Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

f: ELBv2 Trust Store resource and Listener MutualAuthentication attributes #34584

Merged
merged 17 commits into from
Dec 1, 2023
Merged

f: ELBv2 Trust Store resource and Listener MutualAuthentication attributes #34584

merged 17 commits into from
Dec 1, 2023

Conversation

matt-mercer
Copy link
Contributor

@matt-mercer matt-mercer commented Nov 27, 2023
edited
Loading

Description

New: aws_lb_trust_store resource and data source
New: aws_lb_trust_store_revocation resource
Added mutual_authentication configuration block to aws_lb_listener

The initial import of aws_lb_trust_store or aws_lb_trust_store_revocation resource will trigger, a recreate as aws elbv2 describe-trust-stores / aws elbv2 describe-trust-store-revocations do not return the original s3 object information used to create the resources. the CA bundle or CRL is read on initial resource creation, and copied to an AWS bucket for use by ELB.

Relations

Closes: #34568

References

https://aws.amazon.com/blogs/aws/mutual-authentication-for-application-load-balancer-to-reliably-verify-certificate-based-client-identities/

Output from Acceptance Testing

% make testacc TESTS=TestAccELBV2TrustStore_* PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20 -run='TestAccELBV2TrustStore_*'  -timeout 360m
=== RUN   TestAccELBV2TrustStoreDataSource_basic
=== PAUSE TestAccELBV2TrustStoreDataSource_basic
=== RUN   TestAccELBV2TrustStore_basic
=== PAUSE TestAccELBV2TrustStore_basic
=== RUN   TestAccELBV2TrustStore_tags
=== PAUSE TestAccELBV2TrustStore_tags
=== CONT  TestAccELBV2TrustStoreDataSource_basic
=== CONT  TestAccELBV2TrustStore_tags
=== CONT  TestAccELBV2TrustStore_basic
--- PASS: TestAccELBV2TrustStore_basic (42.30s)
--- PASS: TestAccELBV2TrustStoreDataSource_basic (54.86s)
--- PASS: TestAccELBV2TrustStore_tags (74.31s)
PASS
make testacc TESTS=TestAccELBV2Listener_mutualAuthentication PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20 -run='TestAccELBV2Listener_mutualAuthentication'  -timeout 360m
=== RUN   TestAccELBV2Listener_mutualAuthentication
=== PAUSE TestAccELBV2Listener_mutualAuthentication
=== CONT  TestAccELBV2Listener_mutualAuthentication
--- PASS: TestAccELBV2Listener_mutualAuthentication (208.61s)
PASS
make testacc TESTS=TestAccELBV2Listener_Protocol_https PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20 -run='TestAccELBV2Listener_Protocol_https'  -timeout 360m
=== RUN   TestAccELBV2Listener_Protocol_https
=== PAUSE TestAccELBV2Listener_Protocol_https
=== CONT  TestAccELBV2Listener_Protocol_https
--- PASS: TestAccELBV2Listener_Protocol_https (206.83s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	206.900s

make testacc TESTS=TestAccELBV2TrustStoreRevocation_basic PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20 -run='TestAccELBV2TrustStoreRevocation_basic'  -timeout 360m
=== RUN   TestAccELBV2TrustStoreRevocation_basic
=== PAUSE TestAccELBV2TrustStoreRevocation_basic
=== CONT  TestAccELBV2TrustStoreRevocation_basic
--- PASS: TestAccELBV2TrustStoreRevocation_basic (42.59s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	42.655s

@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/elbv2 Issues and PRs that pertain to the elbv2 service. generators Relates to code generators. labels Nov 27, 2023
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Nov 27, 2023
@matt-mercer matt-mercer marked this pull request as draft November 28, 2023 13:53
@github-actions github-actions bot added linter Pertains to changes to or issues with the various linters. repository Repository modifications; GitHub Actions, developer docs, issue templates, codeowners, changelog. github_actions Pull requests that update Github_actions code labels Nov 28, 2023
@matt-mercer matt-mercer changed the title wip: ELB Trust Store resource and Listener MutualAuthentication attributes wip: ELBv2 Trust Store resource and Listener MutualAuthentication attributes Nov 28, 2023
@matt-mercer matt-mercer changed the title wip: ELBv2 Trust Store resource and Listener MutualAuthentication attributes f: ELBv2 Trust Store resource and Listener MutualAuthentication attributes Nov 28, 2023
@matt-mercer matt-mercer marked this pull request as ready for review November 28, 2023 21:08
@matt-mercer matt-mercer mentioned this pull request Nov 29, 2023
Closed
@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Nov 30, 2023
@ewbankkit ewbankkit self-assigned this Nov 30, 2023
@ewbankkit
Merge branch 'main' into HEAD
212be37
@ewbankkit
Tweak CHANGELOG entries.
c051e33
@ewbankkit
elbv2: Add 'findListeners'.
f7de67f
@ewbankkit
d/aws_alb_listener: Test 'mutual_authentication'.
89e26e3
@ewbankkit
r/aws_lb_listener: Alphabetize attributes.
a0b41d1
@ewbankkit
r/aws_lb_trust_store: Tidy up.
4ef43bc
@ewbankkit
r/aws_lb_trust_store: Tidy up acceptance tests.
1458be0
@ewbankkit
Acceptance test output:
cd4a66b 
% make testacc TESTARGS='-run=TestAccELBV2TrustStore_' PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20  -run=TestAccELBV2TrustStore_ -timeout 360m
=== RUN   TestAccELBV2TrustStore_basic
=== PAUSE TestAccELBV2TrustStore_basic
=== RUN   TestAccELBV2TrustStore_tags
=== PAUSE TestAccELBV2TrustStore_tags
=== CONT  TestAccELBV2TrustStore_basic
=== CONT  TestAccELBV2TrustStore_tags
--- PASS: TestAccELBV2TrustStore_basic (51.94s)
--- PASS: TestAccELBV2TrustStore_tags (92.76s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	98.276s
@ewbankkit
r/aws_lb_trust_store: Additional acceptance tests.
06f9bbf
@ewbankkit
d/aws_lb_trust_store: Tidy up.
a9e9679
@ewbankkit
r/aws_lb_trust_store_revocation: Tidy up.
a1a569d
@ewbankkit ewbankkit added new-resource Introduces a new resource. new-data-source Introduces a new data source. labels Nov 30, 2023
ewbankkit
ewbankkit approved these changes Dec 1, 2023
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccELBV2TrustStore_' PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20  -run=TestAccELBV2TrustStore_ -timeout 360m
=== RUN   TestAccELBV2TrustStore_basic
=== PAUSE TestAccELBV2TrustStore_basic
=== RUN   TestAccELBV2TrustStore_disappears
=== PAUSE TestAccELBV2TrustStore_disappears
=== RUN   TestAccELBV2TrustStore_nameGenerated
=== PAUSE TestAccELBV2TrustStore_nameGenerated
=== RUN   TestAccELBV2TrustStore_namePrefix
=== PAUSE TestAccELBV2TrustStore_namePrefix
=== RUN   TestAccELBV2TrustStore_tags
=== PAUSE TestAccELBV2TrustStore_tags
=== CONT  TestAccELBV2TrustStore_basic
=== CONT  TestAccELBV2TrustStore_namePrefix
=== CONT  TestAccELBV2TrustStore_tags
=== CONT  TestAccELBV2TrustStore_nameGenerated
=== CONT  TestAccELBV2TrustStore_disappears
--- PASS: TestAccELBV2TrustStore_disappears (60.53s)
--- PASS: TestAccELBV2TrustStore_namePrefix (62.47s)
--- PASS: TestAccELBV2TrustStore_basic (64.66s)
--- PASS: TestAccELBV2TrustStore_nameGenerated (65.82s)
--- PASS: TestAccELBV2TrustStore_tags (105.17s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	110.716s
% make testacc TESTARGS='-run=TestAccELBV2ListenerDataSource_' PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20  -run=TestAccELBV2ListenerDataSource_ -timeout 360m
=== RUN   TestAccELBV2ListenerDataSource_basic
=== PAUSE TestAccELBV2ListenerDataSource_basic
=== CONT  TestAccELBV2ListenerDataSource_basic
--- PASS: TestAccELBV2ListenerDataSource_basic (224.53s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	229.940s
% make testacc TESTARGS='-run=TestAccELBV2TrustStoreDataSource_' PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20  -run=TestAccELBV2TrustStoreDataSource_ -timeout 360m
=== RUN   TestAccELBV2TrustStoreDataSource_basic
=== PAUSE TestAccELBV2TrustStoreDataSource_basic
=== CONT  TestAccELBV2TrustStoreDataSource_basic
--- PASS: TestAccELBV2TrustStoreDataSource_basic (65.47s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	71.171s
% make testacc TESTARGS='-run=TestAccELBV2TrustStoreRevocation_' PKG=elbv2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 20  -run=TestAccELBV2TrustStoreRevocation_ -timeout 360m
=== RUN   TestAccELBV2TrustStoreRevocation_basic
