From 23ad62a4f9951f9027a9b019bf7f9158b977e73e Mon Sep 17 00:00:00 2001
From: Jack Danger <github@jackcanty.com>
Date: Fri, 27 Oct 2017 03:16:06 +0200
Subject: [PATCH] validate protocol on target group creation

---
 moto/elbv2/models.py           | 10 ++++++++++
 tests/test_elbv2/test_elbv2.py | 15 +++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/moto/elbv2/models.py b/moto/elbv2/models.py
index 8aa9ee9f0..bb1a195d3 100644
--- a/moto/elbv2/models.py
+++ b/moto/elbv2/models.py
@@ -300,6 +300,16 @@ class ELBv2Backend(BaseBackend):
             if target_group.name == name:
                 raise DuplicateTargetGroupName()
 
+        valid_protocols = ['HTTPS', 'HTTP', 'TCP']
+        if kwargs['healthcheck_protocol'] not in valid_protocols:
+            raise InvalidConditionValueError(
+                "Value {} at 'healthCheckProtocol' failed to satisfy constraint: "
+                "Member must satisfy enum value set: {}".format(kwargs['healthcheck_protocol'], valid_protocols))
+        if kwargs['protocol'] not in valid_protocols:
+            raise InvalidConditionValueError(
+                "Value {} at 'protocol' failed to satisfy constraint: "
+                "Member must satisfy enum value set: {}".format(kwargs['protocol'], valid_protocols))
+
         arn = "arn:aws:elasticloadbalancing:%s:1:targetgroup/%s/50dc6c495c0c9188" % (self.region_name, name)
         target_group = FakeTargetGroup(name, arn, **kwargs)
         self.target_groups[target_group.arn] = target_group
diff --git a/tests/test_elbv2/test_elbv2.py b/tests/test_elbv2/test_elbv2.py
index 98634c677..a33cfeec6 100644
--- a/tests/test_elbv2/test_elbv2.py
+++ b/tests/test_elbv2/test_elbv2.py
@@ -283,6 +283,21 @@ def test_create_target_group_and_listeners():
 
     load_balancer_arn = response.get('LoadBalancers')[0].get('LoadBalancerArn')
 
+    # Can't create a target group with an invalid protocol
+    with assert_raises(ClientError):
+        conn.create_target_group(
+            Name='a-target',
+            Protocol='HTTP',
+            Port=8080,
+            VpcId=vpc.id,
+            HealthCheckProtocol='/HTTP',
+            HealthCheckPort='8080',
+            HealthCheckPath='/',
+            HealthCheckIntervalSeconds=5,
+            HealthCheckTimeoutSeconds=5,
+            HealthyThresholdCount=5,
+            UnhealthyThresholdCount=2,
+            Matcher={'HttpCode': '200'})
     response = conn.create_target_group(
         Name='a-target',
         Protocol='HTTP',