New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
s3: resolve bucket ARN in replication config references #763
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chlunde, thank you for addressing #745
I'm getting the following error in my tests:
"cannot create or update: cannot put Bucket replication: MalformedXML: The XML you provided was not well-formed or did not validate against our published schema"
I used the following configuration:
---
apiVersion: s3.aws.crossplane.io/v1beta1
kind: Bucket
metadata:
name: repl-src
spec:
deletionPolicy: Delete
forProvider:
acl: private
locationConstraint: us-west-2
paymentConfiguration:
payer: BucketOwner
serverSideEncryptionConfiguration:
rules:
- applyServerSideEncryptionByDefault:
sseAlgorithm: AES256
versioningConfiguration:
status: Enabled
replicationConfiguration:
role: arn:aws:iam::...:role/role-name # assumable by s3 svc, I just tested with an s3 admin role
rules:
- destination:
storageClass: STANDARD_IA
bucketRef:
name: repl-dest
deleteMarkerReplication:
Status: Disabled
priority: 0
id: rule-1
status: Enabled
providerConfigRef:
name: example
---
apiVersion: s3.aws.crossplane.io/v1beta1
kind: Bucket
metadata:
name: repl-dest
spec:
deletionPolicy: Delete
forProvider:
acl: private
locationConstraint: us-west-2
paymentConfiguration:
payer: BucketOwner
serverSideEncryptionConfiguration:
rules:
- applyServerSideEncryptionByDefault:
sseAlgorithm: AES256
versioningConfiguration:
status: Enabled
providerConfigRef:
name: example
Thanks for testing and reviewing this and the other PRs! I think you need a filter, or the filter PR, but I'm not certain. I can check on monday. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chlunde, after merging the filter fix I successfully created the replicating bucket pair. Nice work!
Before merging, could you please:
- Include the typo fix from s3: fix deleteMarkerReplication.Status -> deleteMarkerReplication.status #766 in this PR.
- Update examples/s3/ with your test cases so we can run conformance testing on these changes.
- Rebase on latest master.
Thanks again for this excellent contribution!
The replication destination bucket should resolve to an ARN, not a bucket name. Fixes crossplane-contrib#745 Signed-off-by: Carl Henrik Lunde <chlunde@ifi.uio.no>
Signed-off-by: Carl Henrik Lunde <chlunde@ifi.uio.no>
The JSON/YAML field name had an upper case first letter, which is not consistent with any other resource. Signed-off-by: Carl Henrik Lunde <chlunde@ifi.uio.no>
479549f
to
07c71ef
Compare
I'm back to malformed policy unless i specify a filter, I don't understand why, because the SDK version is the same as before. Added filter to the example. |
Signed-off-by: Carl Henrik Lunde <chlunde@ifi.uio.no>
07c71ef
to
ac30d99
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chlunde This works for me!
Thanks!
filter: | ||
prefix: "" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chlunde This works for me both with and without this filter.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cool, do you want me to remove it or keep it as it is?
Description of your changes
The replication destination bucket should resolve to an ARN, not a bucket name.
Fixes #745
I have:
make reviewable test
to ensure this PR is ready for review.How has this code been tested
With blood, sweat and tears. Fixed three other issues first.
This is a "minimal" configuration (excluding role and policy):
Question: Do you prefer the function returning a function for BucketARN?