Merge pull request #17378 from hashicorp/roadmap/q1-2020

Roadmap/Q1 2021
hashicorp · Feb 1, 2021 · 075f130 · 075f130
2 parents 2322a74 + 8f3e7da
commit 075f130
Show file tree

Hide file tree

Showing 2 changed files with 156 additions and 52 deletions.
diff --git a/ROADMAP.md b/ROADMAP.md
@@ -1,4 +1,4 @@
-# Roadmap:  November 2020 - January 2021
+# Roadmap:  February 2021 - April 2021
 
 Every few months, the team will highlight areas of focus for our work and upcoming research.
 
@@ -8,31 +8,64 @@ Each weekly release will include necessary tasks that lead to the completion of
 
 This roadmap does not describe all the work that will be included within this timeframe, but it does describe our focus. We will include other work as events occur .
 
-From [August through October](docs/roadmaps/2020_August_to_October.md), we committed to adding support for EventBridge, ImageBuilder , LakeFormation and Serverless Application Repository as new service offerings. We were able to deliver EventBridge within that time frame. Unfortunately for a number of reasons we weren’t able to release ImageBuilder, LakeFormation and Serverless Application Repository. That said, they are in progress and on track for release in early November.
+From [November through January](docs/roadmaps/2020_November_to_January.md), we added support for (among other things):
 
-From October-January ‘21, we will be prioritizing the following areas of work:
+- SSO Permission Sets
+- EC2 Managed Prefix Lists
+- Firewall Manager Policies
+- SASL/SCRAM Authentication for MSK
+- ImageBuilder
+- LakeFormation
+- Serverless Application Repository
+- Cloudwatch Composite Alarms
+
+As well as partnering with AWS to provide launch day support for:
+
+- Network Firewall
+- Code Signing for Lambda
+- Container Images for Lambda
+- Gateway Load Balancer
+- Spot Launch for EKS Managed Node Groups
+
+From February-April ‘21, we will be prioritizing the following areas of work:
+
+## Provider Functionality: Default Tags
+
+Issue: [#7926](https://github.com/hashicorp/terraform-provider-aws/issues/7926)
+
+Default Tags builds on the workflows in Ignore Tags to provide additional control over the ways Terraform manages tagging capabilities. Users will be able to specify lists of tags to apply to all resources in a configuration at the provider level. Our goal in offering this use case is to assist in tidying up configuration files, decreasing development efforts, and streamlining cost allocation and resource attribution within organizations of all sizes. 
 
 ## New Services
 
-### AWS SSO Permission Sets
-Issue: [#15108](https://github.com/hashicorp/terraform-provider-aws/issues/15108)
+### CloudWatch Synthetics
+Issue: [#11145](https://github.com/hashicorp/terraform-provider-aws/issues/11145)
 
-_[AWS SSO](https://docs.aws.amazon.com/singlesignon/latest/APIReference/welcome.html) account assignment APIs enable you to build automation to create and update permissions that align with your company's common job functions. You can then assign the permissions to users and groups to entitle them for access in their required accounts. For example, you can give your developers broad control over resources in developer accounts, and limit that control to authorized operations personnel in production accounts. The new AWS CloudFormation support enables you to automate account assignments as you build new accounts. You can also use the APIs to decode user and group names from the unique identifiers that appear in AWS CloudTrail logs._
+_[CloudWatch Synthetics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries.html) You can use Amazon CloudWatch Synthetics to create canaries, configurable scripts that run on a schedule, to monitor your endpoints and APIs. Canaries follow the same routes and perform the same actions as a customer, which makes it possible for you to continually verify your customer experience even when you don't have any customer traffic on your applications. By using canaries, you can discover issues before your customers do._
 
-Support for AWS SSO Permission Sets will include:
+Support for CloudWatch Synthetics will include:
 
