fix: sns topic creation should not be idempotent

[corymhall]

This is a re-roll of #3235.

See this comment for why we are re-rolling this.

closes #3288

Co-authored-by: VenelinMartinov [email protected]

[github-actions]

Does the PR have any schema changes?

Does the PR have any schema changes?

Found 33 breaking changes:

Resources

• "aws:appstream/fleet:Fleet":
  • 🟡 inputs: "maxSessionsPerInstance" missing
  • 🟡 properties: "maxSessionsPerInstance" missing output "maxSessionsPerInstance"
• "aws:batch/jobDefinition:JobDefinition":
  • 🟡 inputs: "deregisterOnNewRevision" missing
  • 🟡 properties: "deregisterOnNewRevision" missing output "deregisterOnNewRevision"
• 🔴 "aws:devopsguru/serviceIntegration:ServiceIntegration" missing
• "aws:emr/cluster:Cluster":
  • 🟡 inputs: "unhealthyNodeReplacement" missing
  • 🟡 properties: "unhealthyNodeReplacement" missing output "unhealthyNodeReplacement"
• 🟡 "aws:servicecatalog/appregistryApplication:AppregistryApplication": properties: "applicationTag" missing output "applicationTag"
• "aws:transfer/server:Server":
  • 🟡 inputs: "s3StorageOptions" missing
  • 🟡 properties: "s3StorageOptions" missing output "s3StorageOptions"

Functions

• 🔴 "aws:devopsguru/getNotificationChannel:getNotificationChannel" missing
• 🔴 "aws:devopsguru/getResourceCollection:getResourceCollection" missing
• 🔴 "aws:ecr/getLifecyclePolicyDocument:getLifecyclePolicyDocument" missing

Types

• "aws:appstream/FleetComputeCapacity:FleetComputeCapacity":
  • 🟡 properties: "desiredSessions" missing
  • 🟢 required: "desiredInstances" property has changed to Required
• 🔴 "aws:devopsguru/ServiceIntegrationKmsServerSideEncryption:ServiceIntegrationKmsServerSideEncryption" missing
• 🔴 "aws:devopsguru/ServiceIntegrationLogsAnomalyDetection:ServiceIntegrationLogsAnomalyDetection" missing
• 🔴 "aws:devopsguru/ServiceIntegrationOpsCenter:ServiceIntegrationOpsCenter" missing
• 🔴 "aws:devopsguru/getNotificationChannelFilter:getNotificationChannelFilter" missing
• 🔴 "aws:devopsguru/getNotificationChannelSn:getNotificationChannelSn" missing
• 🔴 "aws:devopsguru/getResourceCollectionCloudformation:getResourceCollectionCloudformation" missing
• 🔴 "aws:devopsguru/getResourceCollectionTag:getResourceCollectionTag" missing
• 🔴 "aws:ecr/getLifecyclePolicyDocumentRule:getLifecyclePolicyDocumentRule" missing
• 🔴 "aws:ecr/getLifecyclePolicyDocumentRuleAction:getLifecyclePolicyDocumentRuleAction" missing
• 🔴 "aws:ecr/getLifecyclePolicyDocumentRuleSelection:getLifecyclePolicyDocumentRuleSelection" missing
• 🟡 "aws:glue/DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRest:DataCatalogEncryptionSettingsDataCatalogEncryptionSettingsEncryptionAtRest": properties: "catalogEncryptionServiceRole" missing
• "aws:glue/getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingEncryptionAtRest:getDataCatalogEncryptionSettingsDataCatalogEncryptionSettingEncryptionAtRest":
  • 🟡 properties: "catalogEncryptionServiceRole" missing
  • 🟢 required: "catalogEncryptionServiceRole" property is no longer Required
• 🔴 "aws:transfer/ServerS3StorageOptions:ServerS3StorageOptions" missing
• "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspection:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspection": properties:
  • 🟡 "addressFields" missing
  • 🟡 "phoneNumberFields" missing
• 🔴 "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionAddressFields:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionAddressFields" missing
• 🔴 "aws:wafv2/WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPhoneNumberFields:WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSetRequestInspectionPhoneNumberFields" missing
  No new resources/functions.

Maintainer note: consult the runbook for dealing with any breaking changes.

[github-actions]

Is README.md missing any configuration options?

assumeRoleWithWebIdentity not found in Configuration section
customCaBundle not found in Configuration section
defaultTags not found in Configuration section
ec2MetadataServiceEndpoint not found in Configuration section
ec2MetadataServiceEndpointMode not found in Configuration section
httpProxy not found in Configuration section
httpsProxy not found in Configuration section
ignoreTags not found in Configuration section
noProxy not found in Configuration section
retryMode not found in Configuration section
s3UsEast1RegionalEndpoint not found in Configuration section
sharedConfigFiles not found in Configuration section
skipRequestingAccountId not found in Configuration section
stsRegion not found in Configuration section
tokenBucketRateLimiterCapacity not found in Configuration section
useDualstackEndpoint not found in Configuration section

Please add a description for each of these options to README.md. Details about them can be found in either the upstream docs or schema.json.

[t0yv0]

I know I've approved this before but is this is going to be pretty nasty for programs that create 1000 topics this mutex will create a global chokepoint if there wasn't one already, so they will be literally created one at a time?

Do we just need locks for a particular topic? in that case maybe we could have a sync.Map of murexes indexed by topic ARN here so as not to conflict globally?

CC @VenelinMartinov

[corymhall]

@t0yv0 I've updated this so that the lock is based on the topic arn. I think we only care to prevent race conditions if the topics have the same name.

[t0yv0]

This looks good but recommend landing the upstream upgrade first as patch merging is a mess.

[VenelinMartinov]

Hey folks, I might have missed a discussion here - why'd you opt to close this?

[corymhall]

Hey folks, I might have missed a discussion here - why'd you opt to close this?

I messed up trying to rebase the patches from master so I just recreated it #3809