From 25da592bbb602e3703c28b38b7661b3d2e4fa77f Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Fri, 19 Jul 2024 10:17:29 -0400 Subject: [PATCH 01/14] r/aws_rds_cluster: Wait for no pending modified values on Update if 'apply_immediately' is true. --- internal/service/rds/cluster.go | 83 ++++++++++++--------- internal/service/rds/cluster_snapshot.go | 4 +- internal/service/rds/consts.go | 41 +++++----- internal/service/rds/exports_test.go | 1 + internal/service/rds/find.go | 2 +- internal/service/rds/service_package_gen.go | 2 +- internal/service/rds/sweep.go | 2 +- internal/service/rds/wait.go | 6 +- 8 files changed, 79 insertions(+), 62 deletions(-) diff --git a/internal/service/rds/cluster.go b/internal/service/rds/cluster.go index 2a2ad3bc96b..e514926f2c8 100644 --- a/internal/service/rds/cluster.go +++ b/internal/service/rds/cluster.go @@ -27,6 +27,7 @@ import ( tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + itypes "github.com/hashicorp/terraform-provider-aws/internal/types" "github.com/hashicorp/terraform-provider-aws/internal/verify" "github.com/hashicorp/terraform-provider-aws/names" ) @@ -40,7 +41,7 @@ const ( // @SDKResource("aws_rds_cluster", name="Cluster") // @Tags(identifierAttribute="arn") // @Testing(tagsTest=false) -func ResourceCluster() *schema.Resource { +func resourceCluster() *schema.Resource { return &schema.Resource{ CreateWithoutTimeout: resourceClusterCreate, ReadWithoutTimeout: resourceClusterRead, @@ -1174,7 +1175,7 @@ func resourceClusterCreate(ctx context.Context, d *schema.ResourceData, meta int return sdkdiag.AppendErrorf(diags, "updating RDS Cluster (%s): %s", d.Id(), err) } - if _, err := waitDBClusterUpdated(ctx, conn, d.Id(), d.Timeout(schema.TimeoutCreate)); err != nil { + if _, err := waitDBClusterUpdated(ctx, conn, d.Id(), true, d.Timeout(schema.TimeoutCreate)); err != nil { return sdkdiag.AppendErrorf(diags, "waiting for RDS Cluster (%s) update: %s", d.Id(), err) } } @@ -1333,8 +1334,9 @@ func resourceClusterUpdate(ctx context.Context, d *schema.ResourceData, meta int "replication_source_identifier", "skip_final_snapshot", names.AttrTags, names.AttrTagsAll) { + applyImmediately := d.Get(names.AttrApplyImmediately).(bool) input := &rds.ModifyDBClusterInput{ - ApplyImmediately: aws.Bool(d.Get(names.AttrApplyImmediately).(bool)), + ApplyImmediately: aws.Bool(applyImmediately), DBClusterIdentifier: aws.String(d.Id()), } @@ -1509,7 +1511,7 @@ func resourceClusterUpdate(ctx context.Context, d *schema.ResourceData, meta int return sdkdiag.AppendErrorf(diags, "updating RDS Cluster (%s): %s", d.Id(), err) } - if _, err := waitDBClusterUpdated(ctx, conn, d.Id(), d.Timeout(schema.TimeoutUpdate)); err != nil { + if _, err := waitDBClusterUpdated(ctx, conn, d.Id(), applyImmediately, d.Timeout(schema.TimeoutUpdate)); err != nil { return sdkdiag.AppendErrorf(diags, "waiting for RDS Cluster (%s) update: %s", d.Id(), err) } } @@ -1636,7 +1638,7 @@ func resourceClusterDelete(ctx context.Context, d *schema.ResourceData, meta int return false, fmt.Errorf("modifying RDS Cluster (%s) DeletionProtection=false: %s", d.Id(), err) } - if _, err := waitDBClusterUpdated(ctx, conn, d.Id(), d.Timeout(schema.TimeoutDelete)); err != nil { + if _, err := waitDBClusterUpdated(ctx, conn, d.Id(), false, d.Timeout(schema.TimeoutDelete)); err != nil { return false, fmt.Errorf("waiting for RDS Cluster (%s) update: %s", d.Id(), err) } } @@ -1785,7 +1787,7 @@ func findDBClusters(ctx context.Context, conn *rds.RDS, input *rds.DescribeDBClu return output, nil } -func statusDBCluster(ctx context.Context, conn *rds.RDS, id string) retry.StateRefreshFunc { +func statusDBCluster(ctx context.Context, conn *rds.RDS, id string, waitNoPendingModifiedValues bool) retry.StateRefreshFunc { return func() (interface{}, string, error) { output, err := FindDBClusterByID(ctx, conn, id) @@ -1797,23 +1799,29 @@ func statusDBCluster(ctx context.Context, conn *rds.RDS, id string) retry.StateR return nil, "", err } - return output, aws.StringValue(output.Status), nil + status := aws.StringValue(output.Status) + + if status == clusterStatusAvailable && waitNoPendingModifiedValues && !itypes.IsZero(output.PendingModifiedValues) { + status = clusterStatusAvailableWithPendingModifiedValues + } + + return output, status, nil } } func waitDBClusterCreated(ctx context.Context, conn *rds.RDS, id string, timeout time.Duration) (*rds.DBCluster, error) { stateConf := &retry.StateChangeConf{ Pending: []string{ - ClusterStatusBackingUp, - ClusterStatusCreating, - ClusterStatusMigrating, - ClusterStatusModifying, - ClusterStatusPreparingDataMigration, - ClusterStatusRebooting, - ClusterStatusResettingMasterCredentials, + clusterStatusBackingUp, + clusterStatusCreating, + clusterStatusMigrating, + clusterStatusModifying, + clusterStatusPreparingDataMigration, + clusterStatusRebooting, + clusterStatusResettingMasterCredentials, }, - Target: []string{ClusterStatusAvailable}, - Refresh: statusDBCluster(ctx, conn, id), + Target: []string{clusterStatusAvailable}, + Refresh: statusDBCluster(ctx, conn, id, false), Timeout: timeout, MinTimeout: 10 * time.Second, Delay: 30 * time.Second, @@ -1828,19 +1836,24 @@ func waitDBClusterCreated(ctx context.Context, conn *rds.RDS, id string, timeout return nil, err } -func waitDBClusterUpdated(ctx context.Context, conn *rds.RDS, id string, timeout time.Duration) (*rds.DBCluster, error) { //nolint:unparam +func waitDBClusterUpdated(ctx context.Context, conn *rds.RDS, id string, waitNoPendingModifiedValues bool, timeout time.Duration) (*rds.DBCluster, error) { //nolint:unparam + pendingStatuses := []string{ + clusterStatusBackingUp, + clusterStatusConfiguringIAMDatabaseAuth, + clusterStatusModifying, + clusterStatusRenaming, + clusterStatusResettingMasterCredentials, + clusterStatusScalingCompute, + clusterStatusUpgrading, + } + if waitNoPendingModifiedValues { + pendingStatuses = append(pendingStatuses, clusterStatusAvailableWithPendingModifiedValues) + } + stateConf := &retry.StateChangeConf{ - Pending: []string{ - ClusterStatusBackingUp, - ClusterStatusConfiguringIAMDatabaseAuth, - ClusterStatusModifying, - ClusterStatusRenaming, - ClusterStatusResettingMasterCredentials, - ClusterStatusScalingCompute, - ClusterStatusUpgrading, - }, - Target: []string{ClusterStatusAvailable}, - Refresh: statusDBCluster(ctx, conn, id), + Pending: pendingStatuses, + Target: []string{clusterStatusAvailable}, + Refresh: statusDBCluster(ctx, conn, id, waitNoPendingModifiedValues), Timeout: timeout, MinTimeout: 10 * time.Second, Delay: 30 * time.Second, @@ -1858,15 +1871,15 @@ func waitDBClusterUpdated(ctx context.Context, conn *rds.RDS, id string, timeout func waitDBClusterDeleted(ctx context.Context, conn *rds.RDS, id string, timeout time.Duration) (*rds.DBCluster, error) { stateConf := &retry.StateChangeConf{ Pending: []string{ - ClusterStatusAvailable, - ClusterStatusBackingUp, - ClusterStatusDeleting, - ClusterStatusModifying, - ClusterStatusPromoting, - ClusterStatusScalingCompute, + clusterStatusAvailable, + clusterStatusBackingUp, + clusterStatusDeleting, + clusterStatusModifying, + clusterStatusPromoting, + clusterStatusScalingCompute, }, Target: []string{}, - Refresh: statusDBCluster(ctx, conn, id), + Refresh: statusDBCluster(ctx, conn, id, false), Timeout: timeout, MinTimeout: 10 * time.Second, Delay: 30 * time.Second, diff --git a/internal/service/rds/cluster_snapshot.go b/internal/service/rds/cluster_snapshot.go index 188112ec12f..724d228e8cd 100644 --- a/internal/service/rds/cluster_snapshot.go +++ b/internal/service/rds/cluster_snapshot.go @@ -296,8 +296,8 @@ func statusDBClusterSnapshot(ctx context.Context, conn *rds.RDS, id string) retr func waitDBClusterSnapshotCreated(ctx context.Context, conn *rds.RDS, id string, timeout time.Duration) (*rds.DBClusterSnapshot, error) { stateConf := &retry.StateChangeConf{ - Pending: []string{ClusterSnapshotStatusCreating}, - Target: []string{ClusterSnapshotStatusAvailable}, + Pending: []string{clusterSnapshotStatusCreating}, + Target: []string{clusterSnapshotStatusAvailable}, Refresh: statusDBClusterSnapshot(ctx, conn, id), Timeout: timeout, MinTimeout: 10 * time.Second, diff --git a/internal/service/rds/consts.go b/internal/service/rds/consts.go index fe7e5365271..7bad796afc2 100644 --- a/internal/service/rds/consts.go +++ b/internal/service/rds/consts.go @@ -10,31 +10,34 @@ import ( ) const ( - ClusterRoleStatusActive = "ACTIVE" - ClusterRoleStatusDeleted = "DELETED" - ClusterRoleStatusPending = "PENDING" + clusterRoleStatusActive = "ACTIVE" + clusterRoleStatusDeleted = "DELETED" + clusterRoleStatusPending = "PENDING" ) const ( - ClusterStatusAvailable = "available" - ClusterStatusBackingUp = "backing-up" - ClusterStatusConfiguringIAMDatabaseAuth = "configuring-iam-database-auth" - ClusterStatusCreating = "creating" - ClusterStatusDeleting = "deleting" - ClusterStatusMigrating = "migrating" - ClusterStatusModifying = "modifying" - ClusterStatusPreparingDataMigration = "preparing-data-migration" - ClusterStatusPromoting = "promoting" - ClusterStatusRebooting = "rebooting" - ClusterStatusRenaming = "renaming" - ClusterStatusResettingMasterCredentials = "resetting-master-credentials" - ClusterStatusScalingCompute = "scaling-compute" - ClusterStatusUpgrading = "upgrading" + clusterStatusAvailable = "available" + clusterStatusBackingUp = "backing-up" + clusterStatusConfiguringIAMDatabaseAuth = "configuring-iam-database-auth" + clusterStatusCreating = "creating" + clusterStatusDeleting = "deleting" + clusterStatusMigrating = "migrating" + clusterStatusModifying = "modifying" + clusterStatusPreparingDataMigration = "preparing-data-migration" + clusterStatusPromoting = "promoting" + clusterStatusRebooting = "rebooting" + clusterStatusRenaming = "renaming" + clusterStatusResettingMasterCredentials = "resetting-master-credentials" + clusterStatusScalingCompute = "scaling-compute" + clusterStatusUpgrading = "upgrading" + + // Non-standard status values. + clusterStatusAvailableWithPendingModifiedValues = "tf-available-with-pending-modified-values" ) const ( - ClusterSnapshotStatusAvailable = "available" - ClusterSnapshotStatusCreating = "creating" + clusterSnapshotStatusAvailable = "available" + clusterSnapshotStatusCreating = "creating" ) const ( diff --git a/internal/service/rds/exports_test.go b/internal/service/rds/exports_test.go index 2b042e2d7c5..2c5698543e7 100644 --- a/internal/service/rds/exports_test.go +++ b/internal/service/rds/exports_test.go @@ -6,6 +6,7 @@ package rds // Exports for use in tests only. var ( ResourceCertificate = resourceCertificate + ResourceCluster = resourceCluster ResourceEventSubscription = resourceEventSubscription ResourceProxy = resourceProxy ResourceProxyDefaultTargetGroup = resourceProxyDefaultTargetGroup diff --git a/internal/service/rds/find.go b/internal/service/rds/find.go index a314ca691a8..44401bb7ef4 100644 --- a/internal/service/rds/find.go +++ b/internal/service/rds/find.go @@ -21,7 +21,7 @@ func FindDBClusterRoleByDBClusterIDAndRoleARN(ctx context.Context, conn *rds.RDS for _, associatedRole := range dbCluster.AssociatedRoles { if aws.StringValue(associatedRole.RoleArn) == roleARN { - if status := aws.StringValue(associatedRole.Status); status == ClusterRoleStatusDeleted { + if status := aws.StringValue(associatedRole.Status); status == clusterRoleStatusDeleted { return nil, &retry.NotFoundError{ Message: status, } diff --git a/internal/service/rds/service_package_gen.go b/internal/service/rds/service_package_gen.go index ce0328607ae..1c43f4ec6e5 100644 --- a/internal/service/rds/service_package_gen.go +++ b/internal/service/rds/service_package_gen.go @@ -205,7 +205,7 @@ func (p *servicePackage) SDKResources(ctx context.Context) []*types.ServicePacka Name: "Default Certificate", }, { - Factory: ResourceCluster, + Factory: resourceCluster, TypeName: "aws_rds_cluster", Name: "Cluster", Tags: &types.ServicePackageResourceTags{ diff --git a/internal/service/rds/sweep.go b/internal/service/rds/sweep.go index 9a88e4e6609..5e1ec5bf94c 100644 --- a/internal/service/rds/sweep.go +++ b/internal/service/rds/sweep.go @@ -229,7 +229,7 @@ func sweepClusters(region string) error { for _, v := range page.DBClusters { arn := aws.StringValue(v.DBClusterArn) id := aws.StringValue(v.DBClusterIdentifier) - r := ResourceCluster() + r := resourceCluster() d := r.Data(nil) d.SetId(id) d.Set(names.AttrApplyImmediately, true) diff --git a/internal/service/rds/wait.go b/internal/service/rds/wait.go index e4bc79d9bdf..1932090e361 100644 --- a/internal/service/rds/wait.go +++ b/internal/service/rds/wait.go @@ -13,8 +13,8 @@ import ( func waitDBClusterRoleAssociationCreated(ctx context.Context, conn *rds.RDS, dbClusterID, roleARN string, timeout time.Duration) (*rds.DBClusterRole, error) { stateConf := &retry.StateChangeConf{ - Pending: []string{ClusterRoleStatusPending}, - Target: []string{ClusterRoleStatusActive}, + Pending: []string{clusterRoleStatusPending}, + Target: []string{clusterRoleStatusActive}, Refresh: statusDBClusterRole(ctx, conn, dbClusterID, roleARN), Timeout: timeout, MinTimeout: 10 * time.Second, @@ -32,7 +32,7 @@ func waitDBClusterRoleAssociationCreated(ctx context.Context, conn *rds.RDS, dbC func waitDBClusterRoleAssociationDeleted(ctx context.Context, conn *rds.RDS, dbClusterID, roleARN string, timeout time.Duration) (*rds.DBClusterRole, error) { stateConf := &retry.StateChangeConf{ - Pending: []string{ClusterRoleStatusActive, ClusterRoleStatusPending}, + Pending: []string{clusterRoleStatusActive, clusterRoleStatusPending}, Target: []string{}, Refresh: statusDBClusterRole(ctx, conn, dbClusterID, roleARN), Timeout: timeout, From 3aeebdc2953f020c60ff98dc48679d10a84ada23 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Fri, 19 Jul 2024 11:03:24 -0400 Subject: [PATCH 02/14] Acceptance test output: % make testacc TESTARGS='-run=TestAccRDSCluster_allowMajorVersionUpgrade' PKG=rds make: Verifying source code with gofmt... ==> Checking that code complies with gofmt requirements... TF_ACC=1 go1.22.5 test ./internal/service/rds/... -v -count 1 -parallel 20 -run=TestAccRDSCluster_allowMajorVersionUpgrade -timeout 360m === RUN TestAccRDSCluster_allowMajorVersionUpgrade === PAUSE TestAccRDSCluster_allowMajorVersionUpgrade === RUN TestAccRDSCluster_allowMajorVersionUpgradeNoApplyImmediately === PAUSE TestAccRDSCluster_allowMajorVersionUpgradeNoApplyImmediately === RUN TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParametersApplyImm === PAUSE TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParametersApplyImm === RUN TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParameters === PAUSE TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParameters === CONT TestAccRDSCluster_allowMajorVersionUpgrade === CONT TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParametersApplyImm === CONT TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParameters === CONT TestAccRDSCluster_allowMajorVersionUpgradeNoApplyImmediately --- PASS: TestAccRDSCluster_allowMajorVersionUpgradeNoApplyImmediately (1283.81s) --- PASS: TestAccRDSCluster_allowMajorVersionUpgrade (1924.24s) --- PASS: TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParametersApplyImm (2250.30s) --- PASS: TestAccRDSCluster_allowMajorVersionUpgradeWithCustomParameters (2315.92s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/rds 2320.945s From cdd8b2d30c1230eaf2f2ca369dddeabea899178f Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 19 Jul 2024 15:12:46 -0700 Subject: [PATCH 03/14] Updates tests --- .../bedrockagent/agent_action_group_test.go | 36 ++++++++++++++++--- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/internal/service/bedrockagent/agent_action_group_test.go b/internal/service/bedrockagent/agent_action_group_test.go index be035e8a99f..59e72c8e8e6 100644 --- a/internal/service/bedrockagent/agent_action_group_test.go +++ b/internal/service/bedrockagent/agent_action_group_test.go @@ -36,6 +36,19 @@ func TestAccBedrockAgentAgentActionGroup_basic(t *testing.T) { Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAgentActionGroupExists(ctx, resourceName, &v), resource.TestCheckResourceAttr(resourceName, "action_group_name", rName), + resource.TestCheckResourceAttr(resourceName, "action_group_state", "ENABLED"), + resource.TestCheckResourceAttrPair(resourceName, "agent_id", "aws_bedrockagent_agent.test", "agent_id"), + resource.TestCheckResourceAttr(resourceName, "agent_version", "DRAFT"), + resource.TestCheckResourceAttr(resourceName, names.AttrDescription, "Basic Agent Action"), + resource.TestCheckNoResourceAttr(resourceName, "parent_action_group_signature"), + resource.TestCheckResourceAttr(resourceName, "skip_resource_in_use_check", acctest.CtTrue), + resource.TestCheckResourceAttr(resourceName, "action_group_executor.#", acctest.Ct1), + resource.TestCheckNoResourceAttr(resourceName, "action_group_executor.0.custom_control"), + resource.TestCheckResourceAttrPair(resourceName, "action_group_executor.0.lambda", "aws_lambda_function.test_lambda", "arn"), + resource.TestCheckResourceAttr(resourceName, "api_schema.#", acctest.Ct1), + resource.TestCheckResourceAttrSet(resourceName, "api_schema.0.payload"), + resource.TestCheckResourceAttr(resourceName, "api_schema.0.s3.#", acctest.Ct0), + resource.TestCheckResourceAttr(resourceName, "function_schema.#", acctest.Ct0), ), }, { @@ -65,8 +78,12 @@ func TestAccBedrockAgentAgentActionGroup_APISchema_s3(t *testing.T) { Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAgentActionGroupExists(ctx, resourceName, &v), resource.TestCheckResourceAttr(resourceName, "action_group_name", rName), - resource.TestCheckResourceAttr(resourceName, "action_group_executor.#", acctest.Ct1), - resource.TestCheckResourceAttrSet(resourceName, "action_group_executor.0.lambda"), + resource.TestCheckNoResourceAttr(resourceName, names.AttrDescription), + resource.TestCheckResourceAttr(resourceName, "api_schema.#", acctest.Ct1), + resource.TestCheckNoResourceAttr(resourceName, "api_schema.0.payload"), + resource.TestCheckResourceAttr(resourceName, "api_schema.0.s3.#", acctest.Ct1), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_bucket_name", "aws_s3_bucket.test", "bucket"), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_object_key", "aws_s3_object.test", "key"), ), }, { @@ -96,6 +113,12 @@ func TestAccBedrockAgentAgentActionGroup_update(t *testing.T) { Check: resource.ComposeAggregateTestCheckFunc( testAccCheckAgentActionGroupExists(ctx, resourceName, &v), resource.TestCheckResourceAttr(resourceName, "action_group_name", rName), + resource.TestCheckNoResourceAttr(resourceName, names.AttrDescription), + resource.TestCheckResourceAttr(resourceName, "api_schema.#", acctest.Ct1), + resource.TestCheckNoResourceAttr(resourceName, "api_schema.0.payload"), + resource.TestCheckResourceAttr(resourceName, "api_schema.0.s3.#", acctest.Ct1), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_bucket_name", "aws_s3_bucket.test", "bucket"), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_object_key", "aws_s3_object.test", "key"), ), }, { @@ -110,6 +133,9 @@ func TestAccBedrockAgentAgentActionGroup_update(t *testing.T) { testAccCheckAgentActionGroupExists(ctx, resourceName, &v), resource.TestCheckResourceAttr(resourceName, "action_group_name", rName), resource.TestCheckResourceAttr(resourceName, names.AttrDescription, "Basic Agent Action"), + resource.TestCheckResourceAttr(resourceName, "api_schema.