New Resource: aws_media_store_container #2448
Conversation
Ninir
added
the
enhancement
atsushi-ishibashi
force-pushed
the
aws_media_store_container
branch
from
ce0d3fa
to
f248e51
Compare
|
|
||
| _, err = stateConf.WaitForState() | ||
| if err != nil { | ||
| return fmt.Errorf("[WARN] Error waiting for MediaStore Container status to be \"ACTIVE\": %s", err) |
There was a problem hiding this comment.
Nitpick, but I think the error which comes out of WaitForState is sufficiently detailed so we don't need to duplicate the context here.
|
|
||
| if !d.HasChange("policy") { | ||
| return resourceAwsMediaStoreContainerRead(d, meta) | ||
| } |
There was a problem hiding this comment.
I believe the above 3 lines will never be executed since all fields are ForceNew (so the only way the function ever gets executed is when policy has changed), unless I'm mistaken?
There was a problem hiding this comment.
I called resourceAwsMediaStoreContainerUpdate from the end of resourceAwsMediaStoreContainerCreate so I needed the above 3 lines.
Separating policy as aws_media_store_container_policy will solve this complication.
There was a problem hiding this comment.
Ah, I see - that's confusing. It actually makes me reconsider what I said in my other comment - I think we should remove all the policy related logic from this PR and implement it as a separate resource in another PR.
Do you agree?
There was a problem hiding this comment.
Yes, I agree👍 I'll remove
| d.SetId("") | ||
| return nil | ||
| } | ||
| } |
There was a problem hiding this comment.
Nitpick, but I think we could simplify the above error handling to something like
if isAWSErr(err, mediastore.ErrCodeContainerNotFoundException, "") {
d.SetId("")
return nil
}| case mediastore.ErrCodeContainerNotFoundException: | ||
| return nil | ||
| } | ||
| } |
There was a problem hiding this comment.
As mentioned elsewhere - I think the error handling can be simplified a bit.
| } | ||
| } | ||
| return err | ||
| } |
There was a problem hiding this comment.
As this resource is stateful shouldn't we also wait here until it's deleted instead of leaving it in "deleting" state?
| "Action": [ "mediastore:*" ], | ||
| "Principal": {"AWS" : "*"}, | ||
| "Effect": "Allow", | ||
| "Resource": "arn:aws:mediastore:us-west-2:${data.aws_caller_identity.test.account_id}:container/tf_mediastore_%s/*", |
There was a problem hiding this comment.
It looks like we'd benefit from having aws_media_store_container_policy so we can reference the container ARN instead of building it like this. 🤔
It's certainly outside of scope of this PR, just thinking out loud as I'm reading the code...
There was a problem hiding this comment.
Yeah, I agree with you...
"Resource" in policy must be scope of arn:aws:mediastore:us-west-2:1234567890:container/tf_mediastore_%s/ (I got error if I set * to Resource) so I thought the same when implementing.
If we'll develop aws_media_store_container_policy, should I remove policy from aws_media_store_container to simplify relation and these roles?
There was a problem hiding this comment.
No, keep it here... as I said it's outside of scope of this PR 😃
There was a problem hiding this comment.
I'm taking back what I said - see my other comment about policy.
|
|
||
| The following arguments are supported: | ||
|
|
||
| * `name` - (Required) The name of the container. Must atisfy regular expression pattern: `\w+` |
There was a problem hiding this comment.
Can we make this a little bit more human-readable for folks who don't know regular expressions or omit this sentence (as the validation error message will tell them anyways)?
| ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { | ||
| value := v.(string) | ||
| if !regexp.MustCompile("^\\w+$").MatchString(value) { | ||
| errors = append(errors, fmt.Errorf("%q must match \\w+", k)) |
There was a problem hiding this comment.
