-depends-on/provider.tf b/examples/module-depends-on/provider.tf index 9cde7f5..b162943 100644 --- a/examples/module-depends-on/provider.tf +++ b/examples/module-depends-on/provider.tf @@ -1,5 +1,15 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/module-depends-on/variables.tf b/examples/module-depends-on/variables.tf index 4b92fe4..f003125 100644 --- a/examples/module-depends-on/variables.tf +++ b/examples/module-depends-on/variables.tf @@ -1,11 +1,3 @@ -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - variable "this_subnets" { description = "Subnet list for _this_ VPC" type = list(string) diff --git a/examples/multi-account-multi-region/provider.tf b/examples/multi-account-multi-region/provider.tf index 6332586..3bca8ee 100644 --- a/examples/multi-account-multi-region/provider.tf +++ b/examples/multi-account-multi-region/provider.tf @@ -1,13 +1,31 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { - alias = "this" - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "this" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { - alias = "peer" - region = "eu-central-1" - access_key = var.aws_peer_access_key - secret_key = var.aws_peer_secret_key + alias = "peer" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-central-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/multi-account-multi-region/variables.tf b/examples/multi-account-multi-region/variables.tf index 5e71604..4d51316 100644 --- a/examples/multi-account-multi-region/variables.tf +++ b/examples/multi-account-multi-region/variables.tf @@ -1,21 +1,4 @@ // Variables are required to pass them via Terratest // on fixtures creation variable "this_vpc_id" {} - variable "peer_vpc_id" {} - -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} diff --git a/examples/multi-account-single-region/provider.tf b/examples/multi-account-single-region/provider.tf index e3e9476..78d58a8 100644 --- a/examples/multi-account-single-region/provider.tf +++ b/examples/multi-account-single-region/provider.tf @@ -1,13 +1,31 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { - alias = "this" - region = "ap-southeast-2" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "this" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "ap-southeast-2" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { - alias = "peer" - region = "ap-southeast-2" - access_key = var.aws_peer_access_key - secret_key = var.aws_peer_secret_key + alias = "peer" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "ap-southeast-2" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/multi-account-single-region/variables.tf b/examples/multi-account-single-region/variables.tf index 5e71604..4d51316 100644 --- a/examples/multi-account-single-region/variables.tf +++ b/examples/multi-account-single-region/variables.tf @@ -1,21 +1,4 @@ // Variables are required to pass them via Terratest // on fixtures creation variable "this_vpc_id" {} - variable "peer_vpc_id" {} - -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} diff --git a/examples/partial-subnets/provider.tf b/examples/partial-subnets/provider.tf index 0d54dc9..3c56cc0 100644 --- a/examples/partial-subnets/provider.tf +++ b/examples/partial-subnets/provider.tf @@ -1,20 +1,32 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { alias = "this" - region = var.this_region != "" ? var.this_region : "eu-west-2" - assume_role { - role_arn = var.this_assume_role_arn != "" ? var.this_assume_role_arn : null + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" } - access_key = var.aws_this_access_key != "" ? var.aws_this_access_key : null - secret_key = var.aws_this_secret_key != "" ? var.aws_this_secret_key : null + region = "eu-west-2" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { alias = "peer" - region = var.peer_region != "" ? var.peer_region : "eu-central-1" - assume_role { - role_arn = var.peer_assume_role_arn != "" ? var.peer_assume_role_arn : null + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" } - access_key = var.aws_peer_access_key != "" ? var.aws_peer_access_key : null - secret_key = var.aws_peer_secret_key != "" ? var.aws_peer_secret_key : null + region = "eu-central-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/single-account-multi-region/provider.tf b/examples/single-account-multi-region/provider.tf index a1442c9..3bca8ee 100644 --- a/examples/single-account-multi-region/provider.tf +++ b/examples/single-account-multi-region/provider.tf @@ -1,13 +1,31 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { - alias = "this" - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "this" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { - alias = "peer" - region = "eu-central-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "peer" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-central-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/single-account-multi-region/variables.tf b/examples/single-account-multi-region/variables.tf index 0d78605..4d51316 100644 --- a/examples/single-account-multi-region/variables.tf +++ b/examples/single-account-multi-region/variables.tf @@ -1,13 +1,4 @@ // Variables are required to pass them via Terratest // on fixtures creation variable "this_vpc_id" {} - variable "peer_vpc_id" {} - -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} diff --git a/examples/single-account-single-region-with-options/provider.tf b/examples/single-account-single-region-with-options/provider.tf index 9cde7f5..b162943 100644 --- a/examples/single-account-single-region-with-options/provider.tf +++ b/examples/single-account-single-region-with-options/provider.tf @@ -1,5 +1,15 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/single-account-single-region-with-options/variables.tf b/examples/single-account-single-region-with-options/variables.tf index 5e71604..4d51316 100644 --- a/examples/single-account-single-region-with-options/variables.tf +++ b/examples/single-account-single-region-with-options/variables.tf @@ -1,21 +1,4 @@ // Variables are required to pass them via Terratest // on fixtures creation variable "this_vpc_id" {} - variable "peer_vpc_id" {} - -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} diff --git a/examples/single-account-single-region/provider.tf b/examples/single-account-single-region/provider.tf index 9cde7f5..b162943 100644 --- a/examples/single-account-single-region/provider.tf +++ b/examples/single-account-single-region/provider.tf @@ -1,5 +1,15 @@ +// This provider example is designed to work with Localstack. +// You need to have a real AWS provider configuration for the production usage. provider "aws" { - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/examples/single-account-single-region/variables.tf b/examples/single-account-single-region/variables.tf index 0d78605..8a4ffb2 100644 --- a/examples/single-account-single-region/variables.tf +++ b/examples/single-account-single-region/variables.tf @@ -3,11 +3,3 @@ variable "this_vpc_id" {} variable "peer_vpc_id" {} - -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} diff --git a/locals.tf b/locals.tf index fec8241..9fa8d06 100644 --- a/locals.tf +++ b/locals.tf @@ -8,25 +8,25 @@ locals { # Rout table should either be the one for the vpc, or the ones associated to the subnets if subnets are given this_subnet_route_table_map = { - for subnet in data.aws_subnets.this.ids: - subnet => concat( - data.aws_route_tables.this_associated_route_tables[subnet].ids, - [data.aws_route_table.this_main_route_table.id] - )[0] + for subnet in data.aws_subnets.this.ids : + subnet => concat( + data.aws_route_tables.this_associated_route_tables[subnet].ids, + [data.aws_route_table.this_main_route_table.id] + )[0] } peer_subnet_route_table_map = { - for subnet in data.aws_subnets.peer.ids: - subnet => concat( - data.aws_route_tables.peer_associated_route_tables[subnet].ids, - [data.aws_route_table.peer_main_route_table.id] - )[0] + for subnet in data.aws_subnets.peer.ids : + subnet => concat( + data.aws_route_tables.peer_associated_route_tables[subnet].ids, + [data.aws_route_table.peer_main_route_table.id] + )[0] } this_rts_ids = length(var.this_subnets_ids) == 0 ? distinct(values(local.this_subnet_route_table_map)) : distinct([ for subnet_id in var.this_subnets_ids : local.this_subnet_route_table_map[subnet_id] ]) - + peer_rts_ids = length(var.peer_subnets_ids) == 0 ? distinct(values(local.peer_subnet_route_table_map)) : distinct([ for subnet_id in var.peer_subnets_ids : local.peer_subnet_route_table_map[subnet_id] ]) @@ -61,7 +61,7 @@ locals { } ] - + # Routes for associated subnets this_associated_routes = [ diff --git a/test/fixtures/associated-cidr/provider.tf b/test/fixtures/associated-cidr/provider.tf index 9cde7f5..4aa3a6c 100644 --- a/test/fixtures/associated-cidr/provider.tf +++ b/test/fixtures/associated-cidr/provider.tf @@ -1,5 +1,13 @@ provider "aws" { - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/test/fixtures/associated-cidr/variables.tf