#", acctest.Ct1), + resource.TestCheckResourceAttrSet(resourceName, "api_schema.0.payload"), + resource.TestCheckResourceAttr(resourceName, "api_schema.0.s3.#", acctest.Ct0), ), }, { @@ -183,6 +209,7 @@ func TestAccBedrockAgentAgentActionGroup_ActionGroupExecutor_customControl(t *te resource.TestCheckResourceAttr(resourceName, "action_group_name", rName), resource.TestCheckResourceAttr(resourceName, "action_group_executor.#", acctest.Ct1), resource.TestCheckResourceAttr(resourceName, "action_group_executor.0.custom_control", "RETURN_CONTROL"), + resource.TestCheckNoResourceAttr(resourceName, "action_group_executor.0.lambda"), ), }, { @@ -270,7 +297,7 @@ resource "aws_s3_bucket" "test" { } resource "aws_s3_object" "test" { - bucket = aws_s3_bucket.test.id + bucket = aws_s3_bucket.test.bucket key = "api_schema.yaml" source = "${path.module}/test-fixtures/api_schema.yaml" } @@ -285,7 +312,7 @@ resource "aws_bedrockagent_agent_action_group" "test" { } api_schema { s3 { - s3_bucket_name = aws_s3_bucket.test.id + s3_bucket_name = aws_s3_bucket.test.bucket s3_object_key = aws_s3_object.test.key } } @@ -335,7 +362,6 @@ resource "aws_bedrockagent_agent_action_group" "test" { action_group_name = %[1]q agent_id = aws_bedrockagent_agent.test.agent_id agent_version = "DRAFT" - description = "Basic Agent Action" skip_resource_in_use_check = true action_group_executor { lambda = aws_lambda_function.test_lambda.arn From 1b211ed018820c925d49ff09f4a22c9d64db9b81 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 19 Jul 2024 15:20:59 -0700 Subject: [PATCH 04/14] Attribute names --- .../service/bedrockagent/agent_action_group_test.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/internal/service/bedrockagent/agent_action_group_test.go b/internal/service/bedrockagent/agent_action_group_test.go index 59e72c8e8e6..d0ff99caa33 100644 --- a/internal/service/bedrockagent/agent_action_group_test.go +++ b/internal/service/bedrockagent/agent_action_group_test.go @@ -44,7 +44,7 @@ func TestAccBedrockAgentAgentActionGroup_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "skip_resource_in_use_check", acctest.CtTrue), resource.TestCheckResourceAttr(resourceName, "action_group_executor.#", acctest.Ct1), resource.TestCheckNoResourceAttr(resourceName, "action_group_executor.0.custom_control"), - resource.TestCheckResourceAttrPair(resourceName, "action_group_executor.0.lambda", "aws_lambda_function.test_lambda", "arn"), + resource.TestCheckResourceAttrPair(resourceName, "action_group_executor.0.lambda", "aws_lambda_function.test_lambda", names.AttrARN), resource.TestCheckResourceAttr(resourceName, "api_schema.#", acctest.Ct1), resource.TestCheckResourceAttrSet(resourceName, "api_schema.0.payload"), resource.TestCheckResourceAttr(resourceName, "api_schema.0.s3.#", acctest.Ct0), @@ -82,8 +82,8 @@ func TestAccBedrockAgentAgentActionGroup_APISchema_s3(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "api_schema.#", acctest.Ct1), resource.TestCheckNoResourceAttr(resourceName, "api_schema.0.payload"), resource.TestCheckResourceAttr(resourceName, "api_schema.0.s3.#", acctest.Ct1), - resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_bucket_name", "aws_s3_bucket.test", "bucket"), - resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_object_key", "aws_s3_object.test", "key"), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_bucket_name", "aws_s3_bucket.test", names.AttrBucket), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_object_key", "aws_s3_object.test", names.AttrKey), ), }, { @@ -117,8 +117,8 @@ func TestAccBedrockAgentAgentActionGroup_update(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "api_schema.#", acctest.Ct1), resource.TestCheckNoResourceAttr(resourceName, "api_schema.0.payload"), resource.TestCheckResourceAttr(resourceName, "api_schema.0.s3.#", acctest.Ct1), - resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_bucket_name", "aws_s3_bucket.test", "bucket"), - resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_object_key", "aws_s3_object.test", "key"), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_bucket_name", "aws_s3_bucket.test", names.AttrBucket), + resource.TestCheckResourceAttrPair(resourceName, "api_schema.0.s3.0.s3_object_key", "aws_s3_object.test", names.AttrKey), ), }, { From ac8c89e7ad9a179b9fbb62f96ce01917619eb017 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 22 Jul 2024 07:48:54 -0400 Subject: [PATCH 05/14] r/aws_rds_cluster: Mark `ca_certificate_identifier` as Computed. --- internal/service/rds/cluster.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/service/rds/cluster.go b/internal/service/rds/cluster.go index e514926f2c8..70bb734c71f 100644 --- a/internal/service/rds/cluster.go +++ b/internal/service/rds/cluster.go @@ -117,6 +117,7 @@ func resourceCluster() *schema.Resource { "ca_certificate_identifier": { Type: schema.TypeString, Optional: true, + Computed: true, }, "ca_certificate_valid_till": { Type: schema.TypeString, From 1619321a0bb630fc194800b5ab9846de261e0326 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 22 Jul 2024 08:16:55 -0400 Subject: [PATCH 06/14] Fix 'TestAccFSxLustreFileSystem_metadataConfig_decrease'. --- internal/service/fsx/lustre_file_system.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/internal/service/fsx/lustre_file_system.go b/internal/service/fsx/lustre_file_system.go index d68d61fb621..dc739e3cf09 100644 --- a/internal/service/fsx/lustre_file_system.go +++ b/internal/service/fsx/lustre_file_system.go @@ -334,10 +334,9 @@ func resourceLustreFileSystemStorageCapacityCustomizeDiff(_ context.Context, d * func resourceLustreFileSystemMetadataConfigCustomizeDiff(_ context.Context, d *schema.ResourceDiff, meta any) error { //metadata_configuration is only supported when deployment_type is persistent2 if v, ok := d.GetOk("metadata_configuration"); ok { - if len(v.([]any)) > 0 { - deploymentType := d.Get("deployment_type").(string) - if deploymentType != string(awstypes.LustreDeploymentTypePersistent2) { - return fmt.Errorf("metadata_configuration can only be set when deployment type is " + string(awstypes.LustreDeploymentTypePersistent2)) + if len(v.([]interface{})) > 0 { + if deploymentType := awstypes.LustreDeploymentType(d.Get("deployment_type").