-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
r/network_acl + default_network_acl - add arn attribute + validations #13819
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shaping up nicely, please see some initial feedback. Thanks as usual, Ilia!
Output from acceptance testing:
--- FAIL: TestAccAWSNetworkAclRule_disappears_NetworkAcl (283.73s)
--- PASS: TestAccAWSDefaultNetworkAcl_basic (48.64s)
--- PASS: TestAccAWSDefaultNetworkAcl_basicIpv6Vpc (24.62s)
--- PASS: TestAccAWSDefaultNetworkAcl_deny_ingress (79.59s)
--- PASS: TestAccAWSDefaultNetworkAcl_SubnetReassign (80.79s)
--- PASS: TestAccAWSDefaultNetworkAcl_SubnetRemoval (76.95s)
--- PASS: TestAccAWSDefaultNetworkAcl_withIpv6Ingress (37.32s)
--- PASS: TestAccAWSNetworkAcl_basic (59.59s)
--- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (57.97s)
--- PASS: TestAccAWSNetworkAcl_disappears (79.66s)
--- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (82.17s)
--- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (24.58s)
--- PASS: TestAccAWSNetworkAcl_espProtocol (25.58s)
--- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (95.44s)
--- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (32.04s)
--- PASS: TestAccAWSNetworkAcl_ipv6Rules (43.51s)
--- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (25.60s)
--- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (49.12s)
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (52.90s)
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (71.78s)
--- PASS: TestAccAWSNetworkAcl_SubnetChange (46.80s)
--- PASS: TestAccAWSNetworkAcl_Subnets (41.96s)
--- PASS: TestAccAWSNetworkAcl_SubnetsDelete (54.71s)
--- PASS: TestAccAWSNetworkAclRule_allProtocol (76.33s)
--- PASS: TestAccAWSNetworkAclRule_basic (51.19s)
--- PASS: TestAccAWSNetworkAclRule_disappears (30.42s)
--- PASS: TestAccAWSNetworkAclRule_ingressEgressSameNumberDisappears (40.41s)
--- PASS: TestAccAWSNetworkAclRule_ipv6 (26.55s)
--- PASS: TestAccAWSNetworkAclRule_ipv6ICMP (40.37s)
--- PASS: TestAccAWSNetworkAclRule_ipv6VpcAssignGeneratedIpv6CidrBlockUpdate (76.04s)
--- PASS: TestAccAWSNetworkAclRule_missingParam (15.12s)
--- PASS: TestAccAWSNetworkAclRule_tcpProtocol (53.68s)
Optional: true, | ||
Type: schema.TypeString, | ||
Optional: true, | ||
ValidateFunc: validation.IsCIDR, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to allow empty strings in the cidr_block/ipv6_cidr_block attributes for Terraform 0.11 and earlier.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
Required: true, | ||
Type: schema.TypeInt, | ||
Required: true, | ||
ValidateFunc: validation.IntBetween(1, 32766), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: Doesn't need to be this PR, but we should probably create a constant for this, e.g.
const (
// Maximum number for EC2 Network ACL Rules. The range 32767 to 65535 is reserved for internal use.
Ec2NetworkAclRuleNumberMaximum = 32766
)
We'll need to figure out the best place for these in the future when things are broken into separate packages.
add disappears test cases add arn attribute
eea9bde
to
ea7d0aa
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀
Output from acceptance testing:
--- PASS: TestAccAWSDefaultNetworkAcl_basic (45.78s)
--- PASS: TestAccAWSDefaultNetworkAcl_basicIpv6Vpc (42.81s)
--- PASS: TestAccAWSDefaultNetworkAcl_deny_ingress (26.85s)
--- PASS: TestAccAWSDefaultNetworkAcl_SubnetReassign (80.09s)
--- PASS: TestAccAWSDefaultNetworkAcl_SubnetRemoval (85.16s)
--- PASS: TestAccAWSDefaultNetworkAcl_withIpv6Ingress (68.19s)
--- PASS: TestAccAWSNetworkAcl_basic (36.90s)
--- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (53.65s)
--- PASS: TestAccAWSNetworkAcl_disappears (38.43s)
--- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (57.37s)
--- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (29.01s)
--- PASS: TestAccAWSNetworkAcl_espProtocol (18.67s)
--- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (84.70s)
--- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (20.36s)
--- PASS: TestAccAWSNetworkAcl_ipv6Rules (33.62s)
--- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (28.73s)
--- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (34.72s)
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (103.64s)
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (37.71s)
--- PASS: TestAccAWSNetworkAcl_SubnetChange (45.37s)
--- PASS: TestAccAWSNetworkAcl_Subnets (55.57s)
--- PASS: TestAccAWSNetworkAcl_SubnetsDelete (41.93s)
--- PASS: TestAccAWSNetworkAclRule_allProtocol (131.52s)
--- PASS: TestAccAWSNetworkAclRule_basic (65.25s)
--- PASS: TestAccAWSNetworkAclRule_disappears (64.15s)
--- PASS: TestAccAWSNetworkAclRule_disappears_NetworkAcl (33.15s)
--- PASS: TestAccAWSNetworkAclRule_ingressEgressSameNumberDisappears (50.48s)
--- PASS: TestAccAWSNetworkAclRule_ipv6 (82.86s)
--- PASS: TestAccAWSNetworkAclRule_ipv6ICMP (50.00s)
--- PASS: TestAccAWSNetworkAclRule_ipv6VpcAssignGeneratedIpv6CidrBlockUpdate (62.86s)
--- PASS: TestAccAWSNetworkAclRule_missingParam (28.19s)
--- PASS: TestAccAWSNetworkAclRule_tcpProtocol (43.89s)
This has been released in version 2.68.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
Relates #13624, #13527
Release note for CHANGELOG:
Output from acceptance testing: