Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

resource/aws_iam_user: Add permissions_boundary argument #5183

Merged
merged 2 commits into from
Jul 30, 2018
Merged

resource/aws_iam_user: Add permissions_boundary argument #5183

merged 2 commits into from
Jul 30, 2018

Conversation

bflad
Copy link
Contributor

@bflad bflad commented Jul 13, 2018

Reference: #5174

Changes proposed in this pull request:

  • Add permissions boundary support to aws_iam_user resource
  • Minor refactoring for newer practices

Output from acceptance testing: AWS Commercial

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSUser_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSUser_ -timeout 120m
=== RUN   TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (8.40s)
=== RUN   TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (13.29s)
=== RUN   TestAccAWSUser_nameChange
--- PASS: TestAccAWSUser_nameChange (14.23s)
=== RUN   TestAccAWSUser_pathChange
--- PASS: TestAccAWSUser_pathChange (14.13s)
=== RUN   TestAccAWSUser_permissionsBoundary
--- PASS: TestAccAWSUser_permissionsBoundary (25.88s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	75.969s

Output from acceptance testing: AWS GovCloud (US)

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSUser_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSUser_ -timeout 120m
=== RUN   TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (18.52s)
=== RUN   TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (26.81s)
=== RUN   TestAccAWSUser_nameChange
--- PASS: TestAccAWSUser_nameChange (26.70s)
=== RUN   TestAccAWSUser_pathChange
--- PASS: TestAccAWSUser_pathChange (27.60s)
=== RUN   TestAccAWSUser_permissionsBoundary
--- PASS: TestAccAWSUser_permissionsBoundary (52.33s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	152.004s

@bflad bflad added enhancement Requests to existing resources that expand the functionality or scope. service/iam Issues and PRs that pertain to the iam service. labels Jul 13, 2018
@bflad bflad requested a review from a team July 13, 2018 16:56
@ghost ghost added the size/L Managed by automation to categorize the size of a PR. label Jul 13, 2018
@bflad bflad mentioned this pull request Jul 13, 2018
Closed
mbfrahry
mbfrahry reviewed Jul 24, 2018
View reviewed changes
Copy link
Member

@mbfrahry mbfrahry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd just like to talk more tomorrow about this

aws/resource_aws_iam_user.go Outdated
if err != nil {
if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" { // XXX test me
if isAWSErr(err, iam.ErrCodeNoSuchEntityException, "") { // XXX test me
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Has this been tested? Do we still need this comment?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test added 👍

make testacc TEST=./aws TESTARGS='-run=TestAccAWSUser_disappears'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSUser_disappears -timeout 120m
=== RUN   TestAccAWSUser_disappears
--- PASS: TestAccAWSUser_disappears (8.90s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	9.475s

aws/resource_aws_iam_user.go
log.Println("[DEBUG] Delete IAM User request:", request)
if _, err := iamconn.DeleteUser(request); err != nil {
log.Println("[DEBUG] Delete IAM User Permissions Boundary request:", deleteUserPermissionsBoundaryInput)
_, err = iamconn.DeleteUserPermissionsBoundary(deleteUserPermissionsBoundaryInput)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems odd that we'd have to delete the boundary before we delete the resource. I'm guessing that deleting a user before the boundary will cause issues but it seems like you'd want two resources here instead of one.

mbfrahry
mbfrahry approved these changes Jul 30, 2018
View reviewed changes
Copy link
Member

@mbfrahry mbfrahry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM after chatting internally

@bflad
tests/resource/aws_iam_user: Add TestAccAWSUser_disappears
c8c9ff7 
make testacc TEST=./aws TESTARGS='-run=TestAccAWSUser_disappears'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSUser_disappears -timeout 120m
=== RUN   TestAccAWSUser_disappears
--- PASS: TestAccAWSUser_disappears (8.90s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	9.475s
@bflad bflad added this to the v1.30.0 milestone Jul 30, 2018
@bflad bflad merged commit 45ceeb9 into master Jul 30, 2018
@bflad bflad deleted the f-aws_iam_user-permission_boundary branch July 30, 2018 15:08
bflad added a commit that referenced this pull request Jul 30, 2018
@bflad
Update CHANGELOG for #5183
fb482e5
@bflad
Copy link
Contributor Author

bflad commented Aug 2, 2018

This has been released in version 1.30.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@ghost
Copy link

ghost commented Apr 4, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 4, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mbfrahry mbfrahry mbfrahry approved these changes

Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/iam Issues and PRs that pertain to the iam service. size/L Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v1.30.0
Development

Successfully merging this pull request may close these issues.
2 participants
@bflad @mbfrahry