(string)); deploymentType != awstypes.LustreDeploymentTypePersistent2 { + return fmt.Errorf("metadata_configuration can only be set when deployment type is %s", awstypes.LustreDeploymentTypePersistent2) } } } @@ -345,7 +344,7 @@ func resourceLustreFileSystemMetadataConfigCustomizeDiff(_ context.Context, d *s // we want to force a new resource if the new Iops is less than the old one if d.HasChange("metadata_configuration") { if v, ok := d.GetOk("metadata_configuration"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil { - if mode := d.Get("metadata_configuration.0.mode"); mode == awstypes.MetadataConfigurationModeUserProvisioned { + if mode := awstypes.MetadataConfigurationMode(d.Get("metadata_configuration.0.mode").(string)); mode == awstypes.MetadataConfigurationModeUserProvisioned { o, n := d.GetChange("metadata_configuration") oldV := o.([]interface{}) From d6dafb9ccb981e751f94f7342ce6e3d29741dc66 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 22 Jul 2024 09:20:54 -0400 Subject: [PATCH 07/14] Acceptance test output: % ACCTEST_TIMEOUT=720m make testacc TESTARGS='-run=TestAccFSxLustreFileSystem_metadataConfig' PKG=fsx ACCTEST_PARALLELISM=3 make: Verifying source code with gofmt... ==> Checking that code complies with gofmt requirements... TF_ACC=1 go1.22.5 test ./internal/service/fsx/... -v -count 1 -parallel 3 -run=TestAccFSxLustreFileSystem_metadataConfig -timeout 720m === RUN TestAccFSxLustreFileSystem_metadataConfig === PAUSE TestAccFSxLustreFileSystem_metadataConfig === RUN TestAccFSxLustreFileSystem_metadataConfig_increase === PAUSE TestAccFSxLustreFileSystem_metadataConfig_increase === RUN TestAccFSxLustreFileSystem_metadataConfig_decrease === PAUSE TestAccFSxLustreFileSystem_metadataConfig_decrease === CONT TestAccFSxLustreFileSystem_metadataConfig === CONT TestAccFSxLustreFileSystem_metadataConfig_decrease === CONT TestAccFSxLustreFileSystem_metadataConfig_increase --- PASS: TestAccFSxLustreFileSystem_metadataConfig (766.93s) --- PASS: TestAccFSxLustreFileSystem_metadataConfig_decrease (1258.42s) --- PASS: TestAccFSxLustreFileSystem_metadataConfig_increase (1418.13s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/fsx 1423.039s From 5dedc31a80e9f6a16244a132c677697c8df9c155 Mon Sep 17 00:00:00 2001 From: Justin Retzolk <44710313+justinretzolk@users.noreply.github.com> Date: Mon, 22 Jul 2024 10:10:27 -0500 Subject: [PATCH 08/14] Only comment if necessary --- .github/workflows/dependencies.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index c854f2a5eda..d59c1e412db 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -77,7 +77,9 @@ jobs: body-includes: "Please note that typically Go dependency changes" - name: Leave a New Comment if One Does Not Exist - if: steps.prc.outputs.comment-id == '' + if: | + steps.prc.outcome == 'success' + && steps.prc.outputs.comment-id == '' uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 3ca02c98b71abafd2aee47cb83e1c82c05a1b0bc Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 22 Jul 2024 11:59:05 -0400 Subject: [PATCH 09/14] Fix 'TestAccFSxOpenZFSFileSystem_rootVolume'. --- internal/service/fsx/openzfs_file_system.go | 97 ++++++++++----------- internal/service/fsx/openzfs_volume.go | 95 +++++++++++--------- 2 files changed, 100 insertions(+), 92 deletions(-) diff --git a/internal/service/fsx/openzfs_file_system.go b/internal/service/fsx/openzfs_file_system.go index b5a89c3eb4f..5effacab501 100644 --- a/internal/service/fsx/openzfs_file_system.go +++ b/internal/service/fsx/openzfs_file_system.go @@ -703,72 +703,70 @@ func expandDiskIopsConfiguration(cfg []interface{}) *awstypes.DiskIopsConfigurat return &out } -func expandOpenZFSCreateRootVolumeConfiguration(cfg []interface{}) *awstypes.OpenZFSCreateRootVolumeConfiguration { - if len(cfg) < 1 { +func expandOpenZFSCreateRootVolumeConfiguration(tfList []interface{}) *awstypes.OpenZFSCreateRootVolumeConfiguration { + if len(tfList) < 1 { return nil } - conf := cfg[0].(map[string]interface{}) - - out := awstypes.OpenZFSCreateRootVolumeConfiguration{} + tfMap := tfList[0].(map[string]interface{}) + apiObject := &awstypes.OpenZFSCreateRootVolumeConfiguration{} - if v, ok := conf["copy_tags_to_snapshots"].(bool); ok { - out.CopyTagsToSnapshots = aws.Bool(v) + if v, ok := tfMap["copy_tags_to_snapshots"].(bool); ok { + apiObject.CopyTagsToSnapshots = aws.Bool(v) } - if v, ok := conf["data_compression_type"].(string); ok { - out.DataCompressionType = awstypes.OpenZFSDataCompressionType(v) + if v, ok := tfMap["data_compression_type"].(string); ok { + apiObject.DataCompressionType = awstypes.OpenZFSDataCompressionType(v) } - if v, ok := conf["read_only"].(bool); ok { - out.ReadOnly = aws.Bool(v) + if v, ok := tfMap["nfs_exports"].([]interface{}); ok { + apiObject.NfsExports = expandOpenZFSNfsExports(v) } - if v, ok := conf["record_size_kib"].(int); ok { - out.RecordSizeKiB = aws.Int32(int32(v)) + if v, ok := tfMap["read_only"].(bool); ok { + apiObject.ReadOnly = aws.Bool(v) } - if v, ok := conf["user_and_group_quotas"]; ok { - out.UserAndGroupQuotas = expandOpenZFSUserOrGroupQuotas(v.(*schema.Set).List()) + if v, ok := tfMap["record_size_kib"].(int); ok { + apiObject.RecordSizeKiB = aws.Int32(int32(v)) } - if v, ok := conf["nfs_exports"].([]interface{}); ok { - out.NfsExports = expandOpenZFSNfsExports(v) + if v, ok := tfMap["user_and_group_quotas"]; ok { + apiObject.UserAndGroupQuotas = expandOpenZFSUserOrGroupQuotas(v.(*schema.Set).List()) } - return &out + return apiObject } -func expandUpdateOpenZFSVolumeConfiguration(cfg []interface{}) *awstypes.UpdateOpenZFSVolumeConfiguration { - if len(cfg) < 1 { +func expandUpdateOpenZFSVolumeConfiguration(tfList []interface{}) *awstypes.UpdateOpenZFSVolumeConfiguration { + if len(tfList) < 1 { return nil } - conf := cfg[0].(map[string]interface{}) - - out := awstypes.UpdateOpenZFSVolumeConfiguration{} + tfMap := tfList[0].(map[string]interface{}) + apiObject := &awstypes.UpdateOpenZFSVolumeConfiguration{} - if v, ok := conf["data_compression_type"].(string); ok { - out.DataCompressionType = awstypes.OpenZFSDataCompressionType(v) + if v, ok := tfMap["data_compression_type"].(string); ok { + apiObject.DataCompressionType = awstypes.OpenZFSDataCompressionType(v) } - if v, ok := conf["read_only"].(bool); ok { - out.ReadOnly = aws.Bool(v) + if v, ok := tfMap["nfs_exports"].([]interface{}); ok { + apiObject.NfsExports = expandOpenZFSNfsExports(v) } - if v, ok := conf["record_size_kib"].(int); ok { - out.RecordSizeKiB = aws.Int32(int32(v)) + if v, ok := tfMap["read_only"].