Issue 1769 add aws shield protection feature ( Part II ) #7721
Conversation
…ield_Protection_feature
ghost
added
size/XL
parabolic
changed the title
|
@bflad any update on this pr? I know you guys have been busy, but we've an open ticket on our side plus I am wondering if all is good with the PR. |
|
Hi @parabolic @radeksimko @bflad, I/my company would be happy to test this PR if another tester is still required? I'm also going to add a comment to the other PR this stemmed from around subscriptions. Cheers, |
|
@JoshiiSinfield thank you for your help. Cheers! |
|
Hi @parabolic. Are you still looking for testers? I have shield and would be happy to test. I'm keen to see this merged. Thanks! |
|
@accuracy27 Thanks for the offer! We don't need more testers I think we've shield and I've tested it and posted the output in the description of the PR. What we need is a response from hashicorp on how do we proceed from here. Cheers! |
|
Hi @parabolic 👋 We're finally ready to acceptance test this! Looks like this pull request could use some love for rebasing and running the acceptance testing with its default Would you be okay if I rebased and pushed some testing changes to your branch? Otherwise I can provide line by line feedback. Thanks! |
|
Hi @bflad , that is awesome. Please feel free to rebase and push, and afterwards I will do the acceptance tests again. I believe that the documentation format has changed as well right ? Cheers. |
…eld SDK Region to us-east-1 References: * https://docs.aws.amazon.com/general/latest/gr/rande.html#global_accelerator_region * https://docs.aws.amazon.com/general/latest/gr/rande.html#shield_region Global AWS services sometimes only use a single region for their endpoint. As a past precedent we have hardcoded the Route 53 SDK Region to us-east-1. Following the current AWS Regions and Endpoints documentation, we do the same type of SDK configuration for Global Accelerator (endpoint is only in us-west-2) and Shield (endpoint is only in us-east-1).
Brings the acceptance testing style and configurations up to latest. Previously was failing due to Terraform 0.12 syntax changes. Changes include: * Remove provider declaration in Global Accelerator configuration (typically review feedback) * Perform `ImportState` testing in all tests instead of single import test (typically review feedback) * Perform API verification of resource creation in `testAccCheckAWSShieldProtectionExists` (typically review feedback) * Prefer `resource.ParallelTest()` over `resource.Test()` (typically review feedback) * Move `fmt.Sprintf()` usage to configurations and use underscores in test naming (typically style feedback) * Add `testAccPreCheckAWSShield` to skip testing if not subscribed to Shield
|
@parabolic just need permission to your fork, thanks! I'll provide a "regular" review once this little bit of administrivia is handled. 😄 |
|
Oh sorry about that @bflad, I've ticked the Allow edits from maintainers checkbox, |
bflad
force-pushed
the
Issue_1769_AWS_Shield_Protection_feature
branch
from
1692897
to
b553421
Compare
|
The pull request was in great shape! Should just be a few minor feedback items at this point (I'll provide in a few minutes) and then we can get this merged in once they're addressed. Thanks so much for your work here, @parabolic! 💯 Rebased on master and added two commits:
References:
Global AWS services sometimes only use a single region for their endpoint. As a past precedent we have hardcoded the Route 53 SDK Region to us-east-1. Following the current AWS Regions and Endpoints documentation, we do the same type of SDK configuration for Global Accelerator (endpoint is only in us-west-2) and Shield (endpoint is only in us-east-1).
Brings the acceptance testing style and configurations up to latest. Previously was failing due to Terraform 0.12 syntax changes. Changes include:
Output from acceptance testing (without setting |
There was a problem hiding this comment.
Here are the remaining feedback items, thanks @parabolic! Please reach out if you have any questions or do not have time to implement these items.
bflad
added
the
waiting-response
…:parabolic/terraform-provider-aws into Issue_1769_AWS_Shield_Protection_feature
--- - remove the unused import awserr - use ImportStatePassthrough - print the error when there's one - import fmt
Co-Authored-By: Brian Flad <bflad417@gmail.com>
Co-Authored-By: Brian Flad <bflad417@gmail.com>
Co-Authored-By: Brian Flad <bflad417@gmail.com>
- remove the tags and the variables - remove obsolete lines
|
@bflad Thanks for the suggestions and help! TF_ACC=1 go test ./aws -v -timeout 120m -parallel 20 -run='TestAccAWSShieldProtection'
==> Checking that code complies with gofmt requirements...
go install
=== RUN TestAccAWSShieldProtection_GlobalAccelerator
=== PAUSE TestAccAWSShieldProtection_GlobalAccelerator
=== RUN TestAccAWSShieldProtection_ElasticIPAddress
=== PAUSE TestAccAWSShieldProtection_ElasticIPAddress
=== RUN TestAccAWSShieldProtection_Alb
=== PAUSE TestAccAWSShieldProtection_Alb
=== RUN TestAccAWSShieldProtection_Elb
=== PAUSE TestAccAWSShieldProtection_Elb
=== RUN TestAccAWSShieldProtection_Cloudfront
=== PAUSE TestAccAWSShieldProtection_Cloudfront
=== RUN TestAccAWSShieldProtection_Route53
=== PAUSE TestAccAWSShieldProtection_Route53
=== CONT TestAccAWSShieldProtection_GlobalAccelerator
=== CONT TestAccAWSShieldProtection_Cloudfront
=== CONT TestAccAWSShieldProtection_Route53
=== CONT TestAccAWSShieldProtection_Alb
=== CONT TestAccAWSShieldProtection_Elb
=== CONT TestAccAWSShieldProtection_ElasticIPAddress
--- PASS: TestAccAWSShieldProtection_Cloudfront (34.38s)
--- PASS: TestAccAWSShieldProtection_ElasticIPAddress (40.75s)
--- PASS: TestAccAWSShieldProtection_Route53 (65.61s)
--- PASS: TestAccAWSShieldProtection_GlobalAccelerator (86.69s)
--- PASS: TestAccAWSShieldProtection_Elb (87.50s)
--- PASS: TestAccAWSShieldProtection_Alb (253.88s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 253.924s |
ghost
removed
the
waiting-response
There was a problem hiding this comment.
Fantastic, @parabolic! LGTM 🚀
Output from acceptance testing:
--- PASS: TestAccAWSShieldProtection_ElasticIPAddress (16.26s)
--- PASS: TestAccAWSShieldProtection_Route53 (44.68s)
--- PASS: TestAccAWSShieldProtection_Elb (47.75s)
--- PASS: TestAccAWSShieldProtection_GlobalAccelerator (103.22s)
--- PASS: TestAccAWSShieldProtection_Alb (196.09s)
--- PASS: TestAccAWSShieldProtection_Cloudfront (514.49s)
|
This has been released in version 2.11.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Fixes #1769
Superseeds: #1899
Changes proposed in this pull request:
aws_shield_protectionresource.aws_shield_protectionresource.Output from acceptance testing:
Note: The acceptance tests where run with
TF_TEST_CLOUDFRONT_RETAIN=trueenvironment variable set in order for it not to wait the deletion of the cloudfront distribution.