Can we make this error message a bit more human friendly for folks who don't know regular expressions? e.g. must contain alphanumeric characters or underscores?
radeksimko
added
the
waiting-response
|
I removed |
* Add Data Source: aws_elb * Fix dataSourceAwsElb typo * Fix dataSourceAwsElb Schema name field to not include Computed * Remove dataSourceAwsElb schema defaults for computed fields * Remove dataSourceAwsElb schema defaults for nested computed fields too * Corrected depends_on entry for EIP depends_on = ["aws_internet_gateway.gw"] is the correct syntax * Add sweeper for IAM Server Certificates * test/aws_config_delivery_channel: Add missing dependencies * d/aws_elb r/aws_elb: hashicorp#2004 review comments * Remove enable_deletion_protection from testAccDataSourceAWSELBConfigBasic * Replace unnecessary errwrap.Wrapf with fmt.Errorf * Reduce flattenAwsELbResource to ec2conn and elbconn instead of meta * Properly name TestAccDataSourceAWSELB_basic resources * Use t.Name() for description and TestName tags * d/aws_elb: Fix documentation sidebar ordering after merging master with new d/aws_elasticache_replication_group * Makefile: Add sweep target * Update cognito_user_pool.markdown * Update CHANGELOG.md * r/aws_elasticache_security_group: add import support (hashicorp#2277) * r/aws_elasticache_security_group: add import support * r/aws_elasticache_security_group: hashicorp#2277 review updates * Use d.Id() instead of d.Get("name") on read, which allows using schema.ImportStatePassthrough * d.Set("security_group_names") on read * Set AWS_DEFAULT_REGION to us-east-1 on import testing * Update CHANGELOG.md * documentation: remove antislashes in page titles * Added missing WARN debug lines when reading a non-existing resource * Removed <wbr> from documentation titles * vendor: Bump aws-sdk-go to v.1.12.44 * Add logs for iam server certificate delete conflict (hashicorp#2533) * Query elb API for load balancer arn causing delete conflict - For IAM server certificate. * Use regex for lb name. * Edits for hashicorp#2533 * r/aws_sqs_queue_policy: Support import by queue URL (hashicorp#2544) * Update CHANGELOG.md * r/aws_elasticsearch_domain: Add LogPublishingOption (hashicorp#2285) * WIP * Add enabled * Use cwl policy * Reflect reviews * Update CHANGELOG.md * Add force_destroy field to aws_athena_database (hashicorp#2363) * Add force_destroy field to aws_athena_database. Fixes hashicorp#2362. * Remove unnecessary import. * Code review feedback * Update CHANGELOG.md * Add more example and missing field * New Resource: aws_media_store_container (hashicorp#2448) * New Resource: aws_media_store_container * Reflect reviews * remove policy * Update CHANGELOG.md * Add Redis AUTH, in-transit and at-rest encryption (hashicorp#2090) * add AUTH, at-rest and in-transit encryption to Elasticache replication groups * add _enabled to transit/at_rest encyrption parameters * added one more _enabled * move validateAwsElastiCacheReplicationGroupAuthToken to aws/validators.go, as well as tests * set auth_token to nil during Reads * update Replication Group encryption acceptance tests to use config functions instead of vars * Fix whitespacing (tabs -> spaces) * docs/elasticache_replication_group: Add missing fields * Update CHANGELOG.md * r/aws_dynamodb_table: Ensure ttl is properly read (hashicorp#2452) * r/aws_dynamodb_table: Ensure ttl is properly read * r/aws_dynamodb_table: hashicorp#2452 review updates * Add timeToLiveOutput.TimeToLiveDescription nil check * Simplify logic to d.Set ttl * Update CHANGELOG.md * Bump aws-sdk-go to v.1.12.45 * New Resource: PublicDnsNamespace (hashicorp#2569) * WIP * Add test, docs * Reflect reviews * Modify error handling * Update CHANGELOG.md * New Resource: ServiceDiscovery PrivateDNS Namespace (hashicorp#2589) * New Resource: service_discovery_private_dns_namespace * Reflect reviews * Update CHANGELOG.md
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
breathingdust
removed
the
waiting-response
Required: #2447