(bool); ok { + apiObject.ReadOnly = aws.Bool(v) } - if v, ok := conf["user_and_group_quotas"]; ok { - out.UserAndGroupQuotas = expandOpenZFSUserOrGroupQuotas(v.(*schema.Set).List()) + if v, ok := tfMap["record_size_kib"].(int); ok { + apiObject.RecordSizeKiB = aws.Int32(int32(v)) } - if v, ok := conf["nfs_exports"].([]interface{}); ok { - out.NfsExports = expandOpenZFSNfsExports(v) + if v, ok := tfMap["user_and_group_quotas"]; ok { + apiObject.UserAndGroupQuotas = expandOpenZFSUserOrGroupQuotas(v.(*schema.Set).List()) } - return &out + return apiObject } func flattenDiskIopsConfiguration(rs *awstypes.DiskIopsConfiguration) []interface{} { @@ -785,30 +783,31 @@ func flattenDiskIopsConfiguration(rs *awstypes.DiskIopsConfiguration) []interfac return []interface{}{m} } -func flattenOpenZFSFileSystemRootVolume(rs *awstypes.Volume) []interface{} { - if rs == nil { +func flattenOpenZFSFileSystemRootVolume(apiObject *awstypes.Volume) []interface{} { + if apiObject == nil { return []interface{}{} } - m := make(map[string]interface{}) - if rs.OpenZFSConfiguration.CopyTagsToSnapshots != nil { - m["copy_tags_to_snapshots"] = aws.ToBool(rs.OpenZFSConfiguration.CopyTagsToSnapshots) + tfMap := make(map[string]interface{}) + + if apiObject.OpenZFSConfiguration.CopyTagsToSnapshots != nil { + tfMap["copy_tags_to_snapshots"] = aws.ToBool(apiObject.OpenZFSConfiguration.CopyTagsToSnapshots) } - m["data_compression_type"] = string(rs.OpenZFSConfiguration.DataCompressionType) - if rs.OpenZFSConfiguration.NfsExports != nil { - m["nfs_exports"] = flattenOpenZFSNfsExports(rs.OpenZFSConfiguration.NfsExports) + tfMap["data_compression_type"] = string(apiObject.OpenZFSConfiguration.DataCompressionType) + if apiObject.OpenZFSConfiguration.NfsExports != nil { + tfMap["nfs_exports"] = flattenOpenZFSNfsExports(apiObject.OpenZFSConfiguration.NfsExports) } - if rs.OpenZFSConfiguration.ReadOnly != nil { - m["read_only"] = aws.ToBool(rs.OpenZFSConfiguration.ReadOnly) + if apiObject.OpenZFSConfiguration.ReadOnly != nil { + tfMap["read_only"] = aws.ToBool(apiObject.OpenZFSConfiguration.ReadOnly) } - if rs.OpenZFSConfiguration.RecordSizeKiB != nil { - m["record_size_kib"] = aws.ToInt32(rs.OpenZFSConfiguration.RecordSizeKiB) + if apiObject.OpenZFSConfiguration.RecordSizeKiB != nil { + tfMap["record_size_kib"] = aws.ToInt32(apiObject.OpenZFSConfiguration.RecordSizeKiB) } - if rs.OpenZFSConfiguration.UserAndGroupQuotas != nil { - m["user_and_group_quotas"] = flattenOpenZFSUserOrGroupQuotas(rs.OpenZFSConfiguration.UserAndGroupQuotas) + if apiObject.OpenZFSConfiguration.UserAndGroupQuotas != nil { + tfMap["user_and_group_quotas"] = flattenOpenZFSUserOrGroupQuotas(apiObject.OpenZFSConfiguration.UserAndGroupQuotas) } - return []interface{}{m} + return []interface{}{tfMap} } func findOpenZFSFileSystemByID(ctx context.Context, conn *fsx.Client, id string) (*awstypes.FileSystem, error) { diff --git a/internal/service/fsx/openzfs_volume.go b/internal/service/fsx/openzfs_volume.go index c5aebb1bbf0..46f858b2815 100644 --- a/internal/service/fsx/openzfs_volume.go +++ b/internal/service/fsx/openzfs_volume.go @@ -453,54 +453,58 @@ func expandOpenZFSUserOrGroupQuota(conf map[string]interface{}) *awstypes.OpenZF return &out } -func expandOpenZFSNfsExports(cfg []interface{}) []awstypes.OpenZFSNfsExport { // nosemgrep:ci.caps4-in-func-name - exports := []awstypes.OpenZFSNfsExport{} +func expandOpenZFSNfsExports(tfList []interface{}) []awstypes.OpenZFSNfsExport { // nosemgrep:ci.caps4-in-func-name + apiObjects := []awstypes.OpenZFSNfsExport{} - for _, export := range cfg { - expandedExport := expandOpenZFSNfsExport(export.(map[string]interface{})) - if expandedExport != nil { - exports = append(exports, *expandedExport) + for _, tfMapRaw := range tfList { + tfMap, ok := tfMapRaw.(map[string]interface{}) + if !ok { + continue } + + apiObjects = append(apiObjects, expandOpenZFSNfsExport(tfMap)) } - return exports + return apiObjects } -func expandOpenZFSNfsExport(cfg map[string]interface{}) *awstypes.OpenZFSNfsExport { // nosemgrep:ci.caps4-in-func-name - out := awstypes.OpenZFSNfsExport{} +func expandOpenZFSNfsExport(tfMap map[string]interface{}) awstypes.OpenZFSNfsExport { // nosemgrep:ci.caps4-in-func-name + apiObject := awstypes.OpenZFSNfsExport{} - if v, ok := cfg["client_configurations"]; ok { - out.ClientConfigurations = expandOpenZFSClientConfigurations(v.(*schema.Set).List()) + if v, ok := tfMap["client_configurations"]; ok { + apiObject.ClientConfigurations = expandOpenZFSClientConfigurations(v.(*schema.Set).List()) } - return &out + return apiObject } -func expandOpenZFSClientConfigurations(cfg []interface{}) []awstypes.OpenZFSClientConfiguration { - configurations := []awstypes.OpenZFSClientConfiguration{} +func expandOpenZFSClientConfigurations(tfList []interface{}) []awstypes.OpenZFSClientConfiguration { + apiObjects := []awstypes.OpenZFSClientConfiguration{} - for _, configuration := range cfg { - expandedConfiguration := expandOpenZFSClientConfiguration(configuration.(map[string]interface{})) - if expandedConfiguration != nil { - configurations = append(configurations, *expandedConfiguration) + for _, tfMapRaw := range tfList { + tfMap, ok := tfMapRaw.(map[string]interface{}) + if !ok { + continue } + + apiObjects = append(apiObjects, expandOpenZFSClientConfiguration(tfMap)) } - return configurations + return apiObjects } -func expandOpenZFSClientConfiguration(conf map[string]interface{}) *awstypes.OpenZFSClientConfiguration { - out := awstypes.OpenZFSClientConfiguration{} +func expandOpenZFSClientConfiguration(tfMap map[string]interface{}) awstypes.OpenZFSClientConfiguration { + apiObject := awstypes.OpenZFSClientConfiguration{} - if v, ok := conf["clients"].(string); ok && len(v) > 0 { - out.Clients = aws.String(v) + if v, ok := tfMap["clients"].(string); ok && len(v) > 0 { + apiObject.Clients = aws.String(v) } - if v, ok := conf["options"].([]interface{}); ok { - out.Options = flex.ExpandStringValueList(v) + if v, ok := tfMap["options"].