Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add eventual consistency protection to efs_file_system_policy #21734

Merged
merged 3 commits into from
Aug 31, 2023
Merged

Add eventual consistency protection to efs_file_system_policy #21734

merged 3 commits into from
Aug 31, 2023

Conversation

joelthompson
Copy link
Contributor

@joelthompson joelthompson commented Nov 11, 2021
edited
Loading

There was no retry logic around putting an EFS file system policy, which
would lead to errors when the same TF both creates a new IAM principal
(e.g., role) and tries to specify that principal in an EFS FS policy in
the same run. This adds retry logic when AWS returns an error about an
invalid principal in line with standard recommendations.

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #21716

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccEFSFileSystemPolicy' PKG_NAME=internal/service/efs
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/efs/... -v -count 1 -parallel 20 -run=TestAccEFSFileSystemPolicy -timeout 180m
=== RUN   TestAccEFSFileSystemPolicy_basic
=== PAUSE TestAccEFSFileSystemPolicy_basic
=== RUN   TestAccEFSFileSystemPolicy_disappears
=== PAUSE TestAccEFSFileSystemPolicy_disappears
=== RUN   TestAccEFSFileSystemPolicy_policyBypass
=== PAUSE TestAccEFSFileSystemPolicy_policyBypass
=== CONT  TestAccEFSFileSystemPolicy_basic
=== CONT  TestAccEFSFileSystemPolicy_policyBypass
=== CONT  TestAccEFSFileSystemPolicy_disappears
--- PASS: TestAccEFSFileSystemPolicy_disappears (18.16s)
--- PASS: TestAccEFSFileSystemPolicy_basic (26.20s)
--- PASS: TestAccEFSFileSystemPolicy_policyBypass (27.11s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/efs	29.112s

Add eventual consistency protection to efs_file_system_policy
d0e59d5 
There was no retry logic around putting an EFS file system policy, which
would lead to errors when the same TF both creates a new IAM principal
(e.g., role) and tries to specify that principal in an EFS FS policy in
the same run. This adds retry logic when AWS returns an error about an
invalid principal in line with standard recommendations.

Fixes hashicorp#21716
@github-actions github-actions bot added service/efs Issues and PRs that pertain to the efs service. needs-triage Waiting for first response or review from a maintainer. size/XS Managed by automation to categorize the size of a PR. labels Nov 11, 2021
@justinretzolk justinretzolk added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Nov 11, 2021
@jdebbink jdebbink mentioned this pull request Aug 25, 2022
Closed
@jdebbink
Copy link

Please merge this.

@harshitp1987
Copy link

Please merge This

@arthurgurov
Copy link

Please merge this - we need it for our project too.

@phrytsen-gl
Copy link

@hc-github-team-terraform-aws Please, review the issue.

@n3mawashi
Copy link

Please merge this.

@mandrado
Copy link

I need this too.

@ewbankkit
Merge branch 'main' into HEAD
d9c368c 
# Conflicts:
#	internal/service/efs/file_system_policy.go
@ewbankkit ewbankkit added the eventual-consistency Pertains to eventual consistency issues. label Aug 31, 2023
ewbankkit
ewbankkit approved these changes Aug 31, 2023
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccEFSFileSystemPolicy_' PKG=efs ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/efs/... -v -count 1 -parallel 2  -run=TestAccEFSFileSystemPolicy_ -timeout 180m
=== RUN   TestAccEFSFileSystemPolicy_basic
=== PAUSE TestAccEFSFileSystemPolicy_basic
=== RUN   TestAccEFSFileSystemPolicy_disappears
=== PAUSE TestAccEFSFileSystemPolicy_disappears
=== RUN   TestAccEFSFileSystemPolicy_policyBypass
=== PAUSE TestAccEFSFileSystemPolicy_policyBypass
=== RUN   TestAccEFSFileSystemPolicy_equivalentPolicies
=== PAUSE TestAccEFSFileSystemPolicy_equivalentPolicies
=== RUN   TestAccEFSFileSystemPolicy_equivalentPoliciesIAMPolicyDoc
=== PAUSE TestAccEFSFileSystemPolicy_equivalentPoliciesIAMPolicyDoc
=== CONT  TestAccEFSFileSystemPolicy_basic
=== CONT  TestAccEFSFileSystemPolicy_equivalentPolicies
--- PASS: TestAccEFSFileSystemPolicy_equivalentPolicies (69.53s)
=== CONT  TestAccEFSFileSystemPolicy_policyBypass
--- PASS: TestAccEFSFileSystemPolicy_basic (87.85s)
=== CONT  TestAccEFSFileSystemPolicy_equivalentPoliciesIAMPolicyDoc
--- PASS: TestAccEFSFileSystemPolicy_policyBypass (84.45s)
=== CONT  TestAccEFSFileSystemPolicy_disappears
--- PASS: TestAccEFSFileSystemPolicy_equivalentPoliciesIAMPolicyDoc (67.84s)
--- PASS: TestAccEFSFileSystemPolicy_disappears (44.57s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/efs	204.523s

@ewbankkit
Copy link
Contributor

@joelthompson Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 1cbeb1d into hashicorp:main Aug 31, 2023
31 checks passed
@github-actions github-actions bot added this to the v5.15.0 milestone Aug 31, 2023
@github-actions
Copy link

github-actions bot commented Sep 1, 2023

This functionality has been released in v5.15.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

github-actions bot commented Oct 1, 2023

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 1, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. eventual-consistency Pertains to eventual consistency issues. service/efs Issues and PRs that pertain to the efs service. size/XS Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v5.15.0
Development

Successfully merging this pull request may close these issues.

aws_efs_file_system_policy Resource Eventual Consistency Bug
9 participants
@joelthompson @jdebbink @harshitp1987 @arthurgurov @phrytsen-gl @n3mawashi @mandrado @ewbankkit @justinretzolk