Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[36500] Allow to specify single DNS server when using Customer Manage Active Directory for RDS MSSQL #37462

Merged
merged 4 commits into from
Jul 29, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/36500.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_rds_instance: Allow `domain_dns_ips` to use single DNS server IP
```
18 changes: 9 additions & 9 deletions internal/service/rds/instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -260,7 +260,7 @@ func ResourceInstance() *schema.Resource {
ConflictsWith: []string{names.AttrDomain, "domain_iam_role_name"},
},
"domain_dns_ips": {
Type: schema.TypeSet,
Type: schema.TypeList,
Optional: true,
MinItems: 2,
MaxItems: 2,
Expand Down Expand Up @@ -1201,8 +1201,8 @@ func resourceInstanceCreate(ctx context.Context, d *schema.ResourceData, meta in
input.DomainAuthSecretArn = aws.String(v.(string))
}

if v, ok := d.GetOk("domain_dns_ips"); ok && v.(*schema.Set).Len() > 0 {
input.DomainDnsIps = flex.ExpandStringSet(v.(*schema.Set))
if v, ok := d.GetOk("domain_dns_ips"); ok && len(v.([]interface{})) > 0 {
input.DomainDnsIps = flex.ExpandStringList(v.([]interface{}))
}

if v, ok := d.GetOk("domain_fqdn"); ok {
Expand Down Expand Up @@ -1466,8 +1466,8 @@ func resourceInstanceCreate(ctx context.Context, d *schema.ResourceData, meta in
input.DomainAuthSecretArn = aws.String(v.(string))
}

if v, ok := d.GetOk("domain_dns_ips"); ok && v.(*schema.Set).Len() > 0 {
input.DomainDnsIps = flex.ExpandStringSet(v.(*schema.Set))
if v, ok := d.GetOk("domain_dns_ips"); ok && len(v.([]interface{})) > 0 {
input.DomainDnsIps = flex.ExpandStringList(v.([]interface{}))
}

if v, ok := d.GetOk("enabled_cloudwatch_logs_exports"); ok && v.(*schema.Set).Len() > 0 {
Expand Down Expand Up @@ -1647,8 +1647,8 @@ func resourceInstanceCreate(ctx context.Context, d *schema.ResourceData, meta in
input.DomainAuthSecretArn = aws.String(v.(string))
}

if v, ok := d.GetOk("domain_dns_ips"); ok && v.(*schema.Set).Len() > 0 {
input.DomainDnsIps = flex.ExpandStringSet(v.(*schema.Set))
if v, ok := d.GetOk("domain_dns_ips"); ok && len(v.([]interface{})) > 0 {
input.DomainDnsIps = flex.ExpandStringList(v.([]interface{}))
}

if v, ok := d.GetOk("domain_fqdn"); ok {
Expand Down Expand Up @@ -2393,8 +2393,8 @@ func dbInstancePopulateModify(input *rds_sdkv2.ModifyDBInstanceInput, d *schema.
} else if d.HasChanges("domain_auth_secret_arn", "domain_dns_ips", "domain_fqdn", "domain_ou") {
needsModify = true
input.DomainAuthSecretArn = aws.String(d.Get("domain_auth_secret_arn").(string))
if v, ok := d.GetOk("domain_dns_ips"); ok && v.(*schema.Set).Len() > 0 {
input.DomainDnsIps = flex.ExpandStringValueSet(v.(*schema.Set))
if v, ok := d.GetOk("domain_dns_ips"); ok && len(v.([]interface{})) > 0 {
input.DomainDnsIps = flex.ExpandStringValueList(v.([]interface{}))
}
input.DomainFqdn = aws.String(d.Get("domain_fqdn").(string))
input.DomainOu = aws.String(d.Get("domain_ou").(string))
Expand Down
58 changes: 58 additions & 0 deletions internal/service/rds/instance_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -3917,6 +3917,40 @@ func TestAccRDSInstance_MSSQL_selfManagedDomain(t *testing.T) {
})
}

func TestAccRDSInstance_MSSQL_selfManagedDomainSingleDomainDNSIP(t *testing.T) {
ctx := acctest.Context(t)
if testing.Short() {
t.Skip("skipping long-running test in short mode")
}

var v rds.DBInstance
resourceName := "aws_db_instance.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
domain := acctest.RandomDomain().String()
domainOu := fmt.Sprintf("OU=AWS,DC=%s,DC=%s", strings.Split(domain, ".")[0], strings.Split(domain, ".")[1])

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(ctx, t) },
ErrorCheck: acctest.ErrorCheck(t, names.RDSServiceID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckDBInstanceDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccInstanceConfig_mssqlSelfManagedDomainSingleDomainDNSIP(rName, domain, domainOu),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckDBInstanceExists(ctx, resourceName, &v),
resource.TestCheckResourceAttrSet(resourceName, "domain_fqdn"),
resource.TestCheckResourceAttrSet(resourceName, "domain_ou"),
resource.TestCheckResourceAttrSet(resourceName, "domain_auth_secret_arn"),
resource.TestCheckResourceAttr(resourceName, "domain_dns_ips.#", acctest.Ct2),
resource.TestCheckResourceAttr(resourceName, "domain_dns_ips.0", "123.124.125.126"),
resource.TestCheckResourceAttr(resourceName, "domain_dns_ips.1", "123.124.125.126"),
),
},
},
})
}

func TestAccRDSInstance_MSSQL_selfManagedDomainSnapshotRestore(t *testing.T) {
ctx := acctest.Context(t)
if testing.Short() {
Expand Down Expand Up @@ -8023,6 +8057,30 @@ resource "aws_secretsmanager_secret_version" "example-2" {
`, rName, domain, domainOu))
}

func testAccInstanceConfig_mssqlSelfManagedDomainSingleDomainDNSIP(rName, domain, domainOu string) string {
return acctest.ConfigCompose(
testAccInstanceConfig_baseMSSQLSelfManagedDomain(rName),
fmt.Sprintf(`
resource "aws_db_instance" "test" {
allocated_storage = 20
backup_retention_period = 0
db_subnet_group_name = aws_db_subnet_group.test.name
engine = data.aws_rds_orderable_db_instance.test.engine
engine_version = data.aws_rds_orderable_db_instance.test.engine_version
identifier = %[1]q
instance_class = data.aws_rds_orderable_db_instance.test.instance_class
skip_final_snapshot = true
password = "avoid-plaintext-passwords"
username = "tfacctest"
vpc_security_group_ids = [aws_security_group.test.id]
domain_fqdn = %[2]q
domain_ou = %[3]q
domain_auth_secret_arn = aws_secretsmanager_secret_version.example.arn
domain_dns_ips = ["123.124.125.126", "123.124.125.126"]
}
`, rName, domain, domainOu))
}

func testAccInstanceConfig_mssqlSelfManagedDomainSnapshotRestore(rName, domain, domainOu string) string {
return acctest.ConfigCompose(
testAccInstanceConfig_baseMSSQLSelfManagedDomain(rName),
Expand Down
Loading