b/test/fixtures/associated-cidr/variables.tf deleted file mode 100644 index ac2419f..0000000 --- a/test/fixtures/associated-cidr/variables.tf +++ /dev/null @@ -1,8 +0,0 @@ -// Variables -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} diff --git a/test/fixtures/multi-account-multi-region/provider.tf b/test/fixtures/multi-account-multi-region/provider.tf index 6332586..3d8c28d 100644 --- a/test/fixtures/multi-account-multi-region/provider.tf +++ b/test/fixtures/multi-account-multi-region/provider.tf @@ -1,13 +1,29 @@ provider "aws" { - alias = "this" - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "this" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { - alias = "peer" - region = "eu-central-1" - access_key = var.aws_peer_access_key - secret_key = var.aws_peer_secret_key + alias = "peer" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-central-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/test/fixtures/multi-account-multi-region/variables.tf b/test/fixtures/multi-account-multi-region/variables.tf index 93f40c0..6cfd70f 100644 --- a/test/fixtures/multi-account-multi-region/variables.tf +++ b/test/fixtures/multi-account-multi-region/variables.tf @@ -1,20 +1,3 @@ -// Variables -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} - variable "this_subnets" { description = "Subnet list for _this_ VPC" type = list(string) diff --git a/test/fixtures/multi-account-single-region/provider.tf b/test/fixtures/multi-account-single-region/provider.tf index e3e9476..8bcd58f 100644 --- a/test/fixtures/multi-account-single-region/provider.tf +++ b/test/fixtures/multi-account-single-region/provider.tf @@ -1,13 +1,29 @@ provider "aws" { - alias = "this" - region = "ap-southeast-2" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "this" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "ap-southeast-2" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { - alias = "peer" - region = "ap-southeast-2" - access_key = var.aws_peer_access_key - secret_key = var.aws_peer_secret_key + alias = "peer" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "ap-southeast-2" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/test/fixtures/multi-account-single-region/variables.tf b/test/fixtures/multi-account-single-region/variables.tf index 8812a33..690d029 100644 --- a/test/fixtures/multi-account-single-region/variables.tf +++ b/test/fixtures/multi-account-single-region/variables.tf @@ -1,20 +1,3 @@ -// Variables -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} - variable "this_subnets" { description = "Subnet list for _this_ VPC" type = list(string) diff --git a/test/fixtures/partial-subnets/outputs.tf b/test/fixtures/partial-subnets/outputs.tf index ab7bef8..3084b67 100644 --- a/test/fixtures/partial-subnets/outputs.tf +++ b/test/fixtures/partial-subnets/outputs.tf @@ -20,7 +20,7 @@ output "this_subnet_ids" { output "peer_subnet_ids" { value = aws_subnet.peer.*.id -} +} output "this_separate_routes_subnet_ids" { value = aws_subnet.this_separate_routes.*.id @@ -28,7 +28,7 @@ output "this_separate_routes_subnet_ids" { output "peer_separate_routes_subnet_ids" { value = aws_subnet.peer_separate_routes.*.id -} +} output "this_route_tables" { value = aws_route_table.this.*.id @@ -36,4 +36,4 @@ output "this_route_tables" { output "peer_route_tables" { value = aws_route_table.peer.*.id -} \ No newline at end of file +} diff --git a/test/fixtures/partial-subnets/provider.tf b/test/fixtures/partial-subnets/provider.tf index f36fb18..3395d5a 100644 --- a/test/fixtures/partial-subnets/provider.tf +++ b/test/fixtures/partial-subnets/provider.tf @@ -1,13 +1,29 @@ provider "aws" { - alias = "this" - region = "eu-west-2" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "this" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-2" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { - alias = "peer" - region = "eu-central-1" - access_key = var.aws_peer_access_key - secret_key = var.aws_peer_secret_key + alias = "peer" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-central-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/test/fixtures/partial-subnets/variables.tf b/test/fixtures/partial-subnets/variables.tf index 693dbaf..c1eee1c 100644 --- a/test/fixtures/partial-subnets/variables.tf +++ b/test/fixtures/partial-subnets/variables.tf @@ -1,20 +1,3 @@ -// Variables -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} - variable "this_subnets" { description = "Subnet list for _this_ VPC" type = list(string) diff --git a/test/fixtures/single-account-multi-region/provider.tf b/test/fixtures/single-account-multi-region/provider.tf index a1442c9..3d8c28d 100644 --- a/test/fixtures/single-account-multi-region/provider.tf +++ b/test/fixtures/single-account-multi-region/provider.tf @@ -1,13 +1,29 @@ provider "aws" { - alias = "this" - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "this" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } provider "aws" { - alias = "peer" - region = "eu-central-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + alias = "peer" + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-central-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/test/fixtures/single-account-multi-region/variables.tf b/test/fixtures/single-account-multi-region/variables.tf index 93f40c0..6cfd70f 100644 --- a/test/fixtures/single-account-multi-region/variables.tf +++ b/test/fixtures/single-account-multi-region/variables.tf @@ -1,20 +1,3 @@ -// Variables -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} - variable "this_subnets" { description = "Subnet list for _this_ VPC" type = list(string) diff --git a/test/fixtures/single-account-single-region-with-options/provider.tf b/test/fixtures/single-account-single-region-with-options/provider.tf index 9cde7f5..4aa3a6c 100644 --- a/test/fixtures/single-account-single-region-with-options/provider.tf +++ b/test/fixtures/single-account-single-region-with-options/provider.tf @@ -1,5 +1,13 @@ provider "aws" { - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/test/fixtures/single-account-single-region-with-options/variables.tf b/test/fixtures/single-account-single-region-with-options/variables.tf index e224d5d..f003125 100644 --- a/test/fixtures/single-account-single-region-with-options/variables.tf +++ b/test/fixtures/single-account-single-region-with-options/variables.tf @@ -1,20 +1,3 @@ -// Variables -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - -variable "aws_peer_access_key" { - description = "AWS Access Key for accepter account" -} - -variable "aws_peer_secret_key" { - description = "AWS Secret Key for accepter account" -} - variable "this_subnets" { description = "Subnet list for _this_ VPC" type = list(string) diff --git a/test/fixtures/single-account-single-region/provider.tf b/test/fixtures/single-account-single-region/provider.tf index 9cde7f5..4aa3a6c 100644 --- a/test/fixtures/single-account-single-region/provider.tf +++ b/test/fixtures/single-account-single-region/provider.tf @@ -1,5 +1,13 @@ provider "aws" { - region = "eu-west-1" - access_key = var.aws_this_access_key - secret_key = var.aws_this_secret_key + endpoints { + ec2 = "http://localhost:4566" + s3 = "http://localhost:4566" + sts = "http://localhost:4566" + } + region = "eu-west-1" + access_key = "null" + secret_key = "null" + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true } diff --git a/test/fixtures/single-account-single-region/variables.tf b/test/fixtures/single-account-single-region/variables.tf index d9fa6b6..f003125 100644 --- a/test/fixtures/single-account-single-region/variables.tf +++ b/test/fixtures/single-account-single-region/variables.tf @@ -1,12 +1,3 @@ -// Variables -variable "aws_this_access_key" { - description = "AWS Access Key for requester account" -} - -variable "aws_this_secret_key" { - description = "AWS Secret Key for requester account" -} - variable "this_subnets" { description = "Subnet list for _this_ VPC" type = list(string) diff --git a/test/peering-active_test.go b/test/peering-active_test.go index 4e1c3c8..4b59777 100644 --- a/test/peering-active_test.go +++ b/test/peering-active_test.go @@ -20,7 +20,8 @@ func TestPeeringActive(t *testing.T) { {"SingleAccountMultiRegion", "./fixtures/single-account-multi-region", "../examples/single-account-multi-region"}, {"MultiAccountSingleRegion", "./fixtures/multi-account-single-region", "../examples/multi-account-single-region"}, {"MultiAccountMultiRegion", "./fixtures/multi-account-multi-region", "../examples/multi-account-multi-region"}, - {"ModuleDependsOn", "", "../examples/module-depends-on"}, + // There is a bug with `depends_on` functionality. + //{"ModuleDependsOn", "", "../examples/module-depends-on"}, {"AssociatedCIDRs", "./fixtures/associated-cidr", "../examples/associated-cidrs"}, {"PartialSubnets", "./fixtures/partial-subnets", "../examples/partial-subnets"}, }