Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

r/aws_ram_resource_share: Add new resource #6528

Merged
merged 2 commits into from
Jan 15, 2019

Conversation

gazoakley
Copy link
Contributor

@gazoakley gazoakley commented Nov 20, 2018

Partially addresses #6527

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccAwsRamResourceShare'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./... -v -parallel 20 -run=TestAccAwsRamResourceShare -timeout 120m
?   	github.com/terraform-providers/terraform-provider-aws	[no test files]
=== RUN   TestAccAwsRamResourceShare_basic
=== PAUSE TestAccAwsRamResourceShare_basic
=== CONT  TestAccAwsRamResourceShare_basic
--- PASS: TestAccAwsRamResourceShare_basic (20.72s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	20.765s

@ghost ghost added size/XXL Managed by automation to categorize the size of a PR. dependencies Used to indicate dependency changes. documentation Introduces or discusses updates to documentation. provider Pertains to the provider itself, rather than any interaction with AWS. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Nov 20, 2018
@gazoakley gazoakley changed the title r/aws_ram_resource_share: Add new resource [WIP] r/aws_ram_resource_share: Add new resource Nov 20, 2018
@bflad bflad added new-resource Introduces a new resource. service/ram Issues and PRs that pertain to the ram service. labels Nov 21, 2018
@gazoakley gazoakley force-pushed the f-ram-resource-share-ii branch from 3861a25 to 9dafc45 Compare November 22, 2018 04:29
@ghost ghost added size/XL Managed by automation to categorize the size of a PR. and removed size/XXL Managed by automation to categorize the size of a PR. labels Nov 22, 2018
@bflad bflad removed the dependencies Used to indicate dependency changes. label Nov 25, 2018
@bflad
Copy link
Contributor

bflad commented Dec 21, 2018

Hey @gazoakley 👋 I'm guessing this is work in progress due to the acceptance testing? Anything we can help with? Since we now support EC2 Transit Gateway and License Manager Configurations, maybe we can use either of those for testing? Thanks so much for all your great contributions!

Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two quick little drive-by comments since I know this is work in progress 👍

@@ -143,6 +144,7 @@ type Config struct {
KinesisAnalyticsEndpoint string
KmsEndpoint string
LambdaEndpoint string
RamEndpoint string
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since we're not wiring up endpoint customization in the provider configuration (see aws/provider.go) we should either implement it or remove it here, e.g. removing this line, awsRamSess and using client.ramconn = ram.New(sess) 👍

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This still needs to be addressed either which way. 😄

aws/resource_aws_ram_resource_share.go Outdated Show resolved Hide resolved
@gazoakley
Copy link
Contributor Author

Hi @bflad - at the time I started writing this AWS hadn't announced what you could share using it 😄. I'm planning to write acceptance tests using VPCs since they can be constructed/torn down quickly during acceptance tests.

What I've got kind of works, but I'm thinking it would be better to split resource_arns and principals out of this resource into some kind of aws_ram_association. It looks like adding/removing from/to those can take time, and separating them out would allow Terraform to track the progress of them individually much better. The code currently doesn't wait for associations to move to the "ASSOCIATED"/"DISASSOCIATED" status: https://docs.aws.amazon.com/ram/latest/APIReference/API_ResourceShareAssociation.html

The design then becomes something along the lines of:

resource "aws_ram_resource_share" "example" {
  name = "Example"
  allow_external_principals = true
}

resource "aws_ram_association" "example" {
  resource_share_arn = "${aws_ram_resource_share.example.arn}"
  association_type = "PRINCIPAL"
  associated_entity = "123456789012"
}

resource "aws_ram_association" "example" {
  resource_share_arn = "${aws_ram_resource_share.example.arn}"
  association_type = "RESOURCE"
  associated_entity = "<some_vpc_arn>"
}

Or better still in my mind:

resource "aws_ram_resource_share" "example" {
  name = "Example"
  allow_external_principals = true
}

resource "aws_ram_principal_association" "example" {
  resource_share_arn = "${aws_ram_resource_share.example.arn}"
  principal = "123456789012"
  # external - calculated field that is only applicable to principals associated to a resource share
}

resource "aws_ram_resource_association" "example" {
  resource_share_arn = "${aws_ram_resource_share.example.arn}"
  resource_arn = "<some_vpc_arn>"
}

Any thoughts?

@bflad
Copy link
Contributor

bflad commented Dec 21, 2018

@gazoakley looking at the API, I would agree with your assessment and the second approach with two associations resources. The time tracking is likely pretty important from an infrastructure management standpoint to allow a single Terraform configuration to perform downstream actions when the associations are actually ready. 👍

If you could split those new resources from this PR, we can likely get this resource merged then work on the association bits separately. 🚀

@gazoakley gazoakley force-pushed the f-ram-resource-share-ii branch from 0b4647e to 5ad9071 Compare December 28, 2018 08:12
@gazoakley gazoakley changed the title [WIP] r/aws_ram_resource_share: Add new resource r/aws_ram_resource_share: Add new resource Dec 28, 2018
@gazoakley
Copy link
Contributor Author

@bflad I've done the split - will open PRs for the associations later

@gazoakley
Copy link
Contributor Author

Unfortunately there's an issue in aws-sdk-go or the RAM API that prevents us from easily checking if a resource share isn't found: aws/aws-sdk-go#2377

Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey again, @gazoakley! For this one some minor stuff and it should be good to go! I'm not sure if we should implement the suggested Go SDK workaround with the error handling, but I think this is acceptable either which way in that regard. Thanks for all your hard work!

@@ -143,6 +144,7 @@ type Config struct {
KinesisAnalyticsEndpoint string
KmsEndpoint string
LambdaEndpoint string
RamEndpoint string
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This still needs to be addressed either which way. 😄

return &schema.Resource{
Create: resourceAwsRamResourceShareCreate,
Read: resourceAwsRamResourceShareRead,
Update: resourceAwsRamResourceShareUpdate,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should add at least one acceptance test that exercises Update 😄

}

stateConf := &resource.StateChangeConf{
Pending: []string{ram.ResourceShareStatusDeleting},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We may also want to include ram.ResourceShareStatusActive in the Pending list in case there is any delay the start of the process. 👍

@bflad bflad added the waiting-response Maintainers are waiting on response from community or contributor. label Jan 9, 2019
@bflad bflad added this to the v1.56.0 milestone Jan 15, 2019
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @gazoakley! 🚀 FYI I addressed the remaining minor review items in a followup commit (1070d83) so we can get this released, I hope you don't mind.

Output from acceptance testing:

--- PASS: TestAccAwsRamResourceShare_basic (13.39s)
--- PASS: TestAccAwsRamResourceShare_Name (20.76s)
--- PASS: TestAccAwsRamResourceShare_AllowExternalPrincipals (21.53s)
--- PASS: TestAccAwsRamResourceShare_Tags (29.14s)

@bflad bflad merged commit b2a2a02 into hashicorp:master Jan 15, 2019
bflad added a commit that referenced this pull request Jan 15, 2019
Changes:
* Remove incomplete implementation for provider-level RAM endpoint configuration
* Add covering acceptance testing for updates of all attributes

Output from acceptance testing:

```
--- PASS: TestAccAwsRamResourceShare_basic (13.39s)
--- PASS: TestAccAwsRamResourceShare_Name (20.76s)
--- PASS: TestAccAwsRamResourceShare_AllowExternalPrincipals (21.53s)
--- PASS: TestAccAwsRamResourceShare_Tags (29.14s)
```
bflad added a commit that referenced this pull request Jan 15, 2019
@bflad
Copy link
Contributor

bflad commented Jan 16, 2019

This has been released in version 1.56.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@piersf
Copy link

piersf commented Jan 26, 2019

@bflad the Terraform documentation shows only about aws_ram_resource_share. Has there been anything else released?

@ghost ghost removed the waiting-response Maintainers are waiting on response from community or contributor. label Jan 26, 2019
@bflad
Copy link
Contributor

bflad commented Jan 26, 2019

@ghost
Copy link

ghost commented Apr 1, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 1, 2020
@gazoakley gazoakley deleted the f-ram-resource-share-ii branch April 7, 2020 16:17
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation Introduces or discusses updates to documentation. new-resource Introduces a new resource. provider Pertains to the provider itself, rather than any interaction with AWS. service/ram Issues and PRs that pertain to the ram service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants