Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/s3_bucket_object_lock_configuration: clarify usage in docs and mark token as sensitive #23368

Merged
merged 3 commits into from
Feb 28, 2022
Merged

r/s3_bucket_object_lock_configuration: clarify usage in docs and mark token as sensitive #23368

merged 3 commits into from
Feb 28, 2022

Conversation

anGie44
Copy link
Contributor

@anGie44 anGie44 commented Feb 25, 2022
edited
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #23363

TODO:

  • get confirmation from AWS Support case on how token is used with the AWS Go SDK
  • confirm if you need to update your aws_s3_bucket configuration with object_lock_enabled to suppress diffs
    ^^ not actually necessary after apply/refresh:
$ cat main.tf

resource "aws_s3_bucket" "example" {
  bucket = "my-example-log-bucket-4444"
}

resource "aws_s3_bucket_versioning" "example" {
  bucket = aws_s3_bucket.example.id

  versioning_configuration {
    status = "Enabled"
  }
}

resource "aws_s3_bucket_object_lock_configuration" "example"{
  bucket = aws_s3_bucket.example.id

  rule {
    default_retention {
      mode = "COMPLIANCE"
      days = 5
    }
  }

  token = (Sensitive)
}


$ terraform apply

Terraform will perform the following actions:

  # aws_s3_bucket_object_lock_configuration.example will be created
  + resource "aws_s3_bucket_object_lock_configuration" "example" {
      + bucket              = "my-example-log-bucket-4444"
      + id                  = (known after apply)
      + object_lock_enabled = "Enabled"
      + token               = "xxxxxxxxxx"

      + rule {
          + default_retention {
              + days = 5
              + mode = "COMPLIANCE"
            }
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.
aws_s3_bucket_object_lock_configuration.example: Creating...
aws_s3_bucket_object_lock_configuration.example: Creation complete after 1s [id=my-example-log-bucket-4444]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

$ terraform plan
aws_s3_bucket.example: Refreshing state... [id=my-example-log-bucket-4444]
aws_s3_bucket_versioning.example: Refreshing state... [id=my-example-log-bucket-4444]
aws_s3_bucket_object_lock_configuration.example: Refreshing state... [id=my-example-log-bucket-4444]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply":

  # aws_s3_bucket.example has changed
  ~ resource "aws_s3_bucket" "example" {
        id                                   = "my-example-log-bucket-4444"
        tags                                 = {}
        # (17 unchanged attributes hidden)

      + object_lock_configuration {
          + object_lock_enabled = "Enabled"
          + rule                = [
              + {
                  + default_retention = [
                      + {
                          + days  = 5
                          + mode  = "COMPLIANCE"
                          + years = 0
                        },
                    ]
                },
            ]
        }
    }


Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes,
the following plan may include actions to undo or respond to these changes.

───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

No changes. Your infrastructure matches the configuration.

Output from acceptance testing:

N/A

@github-actions github-actions bot added documentation Introduces or discusses updates to documentation. service/s3 Issues and PRs that pertain to the s3 service. size/XS Managed by automation to categorize the size of a PR. labels Feb 25, 2022
@anGie44 anGie44 changed the title docs/s3: document how object lock configuration works docs/s3: document how object lock configuration works between S3 bucket and S3 bucket object lock configuration resources Feb 25, 2022
@github-actions github-actions bot added size/M Managed by automation to categorize the size of a PR. and removed size/XS Managed by automation to categorize the size of a PR. labels Feb 25, 2022
@anGie44 anGie44 force-pushed the d-s3-bucket-object-lock-configuration branch from 0cd9d9e to 1fca170 Compare February 25, 2022 14:48
@anGie44 anGie44 force-pushed the d-s3-bucket-object-lock-configuration branch from 1fca170 to 0627327 Compare February 25, 2022 15:12
@anGie44 anGie44 changed the title docs/s3: document how object lock configuration works between S3 bucket and S3 bucket object lock configuration resources r/s3_bucket_object_lock_configuration: clarify usage in docs and mark token as sensitive Feb 28, 2022
@anGie44 anGie44 marked this pull request as ready for review February 28, 2022 17:32
@YakDriver YakDriver self-assigned this Feb 28, 2022
YakDriver
YakDriver approved these changes Feb 28, 2022
View reviewed changes
Copy link
Member

@YakDriver YakDriver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very clear! 🎉

@anGie44 anGie44 added this to the v4.3.0 milestone Feb 28, 2022
@anGie44 anGie44 merged commit e42668f into main Feb 28, 2022
@anGie44 anGie44 deleted the d-s3-bucket-object-lock-configuration branch February 28, 2022 18:02
github-actions bot pushed a commit that referenced this pull request Feb 28, 2022
Update CHANGELOG.md for #23368
5c43dce
@github-actions
Copy link

github-actions bot commented Mar 1, 2022

This functionality has been released in v4.3.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 13, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@YakDriver YakDriver YakDriver approved these changes

Assignees

@YakDriver YakDriver

Labels
documentation Introduces or discusses updates to documentation. service/s3 Issues and PRs that pertain to the s3 service. size/M Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v4.3.0
Development

Successfully merging this pull request may close these issues.

aws_s3_bucket_object_lock_configuration documentation bad or confusing
2 participants
@anGie44 @YakDriver