Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: aws_cognito_identity_provider update ProviderDetails ActiveEncryptionCertificate on update #36311

Merged
2 commits merged into from
Mar 13, 2024
Merged

fix: aws_cognito_identity_provider update ProviderDetails ActiveEncryptionCertificate on update #36311

2 commits merged into from
Mar 13, 2024

Conversation

jdoetsch-built
Copy link
Contributor

@jdoetsch-built jdoetsch-built commented Mar 12, 2024
edited
Loading

Description

A recent AWS feature release for Cognito added read-only ActiveEncryptionCertificate property to Cognito Identity Provider describe ProviderDetails map. UpdateIdentityProvider API call responds with the following error if ActiveEncryptionCertificate is included in the ProviderDetails map in the request. For example:

Error: Error updating Cognito Identity Provider: InvalidParameterException: ActiveEncryptionCertificate is not a valid key for SAML identity provider details.

If the Terraform plan for aws_cognito_identity_provider includes changes on the provider_details argument then we'll run into the above error during apply.

Relations

Closes #35588

References

AWS announcement for the feature that introduced the API change

Output from Acceptance Testing

$ AWS_DEFAULT_REGION=us-west-1 make testacc TESTS=TestAccCognitoIDPIdentityProvider PKG=cognitoidp

==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cognitoidp/... -v -count 1 -parallel 20 -run='TestAccCognitoIDPIdentityProvider'  -timeout 360m
=== RUN   TestAccCognitoIDPIdentityProvider_basic
=== PAUSE TestAccCognitoIDPIdentityProvider_basic
=== RUN   TestAccCognitoIDPIdentityProvider_idpIdentifiers
=== PAUSE TestAccCognitoIDPIdentityProvider_idpIdentifiers
=== RUN   TestAccCognitoIDPIdentityProvider_disappears
=== PAUSE TestAccCognitoIDPIdentityProvider_disappears
=== RUN   TestAccCognitoIDPIdentityProvider_Disappears_userPool
=== PAUSE TestAccCognitoIDPIdentityProvider_Disappears_userPool
=== CONT  TestAccCognitoIDPIdentityProvider_basic
=== CONT  TestAccCognitoIDPIdentityProvider_disappears
=== CONT  TestAccCognitoIDPIdentityProvider_idpIdentifiers
=== CONT  TestAccCognitoIDPIdentityProvider_Disappears_userPool
--- PASS: TestAccCognitoIDPIdentityProvider_disappears (22.24s)
--- PASS: TestAccCognitoIDPIdentityProvider_Disappears_userPool (22.85s)
--- PASS: TestAccCognitoIDPIdentityProvider_basic (36.34s)
--- PASS: TestAccCognitoIDPIdentityProvider_idpIdentifiers (36.98s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/cognitoidp 43.565s```

@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XS Managed by automation to categorize the size of a PR. service/cognitoidp Issues and PRs that pertain to the cognitoidp service. labels Mar 12, 2024
@github-actions GitHub Actions
Copy link

Hey @jdoetsch-built 👋 Thank you very much for your contribution! At times, our maintainers need to make direct edits to pull requests in order to help get it ready to be merged. Your current settings do not allow maintainers to make such edits. To help facilitate this, update your pull request to allow such edits as described in GitHub's Allowing changes to a pull request branch created from a fork documentation. (If you're using a fork owned by an organization, your organization may not allow you to change this setting. If that is the case, let us know.)

@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Mar 12, 2024
@jdoetsch-built jdoetsch-built changed the title Prevent read-only ActiveEncryptionCertificate property from being use… fix: aws_cognito_identity_provider update ProviderDetails ActiveEncryptionCertificate on update Mar 12, 2024
github-actions[bot]
github-actions bot reviewed Mar 12, 2024
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @jdoetsch-built 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@justinretzolk justinretzolk added bug Addresses a defect in current functionality. enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. bug Addresses a defect in current functionality. enhancement Requests to existing resources that expand the functionality or scope. labels Mar 12, 2024
@jdoetsch-built jdoetsch-built marked this pull request as ready for review March 12, 2024 17:57
@ewbankkit ewbankkit mentioned this pull request Mar 13, 2024
Merged
@ewbankkit
Copy link
Contributor

@jdoetsch-built Thanks for the contribution 🎉 👏.
This work has been rolled into #35236.

ewbankkit
ewbankkit approved these changes Mar 13, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

Without fix
% make testacc TESTARGS='-run=TestAccCognitoIDPIdentityProvider_saml' PKG=cognitoidp
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cognitoidp/... -v -count 1 -parallel 20  -run=TestAccCognitoIDPIdentityProvider_saml -timeout 360m
=== RUN   TestAccCognitoIDPIdentityProvider_saml
=== PAUSE TestAccCognitoIDPIdentityProvider_saml
=== CONT  TestAccCognitoIDPIdentityProvider_saml
    identity_provider_test.go:127: Step 3/3 error: Error running apply: exit status 1
        
        Error: updating Cognito Identity Provider (us-west-2_ze0q6j44K:tf-acc-test-5350296439128389312): InvalidParameterException: ActiveEncryptionCertificate is not a valid key for SAML identity provider details.
        
          with aws_cognito_identity_provider.test,
          on terraform_plugin_test.tf line 17, in resource "aws_cognito_identity_provider" "test":
          17: resource "aws_cognito_identity_provider" "test" {
        
--- FAIL: TestAccCognitoIDPIdentityProvider_saml (25.75s)
FAIL
FAIL	github.com/hashicorp/terraform-provider-aws/internal/service/cognitoidp	32.547s
FAIL
make: *** [testacc] Error 1
With fix
% make testacc TESTARGS='-run=TestAccCognitoIDPIdentityProvider_saml' PKG=cognitoidp
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cognitoidp/... -v -count 1 -parallel 20  -run=TestAccCognitoIDPIdentityProvider_saml -timeout 360m
=== RUN   TestAccCognitoIDPIdentityProvider_saml
=== PAUSE TestAccCognitoIDPIdentityProvider_saml
=== CONT  TestAccCognitoIDPIdentityProvider_saml
--- PASS: TestAccCognitoIDPIdentityProvider_saml (32.47s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/cognitoidp	39.770s

@ewbankkit ewbankkit closed this pull request by merging all changes into hashicorp:main in 3250460 Mar 13, 2024
@github-actions github-actions bot added this to the v5.41.0 milestone Mar 13, 2024
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.41.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/cognitoidp Issues and PRs that pertain to the cognitoidp service. size/XS Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v5.41.0
Development

Successfully merging this pull request may close these issues.

[Bug]:
3 participants
@jdoetsch-built @ewbankkit @justinretzolk