update tests to improve coverage

hashicorp · Jan 25, 2022 · 11e1e8c · 11e1e8c
1 parent 6ba25d6
commit 11e1e8c
Show file tree

Hide file tree

Showing 4 changed files with 205 additions and 25 deletions.
diff --git a/internal/services/firewall/firewall_application_rule_collection_resource_test.go b/internal/services/firewall/firewall_application_rule_collection_resource_test.go
@@ -513,7 +513,7 @@ resource "azurerm_firewall_application_rule_collection" "test" {
   rule {
     name        = "rule1"
     description = "test description"
-    fqdn_tags   = ["WindowsDiagnostics"]
+    fqdn_tags   = ["WindowsDiagnostics", "AzureBackup"]
     source_addresses = [
       "10.0.0.0/16",
     ]
@@ -711,11 +711,13 @@ resource "azurerm_firewall_application_rule_collection" "test" {
     name = "rule1"
 
     source_addresses = [
+      "192.0.0.0/16",
       "10.0.0.0/16",
     ]
 
     target_fqdns = [
       "*.google.com",
+      "*.microsoft.com",
     ]
 
     protocol {
@@ -729,10 +731,12 @@ resource "azurerm_firewall_application_rule_collection" "test" {
 
     source_addresses = [
       "192.168.0.1",
+      "10.0.0.1",
     ]
 
     target_fqdns = [
       "*.microsoft.com",
+      "*.google.com",
     ]
 
     protocol {
@@ -851,13 +855,20 @@ func (FirewallApplicationRuleCollectionResource) ipGroups(data acceptance.TestDa
 	return fmt.Sprintf(`
 %s
 
-resource "azurerm_ip_group" "test" {
-  name                = "acctestIpGroupForFirewallAppRules"
+resource "azurerm_ip_group" "test1" {
+  name                = "acctestIpGroupForFirewallAppRules1"
   location            = azurerm_resource_group.test.location
   resource_group_name = azurerm_resource_group.test.name
   cidrs               = ["192.168.0.0/25", "192.168.0.192/26"]
 }
 
+resource "azurerm_ip_group" "test2" {
+  name                = "acctestIpGroupForFirewallAppRules2"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  cidrs               = ["193.168.0.0/25", "193.168.0.192/26"]
+}
+
 resource "azurerm_firewall_application_rule_collection" "test" {
   name                = "acctestarc"
   azure_firewall_name = azurerm_firewall.test.name
@@ -869,7 +880,8 @@ resource "azurerm_firewall_application_rule_collection" "test" {
     name = "rule1"
 
     source_ip_groups = [
-      azurerm_ip_group.test.id,
+      azurerm_ip_group.test1.id,
+      azurerm_ip_group.test2.id,
     ]
 
     target_fqdns = [

diff --git a/internal/services/firewall/firewall_nat_rule_collection_resource_test.go b/internal/services/firewall/firewall_nat_rule_collection_resource_test.go
@@ -569,18 +569,22 @@ resource "azurerm_firewall_nat_rule_collection" "test" {
 
     source_addresses = [
       "10.0.0.0/16",
+      "192.168.0.1",
     ]
 
     destination_ports = [
       "53",
+      "64",
     ]
 
     destination_addresses = [
+      "1.1.1.1",
       azurerm_public_ip.test.ip_address,
     ]
 
     protocols = [
       "TCP",
+      "UDP",
     ]
 
     translated_port    = 53
@@ -592,17 +596,21 @@ resource "azurerm_firewall_nat_rule_collection" "test" {
 
     source_addresses = [
       "192.168.0.1",
+      "10.0.0.0/16",
     ]
 
     destination_ports = [
       "8888",
+      "9999",
     ]
 
     destination_addresses = [
+      "1.1.1.1",
       azurerm_public_ip.test.ip_address,
     ]
 
     protocols = [
+      "UDP",
       "TCP",
     ]
 
@@ -654,13 +662,20 @@ func (FirewallNatRuleCollectionResource) ipGroup(data acceptance.TestData) strin
 	return fmt.Sprintf(`
 %s
 
-resource "azurerm_ip_group" "test" {
-  name                = "acctestIpGroupForFirewallNatRules"
+resource "azurerm_ip_group" "test1" {
+  name                = "acctestIpGroupForFirewallNatRules1"
   location            = azurerm_resource_group.test.location
   resource_group_name = azurerm_resource_group.test.name
   cidrs               = ["192.168.0.0/25", "192.168.0.192/26"]
 }
 
+resource "azurerm_ip_group" "test2" {
+  name                = "acctestIpGroupForFirewallNatRules2"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  cidrs               = ["193.168.0.0/25", "193.168.0.192/26"]
+}
+
 resource "azurerm_firewall_nat_rule_collection" "test" {
   name                = "acctestnrc-%d"
   azure_firewall_name = azurerm_firewall.test.name
@@ -672,7 +687,8 @@ resource "azurerm_firewall_nat_rule_collection" "test" {
     name = "rule1"
 
     source_ip_groups = [
-      azurerm_ip_group.test.id,
+      azurerm_ip_group.test1.id,
+      azurerm_ip_group.test2.id,
     ]
 
     destination_ports = [

diff --git a/internal/services/firewall/firewall_network_rule_collection_resource_test.go b/internal/services/firewall/firewall_network_rule_collection_resource_test.go
@@ -664,18 +664,22 @@ resource "azurerm_firewall_network_rule_collection" "test" {
 
     source_addresses = [
       "10.0.0.0/16",
+      "192.0.0.0/16",
     ]
 
     destination_ports = [
       "53",
+      "64",
     ]
 
     destination_addresses = [
       "8.8.8.8",
+      "1.1.1.1",
     ]
 
     protocols = [
-      "Any",
+      "UDP",
+      "TCP",
     ]
   }
 
@@ -684,18 +688,22 @@ resource "azurerm_firewall_network_rule_collection" "test" {
 
     source_addresses = [
       "192.168.0.1",
+      "10.0.0.0/16",
     ]
 
     destination_ports = [
       "8888",
+      "9999",
     ]
 
     destination_addresses = [
       "1.1.1.1",
+      "8.8.8.8",
     ]
 
     protocols = [
       "TCP",
+      "UDP",
     ]
   }
 }
@@ -774,15 +782,28 @@ func (FirewallNetworkRuleCollectionResource) ipGroup(data acceptance.TestData) s
 	return fmt.Sprintf(`
 %s
 
-resource "azurerm_ip_group" "test_source" {
-  name                = "acctestIpGroupForFirewallNetworkRulesSource"
+resource "azurerm_ip_group" "test_source1" {
+  name                = "acctestIpGroupForFirewallNetworkRulesSource1"
   location            = azurerm_resource_group.test.location
   resource_group_name = azurerm_resource_group.test.name
   cidrs               = ["1.2.3.4/32", "12.34.56.0/24"]
 }
+resource "azurerm_ip_group" "test_source2" {
+  name                = "acctestIpGroupForFirewallNetworkRulesSource2"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  cidrs               = ["4.3.2.1/32", "65.43.21.0/24"]
+}
+
+resource "azurerm_ip_group" "test_destination1" {
+  name                = "acctestIpGroupForFirewallNetworkRulesDestination1"
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+  cidrs               = ["192.168.0.0/25", "192.168.0.192/26"]
+}
 
-resource "azurerm_ip_group" "test_destination" {
-  name                = "acctestIpGroupForFirewallNetworkRulesDestination"
+resource "azurerm_ip_group" "test_destination2" {
+  name                = "acctestIpGroupForFirewallNetworkRulesDestination2"
   location            = azurerm_resource_group.test.location
   resource_group_name = azurerm_resource_group.test.name
   cidrs               = ["192.168.0.0/25", "192.168.0.192/26"]
@@ -799,15 +820,17 @@ resource "azurerm_firewall_network_rule_collection" "test" {
     name = "rule1"
 
     source_ip_groups = [
-      azurerm_ip_group.test_source.id,
+      azurerm_ip_group.test_source1.id,
+      azurerm_ip_group.test_source2.id,
     ]
 
     destination_ports = [
       "53",
     ]
 
     destination_ip_groups = [
-      azurerm_ip_group.test_destination.id,
+      azurerm_ip_group.test_destination1.id,
+      azurerm_ip_group.test_destination2.id,
     ]
 
     protocols = [
@@ -837,7 +860,8 @@ resource "azurerm_firewall_network_rule_collection" "test" {
     ]
 
     destination_fqdns = [
-      "time.windows.com"
+      "time.windows.com",
+      "time.linux.com"
     ]
 
     destination_ports = [