Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bugfix: Lake Formation permissions/permissions_with_grant_option type #38047

Merged
merged 7 commits into from
Dec 13, 2024

Conversation

diofeher
Copy link
Contributor

@diofeher diofeher commented Jun 19, 2024

When Lake Formation permissions are set without alphabetical order, every time a new Terraform apply is made, these resources are recreated. This can revoke permissions for long-running Glue jobs, causing significant production problems.

To resolve this issue, instead of using a list of strings, a set should be used.

Description:

Description

IMPORTANT: I've modified the existing test:
TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus
changing the order of the permissions arguments because it wasn't needed to add a new test

To reproduce this error, you need to create an AWS Lake Formation permission with the following code:

data "aws_partition" "current" {}

resource "aws_iam_role" "test" {
  name = "test"
  path = "/"

  assume_role_policy = jsonencode({
    Statement = [{
      Action = "sts:AssumeRole"
      Effect = "Allow"
      Principal = {
        Service = "glue.${data.aws_partition.current.dns_suffix}"
      }
    }]
    Version = "2012-10-17"
  })
}

resource "aws_glue_catalog_database" "test" {
  name = "test"
}

resource "aws_glue_catalog_table" "test" {
  name          = "test"
  database_name = aws_glue_catalog_database.test.name

  storage_descriptor {
    columns {
      name = "event"
      type = "string"
    }

    columns {
      name = "timestamp"
      type = "date"
    }

    columns {
      name = "value"
      type = "double"
    }
  }
}

data "aws_caller_identity" "current" {}

data "aws_iam_session_context" "current" {
  arn = data.aws_caller_identity.current.arn
}

resource "aws_lakeformation_data_lake_settings" "test" {
  admins = [data.aws_iam_session_context.current.issuer_arn]
}

resource "aws_lakeformation_permissions" "test" {
  permissions = ["SELECT", "ALTER", "DELETE", "DESCRIBE", "DROP", "INSERT", "ALL"]
  principal   = aws_iam_role.test.arn

  table_with_columns {
    database_name = aws_glue_catalog_table.test.database_name
    name          = aws_glue_catalog_table.test.name
    wildcard      = true
  }

  # for consistency, ensure that admins are setup before testing
  depends_on = [aws_lakeformation_data_lake_settings.test]
}

The critical issue lies in the order of permissions. If "SELECT" is not the first member, it may conflict when permissions are returned from the provider, potentially causing the resource to be replaced when applying the new configuration.

Relations

Relates to #33023
Closes #31096 and #22570

References

Output from Acceptance Testing

Before:

make testacc TESTS=TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus PKG=lakeformation
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/lakeformation/... -v -count 1 -parallel 20 -run='TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus'  -timeout 360m
=== RUN   TestAccLakeFormation_serial
=== PAUSE TestAccLakeFormation_serial
=== CONT  TestAccLakeFormation_serial
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus
    permissions_test.go:793: Step 1/1 error: After applying this test step, the non-refresh plan was not empty.
        stdout:


        Terraform used the selected providers to generate the following execution
        plan. Resource actions are indicated with the following symbols:
        -/+ destroy and then create replacement

        Terraform will perform the following actions:

          # aws_lakeformation_permissions.test must be replaced
        -/+ resource "aws_lakeformation_permissions" "test" {
              ~ id                            = "2278287602" -> (known after apply)
              ~ permissions                   = [ # forces replacement
                  - "ALL",
                  + "SELECT",
                    "ALTER",
                    # (3 unchanged elements hidden)
                    "INSERT",
                  - "SELECT",
                  + "ALL",
                ]
              ~ permissions_with_grant_option = [] -> (known after apply)
                # (2 unchanged attributes hidden)

              ~ table_with_columns {
                  ~ catalog_id    = "705532038218" -> (known after apply)
                    name          = "tf-acc-test-3155428143271683347"
                    # (2 unchanged attributes hidden)
                }
            }

        Plan: 1 to add, 0 to change, 1 to destroy.
--- FAIL: TestAccLakeFormation_serial (104.61s)
    --- FAIL: TestAccLakeFormation_serial/PermissionsTableWithColumns (104.61s)
        --- FAIL: TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus (104.61s)
FAIL
FAIL	github.com/hashicorp/terraform-provider-aws/internal/service/lakeformation108.955s
FAIL

After:

