Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow empty permissions boundary field in AWS role. #5740

Merged
merged 2 commits into from
Aug 31, 2018
Merged

Allow empty permissions boundary field in AWS role. #5740

merged 2 commits into from
Aug 31, 2018

Conversation

mgarstecki
Copy link

Fixes #5546

Changes proposed in this pull request:

  • Allow empty value for the permissions_boundary attribute of role, and treat it as absent.
  • Add a check in role acceptance tests to verify the permissions boundary field in the API on each test step.

Output from acceptance testing:

$ make testacc TESTARGS="-run TestAccAWSIAMRole"
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./... -v -run TestAccAWSIAMRole -timeout 120m
?   	github.com/terraform-providers/terraform-provider-aws	[no test files]
=== RUN   TestAccAWSIAMRolePolicy_importBasic
--- PASS: TestAccAWSIAMRolePolicy_importBasic (26.74s)
=== RUN   TestAccAWSIAMRole_importBasic
--- PASS: TestAccAWSIAMRole_importBasic (24.18s)
=== RUN   TestAccAWSIAMRolePolicy_basic
--- PASS: TestAccAWSIAMRolePolicy_basic (42.57s)
=== RUN   TestAccAWSIAMRolePolicy_namePrefix
--- PASS: TestAccAWSIAMRolePolicy_namePrefix (41.43s)
=== RUN   TestAccAWSIAMRolePolicy_generatedName
--- PASS: TestAccAWSIAMRolePolicy_generatedName (41.80s)
=== RUN   TestAccAWSIAMRolePolicy_invalidJSON
--- PASS: TestAccAWSIAMRolePolicy_invalidJSON (1.95s)
=== RUN   TestAccAWSIAMRole_basic
--- PASS: TestAccAWSIAMRole_basic (22.15s)
=== RUN   TestAccAWSIAMRole_basicWithDescription
--- PASS: TestAccAWSIAMRole_basicWithDescription (52.90s)
=== RUN   TestAccAWSIAMRole_namePrefix
--- PASS: TestAccAWSIAMRole_namePrefix (22.32s)
=== RUN   TestAccAWSIAMRole_testNameChange
--- PASS: TestAccAWSIAMRole_testNameChange (53.76s)
=== RUN   TestAccAWSIAMRole_badJSON
--- PASS: TestAccAWSIAMRole_badJSON (2.23s)
=== RUN   TestAccAWSIAMRole_disappears
--- PASS: TestAccAWSIAMRole_disappears (15.59s)
=== RUN   TestAccAWSIAMRole_force_detach_policies
--- PASS: TestAccAWSIAMRole_force_detach_policies (32.12s)
=== RUN   TestAccAWSIAMRole_MaxSessionDuration
--- PASS: TestAccAWSIAMRole_MaxSessionDuration (40.68s)
=== RUN   TestAccAWSIAMRole_PermissionsBoundary
--- PASS: TestAccAWSIAMRole_PermissionsBoundary (89.71s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	510.144s

bflad
bflad reviewed Aug 31, 2018
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @mgarstecki! One minor thing, then I think this is good to go.

aws/resource_aws_iam_role_test.go Outdated Show resolved Hide resolved
@bflad bflad added enhancement Requests to existing resources that expand the functionality or scope. service/iam Issues and PRs that pertain to the iam service. labels Aug 31, 2018
@mgarstecki
Copy link
Author

Implemented @bflad's feedback, thanks !

Here are the new acceptance test results:

$ make testacc TESTARGS="-run TestAccAWSIAMRole"
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./... -v -run TestAccAWSIAMRole -timeout 120m
?   	github.com/terraform-providers/terraform-provider-aws	[no test files]
=== RUN   TestAccAWSIAMRolePolicy_importBasic
--- PASS: TestAccAWSIAMRolePolicy_importBasic (15.27s)
=== RUN   TestAccAWSIAMRole_importBasic
--- PASS: TestAccAWSIAMRole_importBasic (14.00s)
=== RUN   TestAccAWSIAMRolePolicy_basic
--- PASS: TestAccAWSIAMRolePolicy_basic (24.76s)
=== RUN   TestAccAWSIAMRolePolicy_namePrefix
--- PASS: TestAccAWSIAMRolePolicy_namePrefix (23.82s)
=== RUN   TestAccAWSIAMRolePolicy_generatedName
--- PASS: TestAccAWSIAMRolePolicy_generatedName (23.64s)
=== RUN   TestAccAWSIAMRolePolicy_invalidJSON
--- PASS: TestAccAWSIAMRolePolicy_invalidJSON (1.21s)
=== RUN   TestAccAWSIAMRole_basic
--- PASS: TestAccAWSIAMRole_basic (12.59s)
=== RUN   TestAccAWSIAMRole_basicWithDescription
--- PASS: TestAccAWSIAMRole_basicWithDescription (30.20s)
=== RUN   TestAccAWSIAMRole_namePrefix
--- PASS: TestAccAWSIAMRole_namePrefix (12.19s)
=== RUN   TestAccAWSIAMRole_testNameChange
--- PASS: TestAccAWSIAMRole_testNameChange (29.82s)
=== RUN   TestAccAWSIAMRole_badJSON
--- PASS: TestAccAWSIAMRole_badJSON (1.25s)
=== RUN   TestAccAWSIAMRole_disappears
--- PASS: TestAccAWSIAMRole_disappears (8.74s)
=== RUN   TestAccAWSIAMRole_force_detach_policies
--- PASS: TestAccAWSIAMRole_force_detach_policies (17.39s)
=== RUN   TestAccAWSIAMRole_MaxSessionDuration
--- PASS: TestAccAWSIAMRole_MaxSessionDuration (23.05s)
=== RUN   TestAccAWSIAMRole_PermissionsBoundary
--- PASS: TestAccAWSIAMRole_PermissionsBoundary (49.63s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	287.576s

@bflad bflad added this to the v1.35.0 milestone Aug 31, 2018
bflad
bflad approved these changes Aug 31, 2018
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @mgarstecki! 🚀

10 tests passed (all tests)
--- PASS: TestAccAWSIAMRole_badJSON (1.51s)
--- PASS: TestAccAWSIAMRole_disappears (6.63s)
--- PASS: TestAccAWSIAMRole_basic (9.02s)
--- PASS: TestAccAWSIAMRole_namePrefix (9.36s)
--- PASS: TestAccAWSIAMRole_importBasic (9.83s)
--- PASS: TestAccAWSIAMRole_force_detach_policies (14.09s)
--- PASS: TestAccAWSIAMRole_MaxSessionDuration (16.24s)
--- PASS: TestAccAWSIAMRole_basicWithDescription (21.14s)
--- PASS: TestAccAWSIAMRole_testNameChange (22.04s)
--- PASS: TestAccAWSIAMRole_PermissionsBoundary (33.43s)

@bflad bflad merged commit a446de8 into hashicorp:master Aug 31, 2018
bflad added a commit that referenced this pull request Aug 31, 2018
@bflad
Update CHANGELOG for #5740
15035b1
@mgarstecki mgarstecki deleted the allow_empty_role_permissions_boundary branch August 31, 2018 15:53
@bflad
Copy link
Contributor

bflad commented Sep 6, 2018

This has been released in version 1.35.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@ghost
Copy link

ghost commented Apr 3, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bflad bflad bflad approved these changes

Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/iam Issues and PRs that pertain to the iam service.
Projects
None yet
Milestone
v1.35.0
Development

Successfully merging this pull request may close these issues.

iam_role: permissions_boundary attribute should accept empty string as absent value
2 participants
@mgarstecki @bflad