Add option to force Gov/China Cloud #3727
Conversation
- This allows the use of a custom endpoint that mimics China/GovCloud
sodre
force-pushed
the
f-force-gov-cn-cloud-option
branch
from
1559cb9 to
ff45e52
Compare
|
@sodre we don't necessarily want to keep utilizing the Can you explain where you're running into trouble and maybe we can instead improve the resources themselves? |
bflad
added
enhancement
|
@bflad For testing purposes, we run something similar to localstack that has the same behavior as the actual GovCloud/China partition. In order to connect to those endpoints I need to configure custom endpoints and a custom region. The custom region is not detected as being part of GovCloud/China partition and Terraform fails exactly where there are checks for "isGovCloud/isChina". The purpose of the patch is to let us inform terraform that those custom endpoints/custom region has the same "quirks" as GovCloud/ChinaCloud, e.g. #3317. e.g. #3317. |
|
@sodre I asked in that PR that the I think we would personally prefer to fix other resources similarly to handle these situations rather than introduce and depend on any specific non-standard checks that will later require manual intervention. I worry that we can run into scenarios where now an update to remove a check like Do you have other examples? |
|
The one I ran into is related to SQS resources: Other places it will likely come up:
|
|
Thanks. Are you able to set |
|
not really :( |
|
@bflad, Unfortunately, the choice of the region name is outside the developers hand. That is why I think changing the region name would not fix it. Isn't that also used to create validate the ARNs? |
|
Hi @bflad, So I can inform the folks on my side, is there a plan to merge this PR? |
|
I talked with a few people and we believe this will cause maintenance or confusion issues in the future. We would happily accept changes to the resources to allow "backwards" compatibility though (e.g. removing the For example, the SQS resource can be adjusted to skip returning an error on the |
|
No problem. Thanks for responding quickly. We will wait for your PR. |
|
As promised, PR submitted: #3794 If you could locally build and test the provider from that PR in your environment that would be fantastic. 👍 As for other resources where you have or will run into this, please submit new separate issues for each resource and they can pretty easily be addressed. Most importantly, we will be looking for the exact error message as each service implements these errors differently. |
|
@bflad I'll get back to you on Monday! Thank you for getting to it so quickly. |
|
The SQS ListQueueTags fix has been released in version 1.12.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Sometimes it is necessary to use the China/GovCloud logic when using custom endpoints.
This PR allows the user to configure those options.