r/mwaa_environment - new resource

[shuheiktgw]

Community Note

• Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Relates #16432

Release note for CHANGELOG:

* **New Resource:** `aws_mwaa_environment`

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccAWSMwaaEnvironment_basic'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSMwaaEnvironment_basic -timeout 120m
=== RUN   TestAccAWSMwaaEnvironment_basic
=== PAUSE TestAccAWSMwaaEnvironment_basic
=== CONT  TestAccAWSMwaaEnvironment_basic
--- PASS: TestAccAWSMwaaEnvironment_basic (1934.16s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	1936.124s
 
$ make testacc TESTARGS='-run=TestAccAWSMwaaEnvironment_disappears'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSMwaaEnvironment_disappears -timeout 120m
=== RUN   TestAccAWSMwaaEnvironment_disappears
=== PAUSE TestAccAWSMwaaEnvironment_disappears
=== CONT  TestAccAWSMwaaEnvironment_disappears
--- PASS: TestAccAWSMwaaEnvironment_disappears (1956.11s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	1958.077s

$ make testacc TESTARGS='-run=TestAccAWSMwaaEnvironment_AirflowConfigurationOptions'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSMwaaEnvironment_AirflowConfigurationOptions -timeout 120m
=== RUN   TestAccAWSMwaaEnvironment_AirflowConfigurationOptions
=== PAUSE TestAccAWSMwaaEnvironment_AirflowConfigurationOptions
=== CONT  TestAccAWSMwaaEnvironment_AirflowConfigurationOptions
--- PASS: TestAccAWSMwaaEnvironment_AirflowConfigurationOptions (3321.77s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	3323.728s

$ make testacc TESTARGS='-run=TestAccAWSMwaaEnvironment_LogConfiguration'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSMwaaEnvironment_LogConfiguration -timeout 120m
=== RUN   TestAccAWSMwaaEnvironment_LogConfiguration
=== PAUSE TestAccAWSMwaaEnvironment_LogConfiguration
=== CONT  TestAccAWSMwaaEnvironment_LogConfiguration
--- PASS: TestAccAWSMwaaEnvironment_LogConfiguration (2580.88s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	2582.884s

$ make testacc TESTARGS='-run=TestAccAWSMwaaEnvironment_full'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSMwaaEnvironment_full -timeout 120m
=== RUN   TestAccAWSMwaaEnvironment_full
=== PAUSE TestAccAWSMwaaEnvironment_full
=== CONT  TestAccAWSMwaaEnvironment_full
--- PASS: TestAccAWSMwaaEnvironment_full (1785.69s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	1787.647s

[CapChrisCap]

Hello @shuheiktgw ,
am also currently working on the MWAA resource: https://github.com/CapChrisCap/terraform-provider-aws/pull/1. Feel free to pick everything out of this pull request that you can maybe re-use for this pull request :-)

What is already done:

• Resource implementation
• Documentation
• First successful acceptance tests (only update is missing)

Just message me, when you have questions about the structure and code. This is my first terraform provider extension of mine, so feedback is appreciated :-)

[shuheiktgw]

Thank you for your help, @CapChrisCap! 👍

This will speed up the process a lot. I'll definitely pick up the parts I haven't completed from your PR. I'll squash the commits after I complete the initial implementation, so I'll name you as a co-author of those squashed commits if you are fine with it!

[shuheiktgw]

I've been struggling with the creation_failure with an ACC test... I'm still actively debugging it so give me a little bit more time 🙇

[CapChrisCap]

@shuheiktgw I can understand your pain :-D I had the same issue. This is normally because the Subnets do not have any internet connection or are not private subnets: https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-create.html and https://docs.aws.amazon.com/mwaa/latest/userguide/troubleshooting.html#env-create-fail. This was the reason, I created it with the CloudFormation template provided by AWS. The best is probably to use this first and then rewrite this into terraform. Notify me, when I can support ;-)

[shuheiktgw]

The last challenge I have is when I run make testacc TESTARGS='-run=TestAccAWSMwaaEnvironment_LogConfiguration' I encounter the following error. It is pretty close to the end I feel...

TestAccAWSMwaaEnvironment_LogConfiguration: resource_aws_mwaa_environment_test.go:193: Step 3/3 error: Error running apply:
Error: Provider produced inconsistent result after apply

When applying changes to aws_mwaa_environment.test, provider
"registry.terraform.io/hashicorp/aws" produced an unexpected new value: Root
resource was present, but now absent.

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

[shuheiktgw]

@CapChrisCap Thank you so much for your support! It's all set so I'll turn this draft into a PR! 🎉 🎉

[bhushan-chirmade-tm]

Can somebody please merge this pull request? We are waiting for this feature to be available.

[bhushan-chirmade-tm]

Looks good.

[lena-sadowska]

Thank you for the great work! We would also appreciate the merge as we are also waiting for this service

[john-jac]

Hi Folks...I'm the PM from the MWAA team. Please let me know if you need any help.

[bflad]

Hi @shuheiktgw 👋 Thank you so much for your work on this so far. Please see the below initial feedback/questions and let us know if you need help with anything.

Please also note that the acceptance testing in failing for me with errors like the following:

=== CONT  TestAccAWSMwaaEnvironment_basic
    resource_aws_mwaa_environment_test.go:57: Step 1/2 error: Error running apply: exit status 1

        Error: error creating MWAA Environment: ValidationException: Unable to check PublicAccessBlock configuration for the bucket tf-acc-test-4357126281653006425: The public access block configuration was not found (Service: S3, Status Code: 404, Request ID: 3AZ2R85VD2QNN0AV, Extended Request ID: bN/6jbXNsTVlJhteK3VjuUHjUaSbNdEEWmnRAwmNd45Y2nEPYYe8C17+VxjxWWD0kgJ9GBu3ebo=)

It appears that Step 5 of https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html is now being enforced during MWAA Environment creation, which likely means that we need to also include a aws_s3_bucket_public_access_block resource in the base test configuration such as:

resource "aws_s3_bucket_public_access_block" "test" {
  bucket = aws_s3_bucket.test.bucket

  block_public_acls   = true
  block_public_policy = true
}

[bflad]

Open question: Is it possible to forego this mandatory 1 minute delay on creation? The waiter will automatically handle a nil response from the refresh function as a retryable condition. 👍

[bflad]

Open question: Can we lower this mandatory 1 minute delay to 15 seconds (or remove it altogether)?

[bflad]

Similar question here. 👍

[bflad]

Newer documentation linting will flag this:

Suggested change

	```hcl
	```terraform

[bflad]

Suggested change

	```hcl
	```terraform

[bflad]

Suggested change

	depends_on = [aws_s3_bucket.test]

[bflad]

Suggested change

	depends_on = [aws_s3_bucket.test]

[bflad]

Suggested change

	"airflow.amazonaws.com",
	"airflow-env.amazonaws.com"
	"airflow.${data.aws_partition.current.dns_suffix}",
	"airflow-env.${data.aws_partition.current.dns_suffix}"

[bflad]

Suggested change

	"Service": "logs.${data.aws_region.current.name}.amazonaws.com"
	"Service": "logs.${data.aws_region.current.name}.${data.aws_partition.current.dns_suffix}"

[shuheiktgw]

@bflad Thank you for your review! I confirmed all the ACC tests pass now so I believe I fixed it up. Would you review the PR again?

[bflad]

Looks great, thank you, @shuheiktgw 🚀

Output from acceptance testing:

--- PASS: TestAccAWSMwaaEnvironment_full (1714.15s)
--- PASS: TestAccAWSMwaaEnvironment_basic (1957.20s)
--- PASS: TestAccAWSMwaaEnvironment_disappears (2239.96s)
--- PASS: TestAccAWSMwaaEnvironment_LogConfiguration (2531.17s)
--- PASS: TestAccAWSMwaaEnvironment_AirflowConfigurationOptions (3225.28s)

[shuheiktgw]

Thank you all for your help! @CapChrisCap @ewbankkit @bflad

[ghost]

This has been released in version 3.36.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!