Refactoring Network Security Groups / Rules

azurerm/import_arm_network_security_group_test.go

@@ -27,3 +27,45 @@ func TestAccAzureRMNetworkSecurityGroup_importBasic(t *testing.T) {
 		},
 	})
 }
+
+func TestAccAzureRMNetworkSecurityGroup_importSingleRule(t *testing.T) {
+	resourceName := "azurerm_network_security_group.test"
+	rInt := acctest.RandInt()
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMNetworkSecurityGroup_singleRule(rInt, testLocation()),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func TestAccAzureRMNetworkSecurityGroup_importMultipleRules(t *testing.T) {
+	resourceName := "azurerm_network_security_group.test"
+	rInt := acctest.RandInt()
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testCheckAzureRMNetworkSecurityGroupDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAzureRMNetworkSecurityGroup_anotherRule(rInt, testLocation()),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}

azurerm/network_security_rule.go

@@ -18,29 +18,3 @@ func validateNetworkSecurityRuleProtocol(v interface{}, k string) (ws []string,
 	}
 	return
 }
-
-func validateNetworkSecurityRuleAccess(v interface{}, k string) (ws []string, errors []error) {
-	value := strings.ToLower(v.(string))
-	accessTypes := map[string]bool{
-		"allow": true,
-		"deny":  true,
-	}
-
-	if !accessTypes[value] {
-		errors = append(errors, fmt.Errorf("Network Security Rule Access can only be Allow or Deny"))
-	}
-	return
-}
-
-func validateNetworkSecurityRuleDirection(v interface{}, k string) (ws []string, errors []error) {
-	value := strings.ToLower(v.(string))
-	directions := map[string]bool{
-		"inbound":  true,
-		"outbound": true,
-	}
-
-	if !directions[value] {
-		errors = append(errors, fmt.Errorf("Network Security Rule Directions can only be Inbound or Outbound"))
-	}
-	return
-}

azurerm/network_security_rule_test.go

@@ -41,75 +41,3 @@ func TestResourceAzureRMNetworkSecurityRuleProtocol_validation(t *testing.T) {
 		}
 	}
 }
-
-func TestResourceAzureRMNetworkSecurityRuleAccess_validation(t *testing.T) {
-	cases := []struct {
-		Value    string
-		ErrCount int
-	}{
-		{
-			Value:    "Random",
-			ErrCount: 1,
-		},
-		{
-			Value:    "Allow",
-			ErrCount: 0,
-		},
-		{
-			Value:    "Deny",
-			ErrCount: 0,
-		},
-		{
-			Value:    "ALLOW",
-			ErrCount: 0,
-		},
-		{
-			Value:    "deny",
-			ErrCount: 0,
-		},
-	}
-
-	for _, tc := range cases {
-		_, errors := validateNetworkSecurityRuleAccess(tc.Value, "azurerm_network_security_rule")
-
-		if len(errors) != tc.ErrCount {
-			t.Fatalf("Expected the Azure RM Network Security Rule access to trigger a validation error")
-		}
-	}
-}
-
-func TestResourceAzureRMNetworkSecurityRuleDirection_validation(t *testing.T) {
-	cases := []struct {
-		Value    string
-		ErrCount int
-	}{
-		{
-			Value:    "Random",
-			ErrCount: 1,
-		},
-		{
-			Value:    "Inbound",
-			ErrCount: 0,
-		},
-		{
-			Value:    "Outbound",
-			ErrCount: 0,
-		},
-		{
-			Value:    "INBOUND",
-			ErrCount: 0,
-		},
-		{
-			Value:    "Inbound",
-			ErrCount: 0,
-		},
-	}
-
-	for _, tc := range cases {
-		_, errors := validateNetworkSecurityRuleDirection(tc.Value, "azurerm_network_security_rule")
-
-		if len(errors) != tc.ErrCount {
-			t.Fatalf("Expected the Azure RM Network Security Rule direction to trigger a validation error")
-		}
-	}
-}