=== PAUSE TestAccELBV2TrustStoreRevocation_basic
=== CONT  TestAccELBV2TrustStoreRevocation_basic
--- PASS: TestAccELBV2TrustStoreRevocation_basic (49.42s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	55.071s
% make testacc TESTARGS='-run=TestAccELBV2Listener_' PKG=elbv2 ACCTEST_PARALLELISM=3
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/elbv2/... -v -count 1 -parallel 3  -run=TestAccELBV2Listener_ -timeout 360m
=== RUN   TestAccELBV2Listener_basic
=== PAUSE TestAccELBV2Listener_basic
=== RUN   TestAccELBV2Listener_tags
=== PAUSE TestAccELBV2Listener_tags
=== RUN   TestAccELBV2Listener_forwardWeighted
=== PAUSE TestAccELBV2Listener_forwardWeighted
=== RUN   TestAccELBV2Listener_Protocol_upd
=== PAUSE TestAccELBV2Listener_Protocol_upd
=== RUN   TestAccELBV2Listener_backwardsCompatibility
=== PAUSE TestAccELBV2Listener_backwardsCompatibility
=== RUN   TestAccELBV2Listener_Protocol_https
=== PAUSE TestAccELBV2Listener_Protocol_https
=== RUN   TestAccELBV2Listener_mutualAuthentication
=== PAUSE TestAccELBV2Listener_mutualAuthentication
=== RUN   TestAccELBV2Listener_LoadBalancerARN_gatewayLoadBalancer
=== PAUSE TestAccELBV2Listener_LoadBalancerARN_gatewayLoadBalancer
=== RUN   TestAccELBV2Listener_Protocol_tls
=== PAUSE TestAccELBV2Listener_Protocol_tls
=== RUN   TestAccELBV2Listener_redirect
=== PAUSE TestAccELBV2Listener_redirect
=== RUN   TestAccELBV2Listener_fixedResponse
=== PAUSE TestAccELBV2Listener_fixedResponse
=== RUN   TestAccELBV2Listener_cognito
=== PAUSE TestAccELBV2Listener_cognito
=== RUN   TestAccELBV2Listener_oidc
=== PAUSE TestAccELBV2Listener_oidc
=== RUN   TestAccELBV2Listener_DefaultAction_order
=== PAUSE TestAccELBV2Listener_DefaultAction_order
=== RUN   TestAccELBV2Listener_DefaultAction_orderRecreates
=== PAUSE TestAccELBV2Listener_DefaultAction_orderRecreates
=== CONT  TestAccELBV2Listener_basic
=== CONT  TestAccELBV2Listener_Protocol_tls
=== CONT  TestAccELBV2Listener_backwardsCompatibility
--- PASS: TestAccELBV2Listener_basic (211.57s)
=== CONT  TestAccELBV2Listener_LoadBalancerARN_gatewayLoadBalancer
--- PASS: TestAccELBV2Listener_backwardsCompatibility (221.95s)
=== CONT  TestAccELBV2Listener_mutualAuthentication
--- PASS: TestAccELBV2Listener_Protocol_tls (328.96s)
=== CONT  TestAccELBV2Listener_Protocol_https
--- PASS: TestAccELBV2Listener_LoadBalancerARN_gatewayLoadBalancer (217.90s)
=== CONT  TestAccELBV2Listener_oidc
--- PASS: TestAccELBV2Listener_mutualAuthentication (230.62s)
=== CONT  TestAccELBV2Listener_DefaultAction_orderRecreates
--- PASS: TestAccELBV2Listener_Protocol_https (232.21s)
=== CONT  TestAccELBV2Listener_DefaultAction_order
--- PASS: TestAccELBV2Listener_oidc (217.31s)
=== CONT  TestAccELBV2Listener_forwardWeighted
--- PASS: TestAccELBV2Listener_DefaultAction_orderRecreates (216.88s)
=== CONT  TestAccELBV2Listener_Protocol_upd
--- PASS: TestAccELBV2Listener_DefaultAction_order (208.15s)
=== CONT  TestAccELBV2Listener_fixedResponse
--- PASS: TestAccELBV2Listener_Protocol_upd (233.11s)
=== CONT  TestAccELBV2Listener_cognito
--- PASS: TestAccELBV2Listener_forwardWeighted (263.54s)
=== CONT  TestAccELBV2Listener_tags
--- PASS: TestAccELBV2Listener_fixedResponse (219.49s)
=== CONT  TestAccELBV2Listener_redirect
--- PASS: TestAccELBV2Listener_cognito (218.23s)
--- PASS: TestAccELBV2Listener_tags (258.48s)
--- PASS: TestAccELBV2Listener_redirect (236.13s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/elbv2	1230.926s

@ewbankkit
Copy link
Contributor

@matt-mercer Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 3c4cb52 into hashicorp:main Dec 1, 2023
46 checks passed
@github-actions github-actions bot added this to the v5.30.0 milestone Dec 1, 2023
@matt-mercer matt-mercer deleted the f-add-lb-trust-store-and-listener-support branch December 4, 2023 10:57
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 7, 2023

This functionality has been released in v5.30.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@dpirotte dpirotte mentioned this pull request Dec 11, 2023
Merged
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 7, 2024

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@ewbankkit ewbankkit

Labels
documentation Introduces or discusses updates to documentation. generators Relates to code generators. github_actions Pull requests that update Github_actions code linter Pertains to changes to or issues with the various linters. new-data-source Introduces a new data source. new-resource Introduces a new resource. repository Repository modifications; GitHub Actions, developer docs, issue templates, codeowners, changelog. service/elbv2 Issues and PRs that pertain to the elbv2 service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.30.0
Development

Successfully merging this pull request may close these issues.

[New]: ALB Mutual Authentication
2 participants
@matt-mercer @ewbankkit