resource/aws_network_acl: Fix issue where updating nacl subnet assoca… #13382
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…tions fails with InvalidAassociationID.NotFound
ghost
added
size/XS
|
@scottclk Thanks for this. |
|
@ewbankkit no problem. I'm happy to add another acceptance test but the existing TestAccAWSNetworkAcl_SubnetChange represents the issue this fix resolves. |
|
@scottlk Thanks. $ make testacc TEST=./aws/ TESTARGS='-run=TestAccAWSNetworkAcl_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 2 -run=TestAccAWSNetworkAcl_ -timeout 120m
=== RUN TestAccAWSNetworkAcl_basic
=== PAUSE TestAccAWSNetworkAcl_basic
=== RUN TestAccAWSNetworkAcl_disappears
=== PAUSE TestAccAWSNetworkAcl_disappears
=== RUN TestAccAWSNetworkAcl_Egress_ConfigMode
=== PAUSE TestAccAWSNetworkAcl_Egress_ConfigMode
=== RUN TestAccAWSNetworkAcl_Ingress_ConfigMode
=== PAUSE TestAccAWSNetworkAcl_Ingress_ConfigMode
=== RUN TestAccAWSNetworkAcl_EgressAndIngressRules
=== PAUSE TestAccAWSNetworkAcl_EgressAndIngressRules
=== RUN TestAccAWSNetworkAcl_OnlyIngressRules_basic
=== PAUSE TestAccAWSNetworkAcl_OnlyIngressRules_basic
=== RUN TestAccAWSNetworkAcl_OnlyIngressRules_update
=== PAUSE TestAccAWSNetworkAcl_OnlyIngressRules_update
=== RUN TestAccAWSNetworkAcl_CaseSensitivityNoChanges
=== PAUSE TestAccAWSNetworkAcl_CaseSensitivityNoChanges
=== RUN TestAccAWSNetworkAcl_OnlyEgressRules
=== PAUSE TestAccAWSNetworkAcl_OnlyEgressRules
=== RUN TestAccAWSNetworkAcl_SubnetChange
=== PAUSE TestAccAWSNetworkAcl_SubnetChange
=== RUN TestAccAWSNetworkAcl_Subnets
=== PAUSE TestAccAWSNetworkAcl_Subnets
=== RUN TestAccAWSNetworkAcl_SubnetsDelete
=== PAUSE TestAccAWSNetworkAcl_SubnetsDelete
=== RUN TestAccAWSNetworkAcl_ipv6Rules
=== PAUSE TestAccAWSNetworkAcl_ipv6Rules
=== RUN TestAccAWSNetworkAcl_ipv6ICMPRules
=== PAUSE TestAccAWSNetworkAcl_ipv6ICMPRules
=== RUN TestAccAWSNetworkAcl_ipv6VpcRules
=== PAUSE TestAccAWSNetworkAcl_ipv6VpcRules
=== RUN TestAccAWSNetworkAcl_espProtocol
=== PAUSE TestAccAWSNetworkAcl_espProtocol
=== CONT TestAccAWSNetworkAcl_basic
=== CONT TestAccAWSNetworkAcl_SubnetChange
--- PASS: TestAccAWSNetworkAcl_basic (39.22s)
=== CONT TestAccAWSNetworkAcl_espProtocol
--- FAIL: TestAccAWSNetworkAcl_SubnetChange (55.73s)
testing.go:683: Step 2 error: errors during apply:
Error: InvalidAssociationID.NotFound: The association ID 'aclassoc-04b39ad18b9c15ead' does not exist
status code: 400, request id: 1575b133-8f55-48e7-95bc-e76def5b494f
on /tmp/tf-test368273622/main.tf line 27:
(source code not available)
=== CONT TestAccAWSNetworkAcl_ipv6VpcRules
--- PASS: TestAccAWSNetworkAcl_espProtocol (37.56s)
=== CONT TestAccAWSNetworkAcl_ipv6ICMPRules
--- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (37.97s)
=== CONT TestAccAWSNetworkAcl_ipv6Rules
--- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (34.13s)
=== CONT TestAccAWSNetworkAcl_SubnetsDelete
--- PASS: TestAccAWSNetworkAcl_ipv6Rules (44.59s)
=== CONT TestAccAWSNetworkAcl_Subnets
--- FAIL: TestAccAWSNetworkAcl_SubnetsDelete (58.86s)
testing.go:683: Step 2 error: errors during apply:
Error: InvalidAssociationID.NotFound: The association ID 'aclassoc-0184c54e453ac4c77' does not exist
status code: 400, request id: 7938a875-9389-4264-bec7-20684e467ebe
on /tmp/tf-test876147878/main.tf line 17:
(source code not available)
=== CONT TestAccAWSNetworkAcl_EgressAndIngressRules
--- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (37.61s)
=== CONT TestAccAWSNetworkAcl_OnlyEgressRules
--- PASS: TestAccAWSNetworkAcl_Subnets (76.68s)
=== CONT TestAccAWSNetworkAcl_CaseSensitivityNoChanges
--- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (38.94s)
=== CONT TestAccAWSNetworkAcl_OnlyIngressRules_update
--- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (45.41s)
=== CONT TestAccAWSNetworkAcl_OnlyIngressRules_basic
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (44.81s)
=== CONT TestAccAWSNetworkAcl_Ingress_ConfigMode
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (68.44s)
=== CONT TestAccAWSNetworkAcl_Egress_ConfigMode
--- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (88.69s)
=== CONT TestAccAWSNetworkAcl_disappears
--- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (87.78s)
--- PASS: TestAccAWSNetworkAcl_disappears (37.22s)
FAIL
FAIL github.com/terraform-providers/terraform-provider-aws/aws 431.156s
FAIL
GNUmakefile:26: recipe for target 'testacc' failed
make: *** [testacc] Error 1but with the fix, they all pass: $ make testacc TEST=./aws/ TESTARGS='-run=TestAccAWSNetworkAcl_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 2 -run=TestAccAWSNetworkAcl_ -timeout 120m
=== RUN TestAccAWSNetworkAcl_basic
=== PAUSE TestAccAWSNetworkAcl_basic
=== RUN TestAccAWSNetworkAcl_disappears
=== PAUSE TestAccAWSNetworkAcl_disappears
=== RUN TestAccAWSNetworkAcl_Egress_ConfigMode
=== PAUSE TestAccAWSNetworkAcl_Egress_ConfigMode
=== RUN TestAccAWSNetworkAcl_Ingress_ConfigMode
=== PAUSE TestAccAWSNetworkAcl_Ingress_ConfigMode
=== RUN TestAccAWSNetworkAcl_EgressAndIngressRules
=== PAUSE TestAccAWSNetworkAcl_EgressAndIngressRules
=== RUN TestAccAWSNetworkAcl_OnlyIngressRules_basic
=== PAUSE TestAccAWSNetworkAcl_OnlyIngressRules_basic
=== RUN TestAccAWSNetworkAcl_OnlyIngressRules_update
=== PAUSE TestAccAWSNetworkAcl_OnlyIngressRules_update
=== RUN TestAccAWSNetworkAcl_CaseSensitivityNoChanges
=== PAUSE TestAccAWSNetworkAcl_CaseSensitivityNoChanges
=== RUN TestAccAWSNetworkAcl_OnlyEgressRules
=== PAUSE TestAccAWSNetworkAcl_OnlyEgressRules
=== RUN TestAccAWSNetworkAcl_SubnetChange
=== PAUSE TestAccAWSNetworkAcl_SubnetChange
=== RUN TestAccAWSNetworkAcl_Subnets
=== PAUSE TestAccAWSNetworkAcl_Subnets
=== RUN TestAccAWSNetworkAcl_SubnetsDelete
=== PAUSE TestAccAWSNetworkAcl_SubnetsDelete
=== RUN TestAccAWSNetworkAcl_ipv6Rules
=== PAUSE TestAccAWSNetworkAcl_ipv6Rules
=== RUN TestAccAWSNetworkAcl_ipv6ICMPRules
=== PAUSE TestAccAWSNetworkAcl_ipv6ICMPRules
=== RUN TestAccAWSNetworkAcl_ipv6VpcRules
=== PAUSE TestAccAWSNetworkAcl_ipv6VpcRules
=== RUN TestAccAWSNetworkAcl_espProtocol
=== PAUSE TestAccAWSNetworkAcl_espProtocol
=== CONT TestAccAWSNetworkAcl_basic
=== CONT TestAccAWSNetworkAcl_SubnetChange
--- PASS: TestAccAWSNetworkAcl_basic (38.95s)
=== CONT TestAccAWSNetworkAcl_espProtocol
--- PASS: TestAccAWSNetworkAcl_SubnetChange (71.46s)
=== CONT TestAccAWSNetworkAcl_ipv6VpcRules
--- PASS: TestAccAWSNetworkAcl_espProtocol (37.47s)
=== CONT TestAccAWSNetworkAcl_ipv6ICMPRules
--- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (38.15s)
=== CONT TestAccAWSNetworkAcl_ipv6Rules
--- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (35.22s)
=== CONT TestAccAWSNetworkAcl_SubnetsDelete
--- PASS: TestAccAWSNetworkAcl_ipv6Rules (44.27s)
=== CONT TestAccAWSNetworkAcl_Subnets
--- PASS: TestAccAWSNetworkAcl_SubnetsDelete (69.66s)
=== CONT TestAccAWSNetworkAcl_OnlyIngressRules_basic
