From b3c79307cc06fd4f3acbf451b045af737348a0e4 Mon Sep 17 00:00:00 2001 From: drfaust92 Date: Sat, 8 May 2021 12:19:25 +0300 Subject: [PATCH 1/7] validations + tags --- aws/resource_aws_lb_listener_rule.go | 136 +++++++++++++--------- aws/resource_aws_lb_listener_rule_test.go | 1 + 2 files changed, 82 insertions(+), 55 deletions(-) diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index c63f52dc13b..966b509415f 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -12,9 +12,11 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/elbv2" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) func resourceAwsLbbListenerRule() *schema.Resource { @@ -33,9 +35,10 @@ func resourceAwsLbbListenerRule() *schema.Resource { Computed: true, }, "listener_arn": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validateArn, }, "priority": { Type: schema.TypeInt, @@ -50,15 +53,9 @@ func resourceAwsLbbListenerRule() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "type": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.StringInSlice([]string{ - elbv2.ActionTypeEnumAuthenticateCognito, - elbv2.ActionTypeEnumAuthenticateOidc, - elbv2.ActionTypeEnumFixedResponse, - elbv2.ActionTypeEnumForward, - elbv2.ActionTypeEnumRedirect, - }, true), + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringInSlice(elbv2.ActionTypeEnum_Values(), true), }, "order": { Type: schema.TypeInt, @@ -71,6 +68,7 @@ func resourceAwsLbbListenerRule() *schema.Resource { Type: schema.TypeString, Optional: true, DiffSuppressFunc: suppressIfActionTypeNot(elbv2.ActionTypeEnumForward), + ValidateFunc: validateArn, }, "forward": { @@ -88,8 +86,9 @@ func resourceAwsLbbListenerRule() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "arn": { - Type: schema.TypeString, - Required: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, }, "weight": { Type: schema.TypeInt, @@ -132,21 +131,27 @@ func resourceAwsLbbListenerRule() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "host": { - Type: schema.TypeString, - Optional: true, - Default: "#{host}", + Type: schema.TypeString, + Optional: true, + Default: "#{host}", + ValidateFunc: validation.StringLenBetween(1, 128), }, "path": { - Type: schema.TypeString, - Optional: true, - Default: "/#{path}", + Type: schema.TypeString, + Optional: true, + Default: "/#{path}", + ValidateFunc: validation.StringLenBetween(1, 128), }, "port": { Type: schema.TypeString, Optional: true, Default: "#{port}", + ValidateFunc: validation.Any( + validation.StringInSlice([]string{"#{port}"}, false), + validation.IsPortNumber, + ), }, "protocol": { @@ -161,18 +166,16 @@ func resourceAwsLbbListenerRule() *schema.Resource { }, "query": { - Type: schema.TypeString, - Optional: true, - Default: "#{query}", + Type: schema.TypeString, + Optional: true, + Default: "#{query}", + ValidateFunc: validation.StringLenBetween(1, 128), }, "status_code": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.StringInSlice([]string{ - "HTTP_301", - "HTTP_302", - }, false), + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringInSlice(elbv2.RedirectActionStatusCodeEnum_Values(), false), }, }, }, @@ -198,8 +201,9 @@ func resourceAwsLbbListenerRule() *schema.Resource { }, "message_body": { - Type: schema.TypeString, - Optional: true, + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringLenBetween(0, 1024), }, "status_code": { @@ -225,33 +229,30 @@ func resourceAwsLbbListenerRule() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, }, "on_unauthenticated_request": { - Type: schema.TypeString, - Optional: true, - Computed: true, - ValidateFunc: validation.StringInSlice([]string{ - elbv2.AuthenticateCognitoActionConditionalBehaviorEnumDeny, - elbv2.AuthenticateCognitoActionConditionalBehaviorEnumAllow, - elbv2.AuthenticateCognitoActionConditionalBehaviorEnumAuthenticate, - }, true), + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validation.StringInSlice(elbv2.AuthenticateCognitoActionConditionalBehaviorEnum_Values(), true), }, "scope": { Type: schema.TypeString, Optional: true, - Computed: true, + Default: "openid", }, "session_cookie_name": { Type: schema.TypeString, Optional: true, - Computed: true, + Default: "AWSELBAuthSessionCookie", }, "session_timeout": { Type: schema.TypeInt, Optional: true, - Computed: true, + Default: 604800, }, "user_pool_arn": { - Type: schema.TypeString, - Required: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validateArn, }, "user_pool_client_id": { Type: schema.TypeString, @@ -295,29 +296,25 @@ func resourceAwsLbbListenerRule() *schema.Resource { Required: true, }, "on_unauthenticated_request": { - Type: schema.TypeString, - Optional: true, - Computed: true, - ValidateFunc: validation.StringInSlice([]string{ - elbv2.AuthenticateOidcActionConditionalBehaviorEnumDeny, - elbv2.AuthenticateOidcActionConditionalBehaviorEnumAllow, - elbv2.AuthenticateOidcActionConditionalBehaviorEnumAuthenticate, - }, true), + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validation.StringInSlice(elbv2.AuthenticateOidcActionConditionalBehaviorEnum_Values(), true), }, "scope": { Type: schema.TypeString, Optional: true, - Computed: true, + Default: "openid", }, "session_cookie_name": { Type: schema.TypeString, Optional: true, - Computed: true, + Default: "AWSELBAuthSessionCookie", }, "session_timeout": { Type: schema.TypeInt, Optional: true, - Computed: true, + Default: 604800, }, "token_endpoint": { Type: schema.TypeString, @@ -454,7 +451,12 @@ func resourceAwsLbbListenerRule() *schema.Resource { }, }, }, + "tags": tagsSchema(), + "tags_all": tagsSchemaComputed(), }, + CustomizeDiff: customdiff.Sequence( + SetTagsDiff, + ), } } @@ -476,10 +478,15 @@ func suppressIfActionTypeNot(t string) schema.SchemaDiffSuppressFunc { func resourceAwsLbListenerRuleCreate(d *schema.ResourceData, meta interface{}) error { elbconn := meta.(*AWSClient).elbv2conn listenerArn := d.Get("listener_arn").(string) + defaultTagsConfig := meta.(*AWSClient).DefaultTagsConfig + tags := defaultTagsConfig.MergeTags(keyvaluetags.New(d.Get("tags").(map[string]interface{}))) params := &elbv2.CreateRuleInput{ ListenerArn: aws.String(listenerArn), } + if len(tags) > 0 { + params.Tags = tags.IgnoreAws().Elbv2Tags() + } var err error @@ -543,6 +550,8 @@ func resourceAwsLbListenerRuleCreate(d *schema.ResourceData, meta interface{}) e func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) error { elbconn := meta.(*AWSClient).elbv2conn + defaultTagsConfig := meta.(*AWSClient).DefaultTagsConfig + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig var resp *elbv2.DescribeRulesOutput var req = &elbv2.DescribeRulesInput{ @@ -581,6 +590,23 @@ func resourceAwsLbListenerRuleRead(d *schema.ResourceData, meta interface{}) err d.Set("arn", rule.RuleArn) + tags, err := keyvaluetags.Elbv2ListTags(elbconn, d.Id()) + + if err != nil { + return fmt.Errorf("error listing tags for (%s): %w", d.Id(), err) + } + + tags = tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig) + + //lintignore:AWSR002 + if err := d.Set("tags", tags.RemoveDefaultConfig(defaultTagsConfig).Map()); err != nil { + return fmt.Errorf("error setting tags: %w", err) + } + + if err := d.Set("tags_all", tags.Map()); err != nil { + return fmt.Errorf("error setting tags_all: %w", err) + } + // The listener arn isn't in the response but can be derived from the rule arn d.Set("listener_arn", lbListenerARNFromRuleARN(aws.StringValue(rule.RuleArn))) diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index c4804d3768d..61fee566f1a 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -95,6 +95,7 @@ func TestAccAWSLBListenerRule_basic(t *testing.T) { "source_ip.#": "0", }), resource.TestCheckTypeSetElemAttr(resourceName, "condition.*.path_pattern.0.values.