([]interface{}); ok { + apiObject.Options = flex.ExpandStringValueList(v) } - return &out + return apiObject } func expandCreateOpenZFSOriginSnapshotConfiguration(cfg []interface{}) *awstypes.CreateOpenZFSOriginSnapshotConfiguration { @@ -523,34 +527,39 @@ func expandCreateOpenZFSOriginSnapshotConfiguration(cfg []interface{}) *awstypes return &out } -func flattenOpenZFSNfsExports(rs []awstypes.OpenZFSNfsExport) []map[string]interface{} { // nosemgrep:ci.caps4-in-func-name - exports := make([]map[string]interface{}, 0) +func flattenOpenZFSNfsExports(apiObjects []awstypes.OpenZFSNfsExport) []interface{} { // nosemgrep:ci.caps4-in-func-name + tfList := make([]interface{}, 0) - for _, export := range rs { - cfg := make(map[string]interface{}) - cfg["client_configurations"] = flattenOpenZFSClientConfigurations(export.ClientConfigurations) - exports = append(exports, cfg) + for _, apiObject := range apiObjects { + // The API may return '"NfsExports":[null]'. + if len(apiObject.ClientConfigurations) == 0 { + continue + } + + tfMap := make(map[string]interface{}) + tfMap["client_configurations"] = flattenOpenZFSClientConfigurations(apiObject.ClientConfigurations) + tfList = append(tfList, tfMap) } - if len(exports) > 0 { - return exports + if len(tfList) > 0 { + return tfList } return nil } -func flattenOpenZFSClientConfigurations(rs []awstypes.OpenZFSClientConfiguration) []map[string]interface{} { - configurations := make([]map[string]interface{}, 0) +func flattenOpenZFSClientConfigurations(apiObjects []awstypes.OpenZFSClientConfiguration) []interface{} { + tfList := make([]interface{}, 0) - for _, configuration := range rs { - cfg := make(map[string]interface{}) - cfg["clients"] = aws.ToString(configuration.Clients) - cfg["options"] = flex.FlattenStringValueList(configuration.Options) - configurations = append(configurations, cfg) + for _, apiObject := range apiObjects { + tfMap := make(map[string]interface{}) + tfMap["clients"] = aws.ToString(apiObject.Clients) + tfMap["options"] = apiObject.Options + tfList = append(tfList, tfMap) } - if len(configurations) > 0 { - return configurations + if len(tfList) > 0 { + return tfList } return nil From 594cdcf4eed869f709ceac521b23ec960449ee55 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 22 Jul 2024 12:06:26 -0400 Subject: [PATCH 10/14] fsx: Skip acceptance testing errors like 'ServiceLimitExceeded: Account 123456789012 can have at most 10240 MB/s of throughput capacity total across file systems'. --- internal/service/fsx/openzfs_file_system_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/internal/service/fsx/openzfs_file_system_test.go b/internal/service/fsx/openzfs_file_system_test.go index 16a19be43ca..95c579a89ed 100644 --- a/internal/service/fsx/openzfs_file_system_test.go +++ b/internal/service/fsx/openzfs_file_system_test.go @@ -28,6 +28,8 @@ func init() { func testAccErrorCheckSkip(t *testing.T) resource.ErrorCheckFunc { return acctest.ErrorCheckSkipMessagesContaining(t, "Amazon FSx does not currently support OpenZFS file system creation in the following Availability Zones", + // "ServiceLimitExceeded: Account 123456789012 can have at most 10240 MB/s of throughput capacity total across file systems" + "throughput capacity total across file systems", ) } From 5ceace51acff99e48e9151b6887d2d1ae3f6d3e0 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 22 Jul 2024 12:08:57 -0400 Subject: [PATCH 11/14] Fix 'TestAccFSxONTAPStorageVirtualMachine_activeDirectoryJoin'. --- internal/service/fsx/ontap_storage_virtual_machine_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/service/fsx/ontap_storage_virtual_machine_test.go b/internal/service/fsx/ontap_storage_virtual_machine_test.go index 3c3cd6cba9d..f797aef5f87 100644 --- a/internal/service/fsx/ontap_storage_virtual_machine_test.go +++ b/internal/service/fsx/ontap_storage_virtual_machine_test.go @@ -309,18 +309,18 @@ func TestAccFSxONTAPStorageVirtualMachine_activeDirectoryJoin(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccONTAPStorageVirtualMachineConfig_basic(rName), - Check: resource.ComposeTestCheckFunc( + Check: resource.ComposeAggregateTestCheckFunc( testAccCheckONTAPStorageVirtualMachineExists(ctx, resourceName, &storageVirtualMachine1), resource.TestCheckResourceAttr(resourceName, "active_directory_configuration.#", acctest.Ct0), ), }, { Config: testAccONTAPStorageVirtualMachineConfig_selfManagedActiveDirectory(rName, netBiosName, domainNetbiosName, domainName, domainPassword), - Check: resource.ComposeTestCheckFunc( + Check: resource.ComposeAggregateTestCheckFunc( testAccCheckONTAPStorageVirtualMachineExists(ctx, resourceName, &storageVirtualMachine2), testAccCheckONTAPStorageVirtualMachineNotRecreated(&storageVirtualMachine1, &storageVirtualMachine2), resource.TestCheckResourceAttr(resourceName, "active_directory_configuration.#", acctest.Ct1), - resource.TestCheckResourceAttr(resourceName, "active_directory_configuration.0.netbios_name", netBiosName), + resource.TestCheckResourceAttr(resourceName, "active_directory_configuration.0.netbios_name", strings.ToUpper(netBiosName)), resource.TestCheckResourceAttr(resourceName, "active_directory_configuration.0.self_managed_active_directory_configuration.0.domain_name", domainName), resource.TestCheckResourceAttr(resourceName, "active_directory_configuration.0.self_managed_active_directory_configuration.0.file_system_administrators_group", "Admins"), resource.TestCheckResourceAttr(resourceName, "active_directory_configuration.0.self_managed_active_directory_configuration.0.organizational_unit_distinguished_name", fmt.Sprintf("OU=computers,OU=%s", domainNetbiosName)), From 8b3fa65cb3fa832e5782aec241762a0c8f86a07b Mon Sep 17 00:00:00 2001 From: Justin Retzolk <44710313+justinretzolk@users.noreply.github.com> Date: Mon, 22 Jul 2024 11:52:09 -0500 Subject: [PATCH 12/14] Clarify aws_securitylake_subscriber docs --- .../r/securitylake_subscriber.html.markdown | 56 +++++++++++++------ 1 file changed, 40 insertions(+), 16 deletions(-) diff --git a/website/docs/r/securitylake_subscriber.html.markdown b/website/docs/r/securitylake_subscriber.html.markdown index fdd832545a8..b16871c9a9f 100644 --- a/website/docs/r/securitylake_subscriber.html.markdown +++ b/website/docs/r/securitylake_subscriber.html.markdown @@ -38,28 +38,37 @@ resource "aws_securitylake_subscriber" "example" { This resource supports the following arguments: -* `source` - (Required) The supported AWS services from which logs and events are collected. Security Lake supports log and event collection for natively supported AWS services. -* `subscriber_identity` - (Required) The AWS identity used to access your data. +* `access_type` - (Optional) The Amazon S3 or Lake Formation access type. +* `source` - (Required) The supported AWS services from which logs and events are collected. Security Lake supports log and event collection for natively supported AWS services. See [`source` Blocks](#source-blocks) below. +* `subscriber_identity` - (Required) The AWS identity used to access your data. See [`subscriber_identity` Block](#subscriber_identity-block) below. * `subscriber_description` - (Optional) The description for your subscriber account in Security Lake. * `subscriber_name` - (Optional) The name of your Security Lake subscriber account. * `tags` - (Optional) Key-value map of resource tags. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. -Subsciber Identity support the following: +### `source` Blocks + +`source` blocks support the following arguments: + +* `aws_log_source_resource` - (Optional) Amazon Security Lake supports log and event collection for natively supported AWS services. See [`aws_log_source_resource` Block](#aws_log_source_resource-block) below. +* `custom_log_source_resource` - (Optional) Amazon Security Lake supports custom source types. See [`custom_log_source_resource` Block](#custom_log_source_resource-block) below. + +### `subscriber_identity` Block + +The `subscriber_identity` block supports the following arguments: * `external_id` - (Required) The AWS Regions where Security Lake is automatically enabled. * `principal` - (Required) Provides encryption details of Amazon Security Lake object. -Sources support the following: +### `aws_log_source_resource` Block -* `aws_log_source_resource` - (Optional) Amazon Security Lake supports log and event collection for natively supported AWS services. -* `custom_log_source_resource` - (Optional) Amazon Security Lake supports custom source types. - -AWS Log Source Resource support the following: +The `aws_log_source_resource` block supports the following arguments: * `source_name` - (Required) Provides data expiration details of Amazon Security Lake object. * `source_version` - (Optional) Provides data storage transition details of Amazon Security Lake object. -Custom Log Source Resource support the following: +### `custom_log_source_resource` Block + +The `custom_log_source_resource` block supports the following arguments. See [`custom_log_source_resource` Attribute Reference](#custom_log_source_resource-attribute-reference) below for additional read-only attributes. * `source_name` - (Required) The name for a third-party custom source. This must be a Regionally unique value. * `source_version` - (Optional) The version for a third-party custom source. This must be a Regionally unique value. @@ -76,15 +85,30 @@ This resource exports the following attributes in addition to the arguments abov * `subscriber_endpoint` - The subscriber endpoint to which exception messages are posted. * `subscriber_status` - The subscriber status of the Amazon Security Lake subscriber account. * `resource_share_name` - The name of the resource share. -* `attributes` - The attributes of a third-party custom source. - * `crawler_arn` - The ARN of the AWS Glue crawler. - * `database_arn` - The ARN of the AWS Glue database where results are written. - * `table_arn` - The ARN of the AWS Glue table. -* `provider_details` - The details of the log provider for a third-party custom source. - * `location` - The location of the partition in the Amazon S3 bucket for Security Lake. - * `role_arn` - The ARN of the IAM role to be used by the entity putting logs into your custom source partition. * `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block). +### `custom_log_source_resource` Attribute Reference + +The `custom_log_source_resource` block exports the following attributes in addition to the arguments above: + +* `attributes` - The attributes of the third-party custom source. See [`attributes` Block](#attributes-block) below. +* `provider` - The details of the log provider for the third-party custom source. See [`provider` Block](#provider-block) below. + +### `attributes` Block + +The `attributes` block exports the following attributes: + +* `crawler_arn` - The ARN of the AWS Glue crawler. +* `database_arn` - The ARN of the AWS Glue database where results are written. +* `table_arn` - The ARN of the AWS Glue table. + +### `provider` Block + +The `provider` block exports the following attributes: + +* `location` - The location of the partition in the Amazon S3 bucket for Security Lake. +* `role_arn` - The ARN of the IAM role to be used by the entity putting logs into your custom source partition. + ## Timeouts [Configuration options](https://developer.hashicorp.com/terraform/language/resources/syntax#operation-timeouts): From 5810bc42d388fcb7b33913a6663f487fa8455766 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 22 Jul 2024 15:14:30 -0400 Subject: [PATCH 13/14] Add CHANGELOG entry. --- .changelog/38437.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .changelog/38437.txt diff --git a/.changelog/38437.txt b/.changelog/38437.txt new file mode 100644 index 00000000000..94c25499c8e --- /dev/null +++ b/.changelog/38437.txt @@ -0,0 +1,7 @@ +```release-note:bug +resource/aws_rds_cluster: Mark `ca_certificate_identifier` as Computed +``` + +```release-note:bug +resource/aws_rds_cluster: Wait for no pending modified values on Update if `apply_immediately` is `true`. This fixes `InvalidParameterCombination` errors when updating `engine_version` +``` \ No newline at end of file From 73f9aa669fd3a29aad42c06156a9a9d78833ed90 Mon Sep 17 00:00:00 2001 From: changelogbot Date: Mon, 22 Jul 2024 19:47:46 +0000 Subject: [PATCH 14/14] Update CHANGELOG.md for #38437 --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7983b05928e..73e25317dfd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,8 @@ BUG FIXES: * data-source/aws_fsx_openzfs_snapshot: Correctly set `tags` on Read ([#38343](https://github.com/hashicorp/terraform-provider-aws/issues/38343)) * resource/aws_ce_cost_category: Fix perpetual diff with the `rule` argument on update ([#38449](https://github.com/hashicorp/terraform-provider-aws/issues/38449)) * resource/aws_fsx_openzfs_volume: Correctly set `tags` on Read ([#38343](https://github.com/hashicorp/terraform-provider-aws/issues/38343)) +* resource/aws_rds_cluster: Mark `ca_certificate_identifier` as Computed ([#38437](https://github.com/hashicorp/terraform-provider-aws/issues/38437)) +* resource/aws_rds_cluster: Wait for no pending modified values on Update if `apply_immediately` is `true`. This fixes `InvalidParameterCombination` errors when updating `engine_version` ([#38437](https://github.com/hashicorp/terraform-provider-aws/issues/38437)) ## 5.59.0 (July 19, 2024)