r/aws_cloudformation_stack_set_instance: Empty OU refactor

[sbutler]

Community Note

• Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Description

The original code tried to add deployment target support by finding an account in one of the targets, and then using all the same code as account stack set instances. This is deficient:

• If none of the targets contain an account the code fails, due to the resource Id not having an accountID value.
• It does not expose information like account IDs and stack set IDs for any accounts in the deployment targets, except the arbitrary account it used.
• It can cause the resource Id to needlessly drift due to the account selection process changing (account moved OU's, or the API decided to return things in a different order, etc).

This refactor treats deployment targets as their own branch of the logic, with their own new attributes.

Relations

Closes #23349

The added ForceNew directive for the deployment_targets argument relates to (and possibly resolves):

Relates #27877
Relates #25253

Output from Acceptance Testing

WIP due to not being familiar enough with Go to add additional tests for this change.

Output from acceptance testing:

$ make testacc TESTS=TestAccXXX PKG=ec2

...

[github-actions]

Welcome @sbutler 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTING guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

[jjasiek191]

Any chance to resolve this issue? It has been open almost year ago

[rkno82]

Who can merge that fix?

[jar-b]

LGTM 🎉

$ make testacc PKG=cloudformation TESTS=TestAccCloudFormationStackSetInstance_
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cloudformation/... -v -count 1 -parallel 20 -run='TestAccCloudFormationStackSetInstance_'  -timeout 180m

=== NAME  TestAccCloudFormationStackSetInstance_operationPreferences
    acctest.go:951: this AWS account must be the management account of an AWS Organization
--- SKIP: TestAccCloudFormationStackSetInstance_operationPreferences (0.58s)
=== NAME  TestAccCloudFormationStackSetInstance_DeploymentTargets_emptyOU
    acctest.go:951: this AWS account must be the management account of an AWS Organization
--- SKIP: TestAccCloudFormationStackSetInstance_DeploymentTargets_emptyOU (0.58s)
=== NAME  TestAccCloudFormationStackSetInstance_deploymentTargets
    acctest.go:951: this AWS account must be the management account of an AWS Organization
--- SKIP: TestAccCloudFormationStackSetInstance_deploymentTargets (0.58s)
--- PASS: TestAccCloudFormationStackSetInstance_disappears (66.63s)
--- PASS: TestAccCloudFormationStackSetInstance_Disappears_stackSet (68.75s)
--- PASS: TestAccCloudFormationStackSetInstance_basic (72.35s)
--- PASS: TestAccCloudFormationStackSetInstance_retainStack (132.25s)
--- PASS: TestAccCloudFormationStackSetInstance_parameterOverrides (134.60s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/cloudformation     137.843s

From an organizations management account:

$ make testacc PKG=cloudformation TESTS="TestAccCloudFormationStackSetInstance_DeploymentTargets_emptyOU|TestAccCloudFormationStackSetInstance_deploymentTargets|TestAccCloudFormationStackSetInstance_operationPreferences"
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cloudformation/... -v -count 1 -parallel 20 -run='TestAccCloudFormationStackSetInstance_DeploymentTargets_emptyOU|TestAccCloudFormationStackSetInstance_deploymentTargets|TestAccCloudFormationStackSetInstance_operationPreferences'  -timeout 180m

--- PASS: TestAccCloudFormationStackSetInstance_operationPreferences (57.70s)
--- PASS: TestAccCloudFormationStackSetInstance_deploymentTargets (68.51s)
--- PASS: TestAccCloudFormationStackSetInstance_DeploymentTargets_emptyOU (74.15s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/cloudformation     77.362

[jar-b]

Thanks for your contribution, @sbutler! 👏

[github-actions]

This functionality has been released in v5.9.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.