Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: aws_verifiedaccess_group policy can't be set when no policy was set initially #34054

Merged
merged 3 commits into from
Oct 23, 2023
Merged

Fix: aws_verifiedaccess_group policy can't be set when no policy was set initially #34054

merged 3 commits into from
Oct 23, 2023

Conversation

sQu4rks
Copy link
Contributor

@sQu4rks sQu4rks commented Oct 22, 2023

Description

Fixes an issue in the aws_verifiedaccess_group where a policy document can't be set on a resource that was created without an attached policy.

  • Set PolicyEnabled flag on the ModifyVerifiedAccessGroupPolicyInput to true when detecting a changed policy.
  • Added two acceptance tests - one for policy changes and one for setting a policy on a resource that previously didn't have one.

Relations

Closes #34052

Output from Acceptance Testing

% make testacc TESTARGS='-run=TestAccVerifiedAccessGroup_' PKG=ec2 ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 2  -run=TestAccVerifiedAccessGroup_ -timeout 360m
=== RUN   TestAccVerifiedAccessGroup_basic
=== PAUSE TestAccVerifiedAccessGroup_basic
=== RUN   TestAccVerifiedAccessGroup_disappears
=== PAUSE TestAccVerifiedAccessGroup_disappears
=== RUN   TestAccVerifiedAccessGroup_tags
=== PAUSE TestAccVerifiedAccessGroup_tags
=== RUN   TestAccVerifiedAccessGroup_policy
=== PAUSE TestAccVerifiedAccessGroup_policy
=== RUN   TestAccVerifiedAccessGroup_updatePolicy
=== PAUSE TestAccVerifiedAccessGroup_updatePolicy
=== RUN   TestAccVerifiedAccessGroup_setPolicy
=== PAUSE TestAccVerifiedAccessGroup_setPolicy
=== CONT  TestAccVerifiedAccessGroup_basic
=== CONT  TestAccVerifiedAccessGroup_policy
--- PASS: TestAccVerifiedAccessGroup_policy (26.58s)
=== CONT  TestAccVerifiedAccessGroup_setPolicy
--- PASS: TestAccVerifiedAccessGroup_basic (28.48s)
=== CONT  TestAccVerifiedAccessGroup_tags
--- PASS: TestAccVerifiedAccessGroup_setPolicy (39.41s)
=== CONT  TestAccVerifiedAccessGroup_disappears
--- PASS: TestAccVerifiedAccessGroup_tags (48.96s)
=== CONT  TestAccVerifiedAccessGroup_updatePolicy
--- PASS: TestAccVerifiedAccessGroup_disappears (18.77s)
--- PASS: TestAccVerifiedAccessGroup_updatePolicy (38.00s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/ec2        118.663s
...

Marcel Neidinger and others added 2 commits October 20, 2023 11:35
Added PolicyEnabled flag when updating a policy
eef28e5 
This fixes an issue where, when no policy was set previously,
the update would fail.

Also added two new test cases
- TestAccVerifiedAccessGroup_setPolicy to check when a policy is set on
  a resources that previously didn't have one attached.
- TestAccVerifiedAccessGroup_updatePolicy to check the behaviour when
  updating an existing policy.
@sQu4rks
Merge branch 'hashicorp:main' into b-VerifiedAccessGroupChangePolicy
f9cf9ae
@github-actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/M Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/verifiedaccess Issues and PRs that pertain to the verifiedaccess service. labels Oct 22, 2023
@terraform-aws-provider terraform-aws-provider bot added needs-triage Waiting for first response or review from a maintainer. partner Contribution from a partner. labels Oct 22, 2023
@sQu4rks sQu4rks changed the title B verified access group change policy Fix: aws_verifiedaccess_group policy can't be set when no policy was set initially Oct 22, 2023
@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Oct 23, 2023
@ewbankkit ewbankkit self-assigned this Oct 23, 2023
@terraform-aws-provider terraform-aws-provider bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Oct 23, 2023
ewbankkit
ewbankkit approved these changes Oct 23, 2023
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccVerifiedAccessGroup_' PKG=ec2 ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 2  -run=TestAccVerifiedAccessGroup_ -timeout 360m
=== RUN   TestAccVerifiedAccessGroup_basic
=== PAUSE TestAccVerifiedAccessGroup_basic
=== RUN   TestAccVerifiedAccessGroup_disappears
=== PAUSE TestAccVerifiedAccessGroup_disappears
=== RUN   TestAccVerifiedAccessGroup_tags
=== PAUSE TestAccVerifiedAccessGroup_tags
=== RUN   TestAccVerifiedAccessGroup_policy
=== PAUSE TestAccVerifiedAccessGroup_policy
=== RUN   TestAccVerifiedAccessGroup_updatePolicy
=== PAUSE TestAccVerifiedAccessGroup_updatePolicy
=== RUN   TestAccVerifiedAccessGroup_setPolicy
=== PAUSE TestAccVerifiedAccessGroup_setPolicy
=== CONT  TestAccVerifiedAccessGroup_basic
=== CONT  TestAccVerifiedAccessGroup_policy
--- PASS: TestAccVerifiedAccessGroup_basic (29.65s)
=== CONT  TestAccVerifiedAccessGroup_tags
--- PASS: TestAccVerifiedAccessGroup_policy (30.05s)
=== CONT  TestAccVerifiedAccessGroup_disappears
--- PASS: TestAccVerifiedAccessGroup_disappears (25.56s)
=== CONT  TestAccVerifiedAccessGroup_setPolicy
--- PASS: TestAccVerifiedAccessGroup_tags (69.63s)
=== CONT  TestAccVerifiedAccessGroup_updatePolicy
--- PASS: TestAccVerifiedAccessGroup_setPolicy (54.57s)
--- PASS: TestAccVerifiedAccessGroup_updatePolicy (49.93s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/ec2	154.467s

@ewbankkit
Copy link
Contributor

@sQu4rks Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 256ffcc into hashicorp:main Oct 23, 2023
34 checks passed
@github-actions github-actions bot added this to the v5.23.0 milestone Oct 23, 2023
@github-actions
Copy link

This functionality has been released in v5.23.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 26, 2023
@justinretzolk justinretzolk added the bug Addresses a defect in current functionality. label Feb 10, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@ewbankkit ewbankkit

Labels
bug Addresses a defect in current functionality. partner Contribution from a partner. prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. service/verifiedaccess Issues and PRs that pertain to the verifiedaccess service. size/M Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.23.0
Development

Successfully merging this pull request may close these issues.

[Bug]: aws_verifiedaccess_group and policy_document
3 participants
@sQu4rks @ewbankkit @justinretzolk