% make testacc TESTS=TestAccLakeFormation_serial PKG=lakeformation
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/lakeformation/... -v -count 1 -parallel 20 -run='TestAccLakeFormation_serial'  -timeout 360m
=== RUN   TestAccLakeFormation_serial
=== PAUSE TestAccLakeFormation_serial
=== CONT  TestAccLakeFormation_serial
=== RUN   TestAccLakeFormation_serial/DataLakeSettings
=== RUN   TestAccLakeFormation_serial/DataLakeSettings/basic
=== RUN   TestAccLakeFormation_serial/DataLakeSettings/disappears
=== RUN   TestAccLakeFormation_serial/DataLakeSettings/withoutCatalogId
=== RUN   TestAccLakeFormation_serial/DataLakeSettings/readOnlyAdmins
=== RUN   TestAccLakeFormation_serial/DataCellsFilter
=== RUN   TestAccLakeFormation_serial/DataCellsFilter/rowFilter
=== RUN   TestAccLakeFormation_serial/DataCellsFilter/basic
=== RUN   TestAccLakeFormation_serial/DataCellsFilter/columnWildcard
=== RUN   TestAccLakeFormation_serial/DataCellsFilter/disappears
=== RUN   TestAccLakeFormation_serial/DataLakeSettingsDataSource
=== RUN   TestAccLakeFormation_serial/DataLakeSettingsDataSource/basic
=== RUN   TestAccLakeFormation_serial/DataLakeSettingsDataSource/readOnlyAdmins
=== RUN   TestAccLakeFormation_serial/ResourceLFTag
=== RUN   TestAccLakeFormation_serial/ResourceLFTag/table
=== RUN   TestAccLakeFormation_serial/ResourceLFTag/tableWithColumns
=== RUN   TestAccLakeFormation_serial/ResourceLFTag/basic
=== RUN   TestAccLakeFormation_serial/ResourceLFTag/disappears
=== RUN   TestAccLakeFormation_serial/ResourceLFTags
=== RUN   TestAccLakeFormation_serial/ResourceLFTags/database
=== RUN   TestAccLakeFormation_serial/ResourceLFTags/databaseMultipleTags
=== RUN   TestAccLakeFormation_serial/ResourceLFTags/disappears
=== RUN   TestAccLakeFormation_serial/ResourceLFTags/hierarchy
=== RUN   TestAccLakeFormation_serial/ResourceLFTags/table
=== RUN   TestAccLakeFormation_serial/ResourceLFTags/tableWithColumns
=== RUN   TestAccLakeFormation_serial/ResourceLFTags/basic
=== RUN   TestAccLakeFormation_serial/PermissionsBasic
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/basic
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/disappears
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/lfTag
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/dataCellsFilter
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/dataLocation
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/lfTagPolicy
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/lfTagPolicyMultiple
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/database
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/databaseIAMAllowed
=== RUN   TestAccLakeFormation_serial/PermissionsBasic/databaseMultiple
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/lfTagPolicy
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/table
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/tableWithColumns
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/basic
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/dataCellsFilter
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/database
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/dataLocation
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/lfTag
=== RUN   TestAccLakeFormation_serial/PermissionsTable
=== RUN   TestAccLakeFormation_serial/PermissionsTable/wildcardNoSelect
=== RUN   TestAccLakeFormation_serial/PermissionsTable/wildcardSelectOnly
=== RUN   TestAccLakeFormation_serial/PermissionsTable/wildcardSelectPlus
=== RUN   TestAccLakeFormation_serial/PermissionsTable/basic
=== RUN   TestAccLakeFormation_serial/PermissionsTable/multipleRoles
=== RUN   TestAccLakeFormation_serial/PermissionsTable/selectOnly
=== RUN   TestAccLakeFormation_serial/PermissionsTable/selectPlus
=== RUN   TestAccLakeFormation_serial/PermissionsTable/iamAllowed
=== RUN   TestAccLakeFormation_serial/PermissionsTable/implicit
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns/basic
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns/implicit
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardExcludedColumns
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectOnly
=== RUN   TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus
=== RUN   TestAccLakeFormation_serial/LFTags
=== RUN   TestAccLakeFormation_serial/LFTags/tagKeyComplex
=== RUN   TestAccLakeFormation_serial/LFTags/values
=== RUN   TestAccLakeFormation_serial/LFTags/valuesOverFifty
=== RUN   TestAccLakeFormation_serial/LFTags/basic
=== RUN   TestAccLakeFormation_serial/LFTags/disappears
--- PASS: TestAccLakeFormation_serial (7240.73s)
    --- PASS: TestAccLakeFormation_serial/DataLakeSettings (264.16s)
        --- PASS: TestAccLakeFormation_serial/DataLakeSettings/basic (74.82s)
        --- PASS: TestAccLakeFormation_serial/DataLakeSettings/disappears (76.69s)
        --- PASS: TestAccLakeFormation_serial/DataLakeSettings/withoutCatalogId (52.83s)
        --- PASS: TestAccLakeFormation_serial/DataLakeSettings/readOnlyAdmins (59.81s)
    --- PASS: TestAccLakeFormation_serial/DataCellsFilter (540.33s)
        --- PASS: TestAccLakeFormation_serial/DataCellsFilter/rowFilter (188.40s)
        --- PASS: TestAccLakeFormation_serial/DataCellsFilter/basic (120.02s)
        --- PASS: TestAccLakeFormation_serial/DataCellsFilter/columnWildcard (113.63s)
        --- PASS: TestAccLakeFormation_serial/DataCellsFilter/disappears (118.28s)
    --- PASS: TestAccLakeFormation_serial/DataLakeSettingsDataSource (147.07s)
        --- PASS: TestAccLakeFormation_serial/DataLakeSettingsDataSource/basic (73.25s)
        --- PASS: TestAccLakeFormation_serial/DataLakeSettingsDataSource/readOnlyAdmins (73.82s)
    --- PASS: TestAccLakeFormation_serial/ResourceLFTag (426.95s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTag/table (109.88s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTag/tableWithColumns (110.39s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTag/basic (101.09s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTag/disappears (105.59s)
    --- PASS: TestAccLakeFormation_serial/ResourceLFTags (1197.02s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTags/database (161.35s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTags/databaseMultipleTags (184.32s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTags/disappears (106.39s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTags/hierarchy (244.67s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTags/table (186.81s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTags/tableWithColumns (211.36s)
        --- PASS: TestAccLakeFormation_serial/ResourceLFTags/basic (102.11s)
    --- PASS: TestAccLakeFormation_serial/PermissionsBasic (1234.98s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/basic (87.77s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/disappears (177.58s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/lfTag (109.32s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/dataCellsFilter (156.93s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/dataLocation (111.31s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/lfTagPolicy (111.25s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/lfTagPolicyMultiple (141.03s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/database (100.00s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/databaseIAMAllowed (119.13s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/databaseMultiple (120.66s)
    --- PASS: TestAccLakeFormation_serial/PermissionsDataSource (1120.94s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/lfTagPolicy (141.83s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/table (146.15s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/tableWithColumns (140.22s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/basic (106.29s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/dataCellsFilter (196.25s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/database (127.34s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/dataLocation (128.38s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/lfTag (134.48s)
    --- PASS: TestAccLakeFormation_serial/PermissionsTable (1042.60s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/wildcardNoSelect (101.73s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/wildcardSelectOnly (107.02s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/wildcardSelectPlus (108.67s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/basic (114.05s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/multipleRoles (132.32s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/selectOnly (113.97s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/selectPlus (115.26s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/iamAllowed (121.88s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTable/implicit (127.69s)
    --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns (801.39s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/basic (332.61s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/implicit (125.43s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardExcludedColumns (114.26s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectOnly (115.10s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus (113.99s)
    --- PASS: TestAccLakeFormation_serial/LFTags (465.29s)
        --- PASS: TestAccLakeFormation_serial/LFTags/tagKeyComplex (63.42s)
        --- PASS: TestAccLakeFormation_serial/LFTags/values (112.83s)
        --- PASS: TestAccLakeFormation_serial/LFTags/valuesOverFifty (151.70s)
        --- PASS: TestAccLakeFormation_serial/LFTags/basic (70.57s)
        --- PASS: TestAccLakeFormation_serial/LFTags/disappears (66.75s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/lakeformation7244.980s
...

@diofeher diofeher requested a review from a team as a code owner June 19, 2024 22:18
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XS Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/lakeformation Issues and PRs that pertain to the lakeformation service. labels Jun 19, 2024
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Jun 19, 2024
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @diofeher 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@diofeher diofeher changed the title bugfix: Permissions dont need to be a list, because the order does no… bugfix: Lake Formation permissions/permissions_with_grant_option type Jun 19, 2024
@diofeher diofeher marked this pull request as draft June 19, 2024 22:27
@diofeher diofeher marked this pull request as ready for review June 19, 2024 23:09
@github-actions github-actions bot added size/M Managed by automation to categorize the size of a PR. and removed size/XS Managed by automation to categorize the size of a PR. labels Jun 20, 2024
@justinretzolk justinretzolk added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Jun 25, 2024
Copy link
Contributor

@johnsonaj johnsonaj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

% make testacc TESTARGS="-run=TestAccLakeFormation_serial/PermissionsBasic/\|TestAccLakeFormation_serial/PermissionsTableWithColumns/" PKG=lakeformation

make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.3 test ./internal/service/lakeformation/... -v -count 1 -parallel 20  -run=TestAccLakeFormation_serial/PermissionsBasic/\|TestAccLakeFormation_serial/PermissionsTableWithColumns/ -timeout 360m
2024/12/12 16:04:41 Initializing Terraform AWS Provider...
--- PASS: TestAccLakeFormation_serial (435.92s)
    --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns (131.88s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardExcludedColumns (23.02s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectOnly (22.00s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/wildcardSelectPlus (18.57s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/basic (47.03s)
        --- PASS: TestAccLakeFormation_serial/PermissionsTableWithColumns/implicit (21.26s)
    --- PASS: TestAccLakeFormation_serial/PermissionsBasic (304.03s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/basic (23.03s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/database (21.22s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/databaseMultiple (21.24s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/dataLocation (23.03s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/lfTagPolicy (20.53s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/databaseIAMAllowed (43.52s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/dataCellsFilter (23.68s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/disappears (84.38s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/lfTag (21.53s)
        --- PASS: TestAccLakeFormation_serial/PermissionsBasic/lfTagPolicyMultiple (21.87s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/lakeformation	442.222s
% make testacc TESTARGS="-run=TestAccLakeFormation_serial/PermissionsDataSource/" PKG=lakeformation

make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.3 test ./internal/service/lakeformation/... -v -count 1 -parallel 20  -run=TestAccLakeFormation_serial/PermissionsDataSource/ -timeout 360m
2024/12/12 16:26:23 Initializing Terraform AWS Provider...
--- PASS: TestAccLakeFormation_serial (184.87s)
    --- PASS: TestAccLakeFormation_serial/PermissionsDataSource (184.87s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/dataCellsFilter (25.04s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/database (22.44s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/dataLocation (25.17s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/lfTag (22.00s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/lfTagPolicy (21.33s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/table (23.59s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/tableWithColumns (23.34s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/basic (21.96s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/lakeformation	191.289s

Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccLakeFormation_serial/^PermissionsDataSource$$' PKG=lakeformation
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.3 test ./internal/service/lakeformation/... -v -count 1 -parallel 20  -run=TestAccLakeFormation_serial/^PermissionsDataSource$ -timeout 360m
2024/12/13 09:03:43 Initializing Terraform AWS Provider...
=== RUN   TestAccLakeFormation_serial
=== PAUSE TestAccLakeFormation_serial
=== CONT  TestAccLakeFormation_serial
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/lfTagPolicy
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/table
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/tableWithColumns
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/basic
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/dataCellsFilter
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/database
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/dataLocation
=== RUN   TestAccLakeFormation_serial/PermissionsDataSource/lfTag
--- PASS: TestAccLakeFormation_serial (170.89s)
    --- PASS: TestAccLakeFormation_serial/PermissionsDataSource (170.89s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/lfTagPolicy (21.85s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/table (19.90s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/tableWithColumns (22.76s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/basic (20.04s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/dataCellsFilter (23.97s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/database (21.70s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/dataLocation (20.16s)
        --- PASS: TestAccLakeFormation_serial/PermissionsDataSource/lfTag (20.50s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/lakeformation	176.378s

@johnsonaj
Copy link
Contributor

@diofeher thank you for the contribution! 🎉

@johnsonaj johnsonaj merged commit d9f982c into hashicorp:main Dec 13, 2024
35 checks passed
@github-actions github-actions bot added this to the v5.82.0 milestone Dec 13, 2024
@diofeher diofeher deleted the b-lake-formation-permissions branch December 13, 2024 15:53
@diofeher
Copy link
Contributor Author

Nice to see this one being merged :) Thanks @johnsonaj and @ewbankkit

Copy link

This functionality has been released in v5.82.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Addresses a defect in current functionality. service/lakeformation Issues and PRs that pertain to the lakeformation service. size/M Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Bug]: Lake Formation Resource Permission parameters need to be Lexical order
4 participants