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (44.84s)
=== CONT TestAccAWSNetworkAcl_OnlyEgressRules
--- PASS: TestAccAWSNetworkAcl_Subnets (76.75s)
=== CONT TestAccAWSNetworkAcl_CaseSensitivityNoChanges
--- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (39.20s)
=== CONT TestAccAWSNetworkAcl_OnlyIngressRules_update
--- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (44.53s)
=== CONT TestAccAWSNetworkAcl_Ingress_ConfigMode
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (68.40s)
=== CONT TestAccAWSNetworkAcl_EgressAndIngressRules
--- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (88.09s)
=== CONT TestAccAWSNetworkAcl_Egress_ConfigMode
--- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (38.65s)
=== CONT TestAccAWSNetworkAcl_disappears
--- PASS: TestAccAWSNetworkAcl_disappears (36.19s)
--- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (89.03s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 452.343s |
bflad
added
bug
bflad
reviewed
May 20, 2020
aws/resource_aws_network_acl.go
Outdated
| _, err = conn.ReplaceNetworkAclAssociation(&ec2.ReplaceNetworkAclAssociationInput{ | ||
| AssociationId: association.NetworkAclAssociationId, | ||
| NetworkAclId: defaultAcl.NetworkAclId, | ||
| }) | ||
| if err != nil { | ||
| return err | ||
| if isAWSErr(err, "InvalidAssociationID.NotFound", "") { | ||
| return nil |
There was a problem hiding this comment.
This should be continue so the for loop and the rest of the resourceAwsNetworkAclUpdate function will process. 👍
Suggested change
| return nil | |
| continue |
There was a problem hiding this comment.
(or update the if err != nil line to if err != nil && !isAWSErr(err, "InvalidAssociationID.NotFound", ""))
There was a problem hiding this comment.
Good catch thanks for your feedback 👍
bflad
added
the
waiting-response
bflad
added a commit
that referenced
this pull request
May 20, 2020
Reference: #13408 While this resource was not actually performing multiple resource import, the commented code was showing up in searches for it (via `.SetType()`). As an added bonus to the dramatically simpler code (since Terraform automatic refresh during import), this removes the legacy `import_` file. Yay! Output from acceptance testing (see #13382 for fixes to _SubnetsChange and _SubnetsDelete tests): ``` --- PASS: TestAccAWSNetworkAcl_espProtocol (34.51s) --- PASS: TestAccAWSNetworkAcl_basic (35.15s) --- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (36.21s) --- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (37.51s) --- PASS: TestAccAWSNetworkAcl_disappears (37.95s) --- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (38.20s) --- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (38.68s) --- PASS: TestAccAWSNetworkAcl_ipv6Rules (44.12s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (44.86s) --- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (45.01s) --- FAIL: TestAccAWSNetworkAcl_SubnetsDelete (55.50s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (65.91s) --- PASS: TestAccAWSNetworkAcl_SubnetChange (66.79s) --- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (74.44s) --- PASS: TestAccAWSNetworkAcl_Subnets (75.89s) --- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (76.75s) ```
|
@bflad code updated as discussed and double checked all acceptance tests still pass. |
ghost
removed
the
waiting-response
bflad
approved these changes
May 20, 2020
There was a problem hiding this comment.
Looks great, thanks so much @scottclk 🚀
Output from acceptance testing:
--- PASS: TestAccAWSNetworkAcl_basic (37.40s)
--- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (51.54s)
--- PASS: TestAccAWSNetworkAcl_disappears (22.76s)
--- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (75.61s)
--- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (60.15s)
--- PASS: TestAccAWSNetworkAcl_espProtocol (18.73s)
--- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (97.83s)
--- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (36.94s)
--- PASS: TestAccAWSNetworkAcl_ipv6Rules (45.59s)
--- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (27.91s)
--- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (56.36s)
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (52.51s)
--- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (53.47s)
--- PASS: TestAccAWSNetworkAcl_SubnetChange (67.85s)
--- PASS: TestAccAWSNetworkAcl_Subnets (50.49s)
--- PASS: TestAccAWSNetworkAcl_SubnetsDelete (40.37s)
bflad
added a commit
that referenced
this pull request
May 20, 2020
bflad
added a commit
that referenced
this pull request
May 21, 2020
Reference: #13408 While this resource was not actually performing multiple resource import, the commented code was showing up in searches for it (via `.SetType()`). As an added bonus to the dramatically simpler code (since Terraform automatic refresh during import), this removes the legacy `import_` file. Yay! Output from acceptance testing (see #13382 for fixes to _SubnetsChange and _SubnetsDelete tests): ``` --- PASS: TestAccAWSNetworkAcl_espProtocol (34.51s) --- PASS: TestAccAWSNetworkAcl_basic (35.15s) --- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (36.21s) --- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (37.51s) --- PASS: TestAccAWSNetworkAcl_disappears (37.95s) --- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (38.20s) --- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (38.68s) --- PASS: TestAccAWSNetworkAcl_ipv6Rules (44.12s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (44.86s) --- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (45.01s) --- FAIL: TestAccAWSNetworkAcl_SubnetsDelete (55.50s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (65.91s) --- PASS: TestAccAWSNetworkAcl_SubnetChange (66.79s) --- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (74.44s) --- PASS: TestAccAWSNetworkAcl_Subnets (75.89s) --- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (76.75s) ```
|
This has been released in version 2.63.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
adamdecaf
pushed a commit
to adamdecaf/terraform-provider-aws
that referenced
this pull request
May 28, 2020
… returning InvalidAssociationID.NotFound (hashicorp#13382) Output from acceptance testing: ``` --- PASS: TestAccAWSNetworkAcl_basic (37.40s) --- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (51.54s) --- PASS: TestAccAWSNetworkAcl_disappears (22.76s) --- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (75.61s) --- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (60.15s) --- PASS: TestAccAWSNetworkAcl_espProtocol (18.73s) --- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (97.83s) --- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (36.94s) --- PASS: TestAccAWSNetworkAcl_ipv6Rules (45.59s) --- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (27.91s) --- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (56.36s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (52.51s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (53.47s) --- PASS: TestAccAWSNetworkAcl_SubnetChange (67.85s) --- PASS: TestAccAWSNetworkAcl_Subnets (50.49s) --- PASS: TestAccAWSNetworkAcl_SubnetsDelete (40.37s) ```
adamdecaf
pushed a commit
to adamdecaf/terraform-provider-aws
that referenced
this pull request
May 28, 2020
…p#13419) Reference: hashicorp#13408 While this resource was not actually performing multiple resource import, the commented code was showing up in searches for it (via `.SetType()`). As an added bonus to the dramatically simpler code (since Terraform automatic refresh during import), this removes the legacy `import_` file. Yay! Output from acceptance testing (see hashicorp#13382 for fixes to _SubnetsChange and _SubnetsDelete tests): ``` --- PASS: TestAccAWSNetworkAcl_espProtocol (34.51s) --- PASS: TestAccAWSNetworkAcl_basic (35.15s) --- PASS: TestAccAWSNetworkAcl_ipv6ICMPRules (36.21s) --- PASS: TestAccAWSNetworkAcl_OnlyEgressRules (37.51s) --- PASS: TestAccAWSNetworkAcl_disappears (37.95s) --- PASS: TestAccAWSNetworkAcl_EgressAndIngressRules (38.20s) --- PASS: TestAccAWSNetworkAcl_ipv6VpcRules (38.68s) --- PASS: TestAccAWSNetworkAcl_ipv6Rules (44.12s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_basic (44.86s) --- PASS: TestAccAWSNetworkAcl_CaseSensitivityNoChanges (45.01s) --- FAIL: TestAccAWSNetworkAcl_SubnetsDelete (55.50s) --- PASS: TestAccAWSNetworkAcl_OnlyIngressRules_update (65.91s) --- PASS: TestAccAWSNetworkAcl_SubnetChange (66.79s) --- PASS: TestAccAWSNetworkAcl_Egress_ConfigMode (74.44s) --- PASS: TestAccAWSNetworkAcl_Subnets (75.89s) --- PASS: TestAccAWSNetworkAcl_Ingress_ConfigMode (76.75s) ```
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…tions fails with InvalidAssociationID.NotFound
Community Note
Closes #12922
Release note for CHANGELOG:
Acceptance Testing
Before code change:
All Failures have same error:
Output from code change acceptance testing: