Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature: Support SecretsManagerConfiguration for Firehose Delivery Stream Snowflake Configuration #38151

Conversation

civitaspo
Copy link
Contributor

@civitaspo civitaspo commented Jun 27, 2024

Signed-off-by: Takahiro Nakayama [email protected]

Description

Amazon Data Firehose supports managing secrets using SecretsManager (SecretsManagerConfiguration). However, the terraform-provider-aws does not support the use of SecretsManagerConfiguration. Therefore, I have made it possible to use SecretsManagerConfiguration.

Since the implementation effort is significant, I have only implemented it within the SnowflakeConfiguration, which I need. If this implementation is accepted, it will be possible to incorporate SecretsManagerConfiguration into other configurations with separate Pull Requests.

Additionally, this change (cefe73a) is not the feature I wanted to add in this Pull Request, but I found a bug while writing tests, so I fixed it as well.

Relations

Closes #38210.
Closes #38245.
Relates #36646.

References

Output from Acceptance Testing

% make testacc TESTS=TestAccFirehoseDeliveryStream_snowflake PKG=firehose
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.4 test ./internal/service/firehose/... -v -count 1 -parallel 20 -run='TestAccFirehoseDeliveryStream_snowflake'  -timeout 360m
=== RUN   TestAccFirehoseDeliveryStream_snowflakeUpdates
=== PAUSE TestAccFirehoseDeliveryStream_snowflakeUpdates
=== CONT  TestAccFirehoseDeliveryStream_snowflakeUpdates
--- PASS: TestAccFirehoseDeliveryStream_snowflakeUpdates (154.75s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/firehose   158.176s

Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/firehose Issues and PRs that pertain to the firehose service. labels Jun 27, 2024
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Jun 27, 2024
Signed-off-by: Takahiro Nakayama <[email protected]>
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @civitaspo 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@civitaspo civitaspo marked this pull request as ready for review June 27, 2024 10:26
@civitaspo civitaspo requested a review from a team as a code owner June 27, 2024 10:26
@civitaspo civitaspo marked this pull request as draft June 27, 2024 10:38
Signed-off-by: Takahiro Nakayama <[email protected]>
…787509517258576): operation error Firehose: UpdateDestination, https response error StatusCode: 400, RequestID: e37d3184-7f21-2c18-bd8a-7dcdd054ed55, api error ValidationException: 1 validation error detected: Value at 'snowflakeDestinationUpdate.snowflakeRoleConfiguration.snowflakeRole' failed to satisfy constraint: Member must have length greater than or equal to 1" on deleting the configuration

Signed-off-by: Takahiro Nakayama <[email protected]>
@civitaspo civitaspo marked this pull request as ready for review June 27, 2024 11:37
@justinretzolk justinretzolk added enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. labels Jun 27, 2024
Signed-off-by: Takahiro Nakayama <[email protected]>
@civitaspo
Copy link
Contributor Author

Sorry. I intended to write the documentation after receiving a code review, without considering the maintainer's busy schedule. However, after reading the FAQ and understanding the maintainer's workload, I have also added the documentation. This Pull Request is review-ready, so I am awaiting your review.

@civitaspo
Copy link
Contributor Author

civitaspo commented Jul 16, 2024

This PR will conflict with #38245 because both make changes related to SecretsManagerConfiguration.

