- main.tftest.hcl
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 |
# -------------------------------------------------------------- # Basic Configuration Tests # -------------------------------------------------------------- run "basic_configuration" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "hoge.com" acm_region = "us-east-1" } # Verify ACM certificate basic configuration assert { condition = aws_acm_certificate.this.domain_name == "hoge.com" error_message = "ACM certificate domain name should match input variable" } assert { condition = aws_acm_certificate.this.validation_method == "DNS" error_message = "ACM certificate should use DNS validation method" } } # -------------------------------------------------------------- # ACM Certificate Creation Tests # -------------------------------------------------------------- run "create_acm_certificate" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "hoge.com" acm_region = "us-east-1" } # ACM Certificate tests assert { condition = aws_acm_certificate.this.domain_name == "hoge.com" error_message = "ACM certificate domain name does not match expected value" } assert { condition = aws_acm_certificate.this.validation_method == "DNS" error_message = "ACM certificate validation method should be DNS" } } # -------------------------------------------------------------- # Route53 Record Creation Tests # -------------------------------------------------------------- run "create_route53_validation_records" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "hoge.com" acm_region = "us-east-1" } # Route53 Record tests - verify records are created assert { condition = length(aws_route53_record.this) == 1 error_message = "Exactly one Route53 validation record should be created" } } # -------------------------------------------------------------- # Variable Validation Tests # -------------------------------------------------------------- run "variable_validation" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "api.hoge.com" acm_region = "us-east-1" } # Test that variables are properly passed through to resources assert { condition = aws_acm_certificate.this.domain_name == "api.hoge.com" error_message = "ACM certificate should use the provided domain_name variable" } # Test subdomain handling - verify Route53 records are created assert { condition = length(aws_route53_record.this) == 1 error_message = "Route53 validation record should be created for subdomain" } # Verify domain validation processing with different domain assert { condition = contains([for dvo in aws_acm_certi`cate.this.domain_validation_options : dvo.domain_name], "api.hoge.com") error_message = "ACM certificate domain validation options should contain the subdomain" } } # -------------------------------------------------------------- # Data Source Configuration Tests # -------------------------------------------------------------- run "route53_zone_data_source" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "hoge.com" acm_region = "us-east-1" } # Route53 Zone data source configuration tests assert { condition = data.aws_route53_zone.this.private_zone == false error_message = "Route53 zone should be configured to look for a public zone" } } # -------------------------------------------------------------- # Domain Validation Options Tests # -------------------------------------------------------------- run "domain_validation_options" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "hoge.com" acm_region = "us-east-1" } # Domain validation options tests assert { condition = contains([for dvo in aws_acm_certificate.this.domain_validation_options : dvo.domain_name], "hoge.com") error_message = "ACM certificate domain validation options should contain the domain_name" } assert { condition = length(aws_acm_certificate.this.domain_validation_options) == 1 error_message = "ACM certificate should have exactly one domain validation option" } } # -------------------------------------------------------------- # Wildcard Domain Configuration Tests # -------------------------------------------------------------- run "wildcard_domain_certificate" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "*.hoge.com" acm_region = "us-east-1" } # Wildcard domain configuration tests assert { condition = aws_acm_certificate.this.domain_name == "*.hoge.com" error_message = "ACM certificate should support wildcard domain names" } # Verify Route53 validation records are created for wildcard domains assert { condition = length(aws_route53_record.this) == 1 error_message = "Route53 validation record should be created for wildcard domain" } # Verify domain validation processing for wildcard domains assert { condition = contains([for dvo in aws_acm_certificate.this.domain_validation_options : dvo.domain_name], "*.hoge.com") error_message = "ACM certificate domain validation options should contain the wildcard domain" } } # -------------------------------------------------------------- # Different Region Configuration Tests # -------------------------------------------------------------- run "different_acm_region" { command = plan variables { hosted_zone_name = "hoge.com" domain_name = "hoge.com" acm_region = "us-west-2" } # Different region configuration tests assert { condition = aws_acm_certificate.this.domain_name == "hoge.com" error_message = "ACM certificate should be created with correct domain in different regions" } # Verify validation method remains consistent across regions assert { condition = aws_acm_certificate.this.validation_method == "DNS" error_message = "ACM certificate validation method should remain DNS in all regions" } } |
- ACM証明書設定: ドメイン名、DNS検証方式の設定確認
- Route53検証レコード: DNS検証用レコードの作成確認
- データソース設定: Route53 Hosted Zoneの検索設定確認
- ドメイン検証オプション: ACM証明書のドメイン検証オプションの処理確認
- ワイルドカードドメイン対応:
*.hoge.com形式のドメイン処理 - マルチリージョン対応: 異なるAWSリージョンでの動作確認
- 変数検証: 異なるドメイン名(サブドメイン)での動作確認
Was this helpful?
0 / 0
1989年生まれのFindy/SRE サブマネージャー。ホスティングから大規模なアドテクなどのインフラエンジニアとして携わる。現在はサービスの信頼性向上、DevOps、可用性、レイテンシ、パフォーマンス、モニタリング、オブザーバビリティ、緊急対応、AWSでのインフラ構築、Docker開発環境の提供、IaC、新技術の検証、リファクタリング、セキュリティ強化、分析基盤の運用、チームマネジメントを担当している。
個人事業主では数社サーバー保守とベンチャー企業のインフラコンサルティングを行うほか、TechBullを創業し、未経験者向けにSREのコーチングやコミュニティ運営、LT大会の開催、 会員管理システム「Members」の開発をリードしている。さらに、エンジニア向けYouTubeメディア「TECH WORLD」ではSRE関連の動画に出演し、過去には脆弱性スキャナ「Vuls」のOSS活動にも貢献。