 New Resource(s):
-- aws_sso_permission_set
-- aws_sso_permission_set_policy
-- aws_sso_permission_set_policy_attachment
-- aws_sso_account_assignment
+- aws_synthetics_canary
+
+New Datasource(s):
+- aws_synthetics_canary_runs
+
+### Managed Workflows for Apache Airflow
+
+Issue: [#16432](https://github.com/hashicorp/terraform-provider-aws/issues/16432)
+
+_[Managed Workflows for Apache Airflow](https://aws.amazon.com/blogs/aws/introducing-amazon-managed-workflows-for-apache-airflow-mwaa/) Amazon Managed Workflows for Apache Airflow (MWAA) is a managed orchestration service for Apache Airflow1 that makes it easier to set up and operate end-to-end data pipelines in the cloud at scale. Apache Airflow is an open-source tool used to programmatically author, schedule, and monitor sequences of processes and tasks referred to as “workflows.” With Managed Workflows, you can use Airflow and Python to create workflows without having to manage the underlying infrastructure for scalability, availability, and security. Managed Workflows automatically scales its workflow execution capacity to meet your needs, and is integrated with AWS security services to help provide you with fast and secure access to data._
 
-## Issues & Enhancements
+Support for Amazon Managed Workflows for Apache Airflow will include:
 
-### Core Service Reliability
+New Resource(s):
+
+- aws_mwaa_environment
+
+## Core Service Reliability
 Core Services are areas of high usage or strategic importance for our users. We strive to offer rock solid reliability in these areas. This quarter we will have a focus on RDS and Elasticache (which we are also promoting to Core Service status) to address some common pain points in their usage and ensure they continue to meet our standards.
 
-#### RDS
+### RDS
 
 - [#15177](https://github.com/hashicorp/terraform-provider-aws/issues/15177): Subsequent plan/apply forces global cluster recreation when source cluster's storage_encrypted=true
 - [#15583](https://github.com/hashicorp/terraform-provider-aws/issues/15583):  aws db parameter group ... converts keys and values to lowercase and fails 'apply' due to aws_db_parameter_group changes
@@ -43,59 +76,28 @@ Core Services are areas of high usage or strategic importance for our users. We
 - [#10197](https://github.com/hashicorp/terraform-provider-aws/issues/10197): AWS aurora unexpected state 'configuring-iam-database-auth' when modifying the `iam_database_authentication_enabled` flag
 - [#13891](https://github.com/hashicorp/terraform-provider-aws/issues/13891): RDS Cluster is not reattached to Global Cluster after failing deletion
 
-#### Elasticache
-The Elasticache work will begin with a research spike to ensure that the we can solve the following issues without introducing breaking changes into the provider:  
-
-- [#14959](https://github.com/hashicorp/terraform-provider-aws/issues/14959): Research Spike: Elasticache Service Fixes and Improvements
-- [#12708](https://github.com/hashicorp/terraform-provider-aws/issues/12708): resource/aws_elasticache_replication_group: Add MultiAZ support
-- ~[#13517](https://github.com/hashicorp/terraform-provider-aws/issues/13517): Feature Request: `aws_elasticache_cluster` allow auto-minor-version-upgrade to be set~ This parameter is not enabled in the AWS API.
-- [#5118](https://github.com/hashicorp/terraform-provider-aws/issues/5118): support setting primary/replica AZ attributes inside NodeGroupConfiguration for RedisClusterModelEnabled
-
-### Workflow Improvements
+## Technical Debt Theme
 
-We’ll also be tackling some of the top reported issues in the provider that are causing disruptions to high priority workflows: 
+Last quarter we continued to improve the stability of our Acceptance Test suite. Following on from that work we will begin to integrate our Pull Request workflow with our Acceptance testing suite with a goal of being able to determine which tests to run, trigger, and view results of Acceptance Test runs on GitHub. This will improve our time to merge incoming PR's and further protect against regressions.
 