*", "/static/*"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, }, From 364122f8ba00decf928ce2645296c712e160a501 Mon Sep 17 00:00:00 2001 From: drfaust92 Date: Sat, 8 May 2021 23:59:33 +0300 Subject: [PATCH 2/7] revert port validation --- aws/resource_aws_lb_listener_rule.go | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index 966b509415f..bdcb6189e86 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -150,7 +150,6 @@ func resourceAwsLbbListenerRule() *schema.Resource { Default: "#{port}", ValidateFunc: validation.Any( validation.StringInSlice([]string{"#{port}"}, false), - validation.IsPortNumber, ), }, From 7718be2c6b88be87ef13f847236200a97c49eb5d Mon Sep 17 00:00:00 2001 From: drfaust92 Date: Sun, 9 May 2021 00:17:26 +0300 Subject: [PATCH 3/7] revert port validation --- aws/resource_aws_lb_listener_rule.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index bdcb6189e86..b1fbfd3b7b6 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -148,9 +148,6 @@ func resourceAwsLbbListenerRule() *schema.Resource { Type: schema.TypeString, Optional: true, Default: "#{port}", - ValidateFunc: validation.Any( - validation.StringInSlice([]string{"#{port}"}, false), - ), }, "protocol": { From 2a19746cd7232a8c3c0d30d6cb64815ed1687280 Mon Sep 17 00:00:00 2001 From: drfaust92 Date: Sun, 9 May 2021 00:25:15 +0300 Subject: [PATCH 4/7] changelog --- .changelog/19285.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/19285.txt diff --git a/.changelog/19285.txt b/.changelog/19285.txt new file mode 100644 index 00000000000..b3f282f4c47 --- /dev/null +++ b/.changelog/19285.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_lb_listener_rule: Add plan time validation to `listener_arn`, `action.target_group_arn`, `action.forward.target_group.arn`, `action.redirect.host`, `action.redirect.path`, `action.redirect.query`, `action.redirect.status_code`, `action.fixed_response.message_body`, `action.authenticate_cognito.user_pool_arn`. +``` From 9dfed84b61e761e78e48377524f9b584a5fd5d97 Mon Sep 17 00:00:00 2001 From: drfaust92 Date: Sun, 9 May 2021 01:03:22 +0300 Subject: [PATCH 5/7] add tags test and update --- .changelog/19285.txt | 4 + aws/resource_aws_lb_listener_rule.go | 30 +++ aws/resource_aws_lb_listener_rule_test.go | 293 ++++++++++++++++++++++ 3 files changed, 327 insertions(+) diff --git a/.changelog/19285.txt b/.changelog/19285.txt index b3f282f4c47..abeef994f8e 100644 --- a/.changelog/19285.txt +++ b/.changelog/19285.txt @@ -1,3 +1,7 @@ ```release-note:enhancement resource/aws_lb_listener_rule: Add plan time validation to `listener_arn`, `action.target_group_arn`, `action.forward.target_group.arn`, `action.redirect.host`, `action.redirect.path`, `action.redirect.query`, `action.redirect.status_code`, `action.fixed_response.message_body`, `action.authenticate_cognito.user_pool_arn`. ``` + +```release-note:enhancement +resource/aws_lb_listener_rule: Add tagging support. +``` \ No newline at end of file diff --git a/aws/resource_aws_lb_listener_rule.go b/aws/resource_aws_lb_listener_rule.go index b1fbfd3b7b6..55154b80890 100644 --- a/aws/resource_aws_lb_listener_rule.go +++ b/aws/resource_aws_lb_listener_rule.go @@ -12,11 +12,14 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/elbv2" + "github.com/hashicorp/aws-sdk-go-base/tfawserr" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/elbv2/waiter" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/tfresource" ) func resourceAwsLbbListenerRule() *schema.Resource { @@ -838,6 +841,33 @@ func resourceAwsLbListenerRuleUpdate(d *schema.ResourceData, meta interface{}) e } } + if d.HasChange("tags_all") { + o, n := d.GetChange("tags_all") + + err := resource.Retry(waiter.LoadBalancerTagPropagationTimeout, func() *resource.RetryError { + err := keyvaluetags.Elbv2UpdateTags(elbconn, d.Id(), o, n) + + if tfawserr.ErrCodeEquals(err, elbv2.ErrCodeLoadBalancerNotFoundException) { + log.Printf("[DEBUG] Retrying tagging of LB Listener Rule (%s) after error: %s", d.Id(), err) + return resource.RetryableError(err) + } + + if err != nil { + return resource.NonRetryableError(err) + } + + return nil + }) + + if tfresource.TimedOut(err) { + err = keyvaluetags.Elbv2UpdateTags(elbconn, d.Id(), o, n) + } + + if err != nil { + return fmt.Errorf("error updating LB (%s) tags: %w", d.Id(), err) + } + } + return resourceAwsLbListenerRuleRead(d, meta) } diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index 61fee566f1a..5711ff6ac48 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -102,6 +102,48 @@ func TestAccAWSLBListenerRule_basic(t *testing.T) { }) } +func TestAccAWSLBListenerRule_tags(t *testing.T) { + var conf elbv2.Rule + lbName := fmt.Sprintf("testrule-basic-%s", acctest.RandString(13)) + targetGroupName := fmt.Sprintf("testtargetgroup-%s", acctest.RandString(10)) + + resourceName := "aws_lb_listener_rule.static" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + ErrorCheck: testAccErrorCheck(t, elbv2.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSLBListenerRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSLBListenerRuleTagsConfig1(lbName, targetGroupName, "key1", "value1"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"), + ), + }, + { + Config: testAccAWSLBListenerRuleTagsConfig2(lbName, targetGroupName, "key1", "value1updated", "key2", "value2"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + { + Config: testAccAWSLBListenerRuleTagsConfig1(lbName, targetGroupName, "key2", "value2"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAWSLBListenerRuleExists(resourceName, &conf), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + }, + }) +} + func TestAccAWSLBListenerRule_forwardWeighted(t *testing.T) { var conf elbv2.Rule lbName := fmt.Sprintf("testrule-weighted-%s", acctest.RandString(13)) @@ -3614,3 +3656,254 @@ condition { } `, "Multiple", lbName) } + +func testAccAWSLBListenerRuleTagsConfig1(lbName, targetGroupName, tagKey1, tagValue1 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener_rule" "static" { + listener_arn = aws_lb_listener.front_end.arn + priority = 100 + + action { + type = "forward" + target_group_arn = aws_lb_target_group.test.arn + } + + condition { + path_pattern { + values = ["/static/*"] + } + } + + tags = { + %[3]q = %[4]q + } +} + +resource "aws_lb_listener" "front_end" { + load_balancer_arn = aws_lb.alb_test.id + protocol = "HTTP" + port = "80" + + default_action { + target_group_arn = aws_lb_target_group.test.id + type = "forward" + } +} + +resource "aws_lb" "alb_test" { + name = %[1]q + internal = true + security_groups = [aws_security_group.alb_test.id] + subnets = aws_subnet.alb_test[*].id + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test" { + name = %[2]q + port = 8080 + protocol = "HTTP" + vpc_id = aws_vpc.alb_test.id + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = list(string) +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-rule-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = aws_vpc.alb_test.id + cidr_block = element(var.subnets, count.index) + map_public_ip_on_launch = true + availability_zone = element(data.aws_availability_zones.available.names, count.index) + + tags = { + Name = "tf-acc-lb-listener-rule-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = aws_vpc.alb_test.id + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName, tagKey1, tagValue1) +} + +func testAccAWSLBListenerRuleTagsConfig2(lbName, targetGroupName, tagKey1, tagValue1, tagKey2, tagValue2 string) string { + return fmt.Sprintf(` +resource "aws_lb_listener_rule" "static" { + listener_arn = aws_lb_listener.front_end.arn + priority = 100 + + action { + type = "forward" + target_group_arn = aws_lb_target_group.test.arn + } + + condition { + path_pattern { + values = ["/static/*"] + } + } + + tags = { + %[3]q = %[4]q + %[5]q = %[6]q + } +} + +resource "aws_lb_listener" "front_end" { + load_balancer_arn = aws_lb.alb_test.id + protocol = "HTTP" + port = "80" + + default_action { + target_group_arn = aws_lb_target_group.test.id + type = "forward" + } +} + +resource "aws_lb" "alb_test" { + name = %[1]q + internal = true + security_groups = [aws_security_group.alb_test.id] + subnets = aws_subnet.alb_test[*].id + + idle_timeout = 30 + enable_deletion_protection = false + + tags = { + Name = "TestAccAWSALB_basic" + } +} + +resource "aws_lb_target_group" "test" { + name = %[2]q + port = 8080 + protocol = "HTTP" + vpc_id = aws_vpc.alb_test.id + + health_check { + path = "/health" + interval = 60 + port = 8081 + protocol = "HTTP" + timeout = 3 + healthy_threshold = 3 + unhealthy_threshold = 3 + matcher = "200-299" + } +} + +variable "subnets" { + default = ["10.0.1.0/24", "10.0.2.0/24"] + type = list(string) +} + +data "aws_availability_zones" "available" { + state = "available" + + filter { + name = "opt-in-status" + values = ["opt-in-not-required"] + } +} + +resource "aws_vpc" "alb_test" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "terraform-testacc-lb-listener-rule-basic" + } +} + +resource "aws_subnet" "alb_test" { + count = 2 + vpc_id = aws_vpc.alb_test.id + cidr_block = element(var.subnets, count.index) + map_public_ip_on_launch = true + availability_zone = element(data.aws_availability_zones.available.names, count.index) + + tags = { + Name = "tf-acc-lb-listener-rule-basic-${count.index}" + } +} + +resource "aws_security_group" "alb_test" { + name = "allow_all_alb_test" + description = "Used for ALB Testing" + vpc_id = aws_vpc.alb_test.id + + ingress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = "TestAccAWSALB_basic" + } +} +`, lbName, targetGroupName, tagKey1, tagValue1, tagKey2, tagValue2) +} From 5ef72a0e0e876295663c99ba62d5116a542121bb Mon Sep 17 00:00:00 2001 From: drfaust92 Date: Sun, 9 May 2021 01:06:10 +0300 Subject: [PATCH 6/7] tags doc --- website/docs/r/lb_listener_rule.html.markdown | 2 ++ 1 file changed, 2 insertions(+) diff --git a/website/docs/r/lb_listener_rule.html.markdown b/website/docs/r/lb_listener_rule.html.markdown index 602ac379627..9745b6bf7bb 100644 --- a/website/docs/r/lb_listener_rule.html.markdown +++ b/website/docs/r/lb_listener_rule.html.markdown @@ -212,6 +212,7 @@ The following arguments are supported: * `priority` - (Optional) The priority for the rule between `1` and `50000`. Leaving it unset will automatically set the rule with next available priority after currently existing highest rule. A listener can't have multiple rules with the same priority. * `action` - (Required) An Action block. Action blocks are documented below. * `condition` - (Required) A Condition block. Multiple condition blocks of different types can be set and all must be satisfied for the rule to match. Condition blocks are documented below. +* `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`default_tags` configuration block](/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. ### Action Blocks @@ -326,6 +327,7 @@ In addition to all arguments above, the following attributes are exported: * `id` - The ARN of the rule (matches `arn`) * `arn` - The ARN of the rule (matches `id`) +* `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](/docs/providers/aws/index.html#default_tags-configuration-block). ## Import From 3f75e07ba2f7cdd2c98bf958f2c0321498267af2 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 10 May 2021 09:31:18 -0400 Subject: [PATCH 7/7] r/aws_lb_listener_rule: Skip 'TestAccAWSLBListenerRule_cognito' on GovCloud. --- aws/resource_aws_lb_listener_rule_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/aws/resource_aws_lb_listener_rule_test.go b/aws/resource_aws_lb_listener_rule_test.go index 5711ff6ac48..78afe17f3a4 100644 --- a/aws/resource_aws_lb_listener_rule_test.go +++ b/aws/resource_aws_lb_listener_rule_test.go @@ -517,6 +517,10 @@ func TestAccAWSLBListenerRule_priority(t *testing.T) { } func TestAccAWSLBListenerRule_cognito(t *testing.T) { + if testAccGetPartition() == "aws-us-gov" { + t.Skip("LB Listener Rule action type 'authenticate-cognito' type is not supported in GovCloud partition") + } + var conf elbv2.Rule key := tlsRsaPrivateKeyPem(2048) certificate := tlsRsaX509SelfSignedCertificatePem(key, "example.com")