@terraform-aws-provider terraform-aws-provider bot added the documentation Introduces or discusses updates to documentation. label Jul 18, 2024
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccFirehoseDeliveryStream_Splunk\|TestAccFirehoseDeliveryStream_splunk\|TestAccFirehoseDeliveryStream_Redshift\|TestAccFirehoseDeliveryStream_redshift\|TestAccFirehoseDeliveryStream_HTTPEndpoint\|TestAccFirehoseDeliveryStream_httpEndpoint\|TestAccFirehoseDeliveryStream_snowflake' PKG=firehose ACCTEST_PARALLELISM=3
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.5 test ./internal/service/firehose/... -v -count 1 -parallel 3  -run=TestAccFirehoseDeliveryStream_Splunk\|TestAccFirehoseDeliveryStream_splunk\|TestAccFirehoseDeliveryStream_Redshift\|TestAccFirehoseDeliveryStream_redshift\|TestAccFirehoseDeliveryStream_HTTPEndpoint\|TestAccFirehoseDeliveryStream_httpEndpoint\|TestAccFirehoseDeliveryStream_snowflake -timeout 360m
=== RUN   TestAccFirehoseDeliveryStream_redshiftUpdates
=== PAUSE TestAccFirehoseDeliveryStream_redshiftUpdates
=== RUN   TestAccFirehoseDeliveryStream_Redshift_SecretsManagerConfiguration
=== PAUSE TestAccFirehoseDeliveryStream_Redshift_SecretsManagerConfiguration
=== RUN   TestAccFirehoseDeliveryStream_snowflakeUpdates
=== PAUSE TestAccFirehoseDeliveryStream_snowflakeUpdates
=== RUN   TestAccFirehoseDeliveryStream_splunkUpdates
=== PAUSE TestAccFirehoseDeliveryStream_splunkUpdates
=== RUN   TestAccFirehoseDeliveryStream_Splunk_ErrorOutputPrefix
=== PAUSE TestAccFirehoseDeliveryStream_Splunk_ErrorOutputPrefix
=== RUN   TestAccFirehoseDeliveryStream_Splunk_SecretsManagerConfiguration
=== PAUSE TestAccFirehoseDeliveryStream_Splunk_SecretsManagerConfiguration
=== RUN   TestAccFirehoseDeliveryStream_httpEndpoint
=== PAUSE TestAccFirehoseDeliveryStream_httpEndpoint
=== RUN   TestAccFirehoseDeliveryStream_HTTPEndpoint_ErrorOutputPrefix
=== PAUSE TestAccFirehoseDeliveryStream_HTTPEndpoint_ErrorOutputPrefix
=== RUN   TestAccFirehoseDeliveryStream_HTTPEndpoint_retryDuration
=== PAUSE TestAccFirehoseDeliveryStream_HTTPEndpoint_retryDuration
=== RUN   TestAccFirehoseDeliveryStream_HTTPEndpoint_SecretsManagerConfiguration
=== PAUSE TestAccFirehoseDeliveryStream_HTTPEndpoint_SecretsManagerConfiguration
=== CONT  TestAccFirehoseDeliveryStream_redshiftUpdates
=== CONT  TestAccFirehoseDeliveryStream_Splunk_SecretsManagerConfiguration
=== CONT  TestAccFirehoseDeliveryStream_HTTPEndpoint_retryDuration
--- PASS: TestAccFirehoseDeliveryStream_Splunk_SecretsManagerConfiguration (71.24s)
=== CONT  TestAccFirehoseDeliveryStream_HTTPEndpoint_ErrorOutputPrefix
--- PASS: TestAccFirehoseDeliveryStream_HTTPEndpoint_retryDuration (71.46s)
=== CONT  TestAccFirehoseDeliveryStream_httpEndpoint
--- PASS: TestAccFirehoseDeliveryStream_httpEndpoint (82.28s)
=== CONT  TestAccFirehoseDeliveryStream_splunkUpdates
--- PASS: TestAccFirehoseDeliveryStream_HTTPEndpoint_ErrorOutputPrefix (125.67s)
=== CONT  TestAccFirehoseDeliveryStream_Splunk_ErrorOutputPrefix
--- PASS: TestAccFirehoseDeliveryStream_splunkUpdates (107.60s)
=== CONT  TestAccFirehoseDeliveryStream_HTTPEndpoint_SecretsManagerConfiguration
--- PASS: TestAccFirehoseDeliveryStream_redshiftUpdates (262.53s)
=== CONT  TestAccFirehoseDeliveryStream_snowflakeUpdates
--- PASS: TestAccFirehoseDeliveryStream_Splunk_ErrorOutputPrefix (105.05s)
=== CONT  TestAccFirehoseDeliveryStream_Redshift_SecretsManagerConfiguration
--- PASS: TestAccFirehoseDeliveryStream_HTTPEndpoint_SecretsManagerConfiguration (82.61s)
--- PASS: TestAccFirehoseDeliveryStream_snowflakeUpdates (139.41s)
--- PASS: TestAccFirehoseDeliveryStream_Redshift_SecretsManagerConfiguration (245.93s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/firehose	555.888s
% make testacc TESTARGS='-run=TestAccFirehoseDeliveryStream_basic' PKG=firehose
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.5 test ./internal/service/firehose/... -v -count 1 -parallel 20  -run=TestAccFirehoseDeliveryStream_basic -timeout 360m
=== RUN   TestAccFirehoseDeliveryStream_basic
=== PAUSE TestAccFirehoseDeliveryStream_basic
=== CONT  TestAccFirehoseDeliveryStream_basic
--- PASS: TestAccFirehoseDeliveryStream_basic (92.41s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/firehose	97.192s

@ewbankkit
Copy link
Contributor

@civitaspo @nikhil-goenka Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit e905e90 into hashicorp:main Jul 18, 2024
46 checks passed
@github-actions github-actions bot added this to the v5.59.0 milestone Jul 18, 2024
Copy link

This functionality has been released in v5.59.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@civitaspo civitaspo deleted the f-Support-SecretsManagerConfiguration-for-Snowflake branch July 24, 2024 01:46
@civitaspo
Copy link
Contributor Author

Thank you for making the changes that allow the configuration of SecretsManagerConfiguration for all services, not just Snowflake ❤️

Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 23, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. service/firehose Issues and PRs that pertain to the firehose service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Enhancement]: Support secret manager as authentication source for Data Firehose
4 participants