-- [#14373](https://github.com/hashicorp/terraform-provider-aws/issues/14373): cloudfront: support for cache and origin request policies
-- [#11584](https://github.com/hashicorp/terraform-provider-aws/issues/11584): Add ability to manage VPN tunnel options
-- [#13986](https://github.com/hashicorp/terraform-provider-aws/issues/13986): Feature request: Managed prefix lists
-- [#8009](https://github.com/hashicorp/terraform-provider-aws/issues/8009): S3 settings on aws_dms_endpoint conflict with "extra_connection_attributes"
-- [#11220](https://github.com/hashicorp/terraform-provider-aws/issues/11220): Set account recovery preference
-- [#12272](https://github.com/hashicorp/terraform-provider-aws/issues/12272): CloudWatch composite alarms
-- [#4058](https://github.com/hashicorp/terraform-provider-aws/issues/4058): Support Firewall Manager Policies
-- [#10931](https://github.com/hashicorp/terraform-provider-aws/issues/10931): Resource aws_sns_topic_subscription, new argument redrive_policy
-- [#11098](https://github.com/hashicorp/terraform-provider-aws/issues/11098): Support for AWS Config Conformance Packs
-- [#6674](https://github.com/hashicorp/terraform-provider-aws/issues/6674): Feature Request: Security Hub
-- [#3891](https://github.com/hashicorp/terraform-provider-aws/issues/3891): Adding custom cognito user pool attribute forces new resource
-- [#2245](https://github.com/hashicorp/terraform-provider-aws/issues/2245): AWS security groups not being destroyed
-- [#8114](https://github.com/hashicorp/terraform-provider-aws/issues/8114): Cognito User Pool UI Customization
-- [#11348](https://github.com/hashicorp/terraform-provider-aws/issues/11348): Add Type to AWS SFN State Machine
-- [#11586](https://github.com/hashicorp/terraform-provider-aws/issues/11586): Faulty Read of Client VPN Network associations break state
+We also spent time last quarter improving our documentation to give contributors more explicit guidance on best practice patterns for [data conversion](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing/data-handling-and-conversion.md) and [error handling](https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing/error-handling.md).  
 
-### Technical Debt Theme
-
-Last quarter we made considerable progress in improving the stability of our Acceptance Test suite. We were able to reduce our consistent test failures by 50% in Commercial, and fixed hundreds of tests in GovCloud. We believe that keeping our focus in this area in the next quarter is the way forward that provides the most value. With another quarter of focus we are looking to have a test suite free of problematic tests, along with optimizations which should improve the speeds of the suite.
-
-### Research Topics
+## Research Topics
 
 Research topics include features, architectural changes, and ideas that we are pursuing in the longer term that may significantly impact the core user experience of the AWS provider. Research topics are discovery only and are not guaranteed to be included in a future release.
 
 We are interested in your thoughts and feedback about the proposals below and encourage you to comment on the linked issues or schedule time with @maryelizbeth via the link on her GitHub profile to discuss.
 
-#### Default Tags Implementation Design
-Issue: [#7926](https://github.com/hashicorp/terraform-provider-aws/issues/7926)
-
-After completing user research and an internal review of our research conclusions, we will begin conducting engineering research and publish an RFC to address the implementation of this feature. Once the RFC has been approved, we will update the community with our plans for Default Tags. 
-
-#### API Calls/IAM Actions Per Terraform Resource (Minimum IAM)
+### API Calls/IAM Actions Per Terraform Resource (Minimum IAM)
 Issue: [#9154](https://github.com/hashicorp/terraform-provider-aws/issues/9154)
 
 To address security concerns and best practices we are considering how Terraform could surface minimally viable IAM policies for taking actions on resources or executing a TF plan. This is in the early stages of research and we are particularly interested in whether or not this would be useful and the resources or services areas for which it is most valuable.
 
-#### Lifecycle: Retain [Add 'retain' attribute to the Terraform lifecycle meta-parameter]
+### Lifecycle: Retain [Add 'retain' attribute to the Terraform lifecycle meta-parameter]
 Issue: [#902](https://github.com/hashicorp/terraform-provider-aws/issues/902)
 
 Some resources (e.g. log groups) are intended to be created but never destroyed. Terraform currently does not have a lifecycle attribute for retaining such resources. We are curious as to whether or not retaining resources is a workflow that meets the needs of our community and if so, how and where we might make use of that in the AWS Provider.
 
-### Disclosures
+## Disclosures
 
 The product-development initiatives in this document reflect HashiCorp's current plans and are subject to change and/or cancellation in HashiCorp's sole discretion.