New Resource: r/aws_config_authorization #4263
Conversation
bflad
added
new-resource
gazoakley
force-pushed
the
f-config-authorization
branch
from
9b2da85
to
f48e11e
Compare
gazoakley
force-pushed
the
f-config-authorization
branch
from
f48e11e
to
41ce326
Compare
gazoakley
changed the title
There was a problem hiding this comment.
Thanks for submitting this @gazoakley! 👍 Overall the PR is really good and passes acceptance testing -- there are just a few minor things that I will spend time adjusting post-merge for naming clarity, bug prevention, and to adjust this PR for some forward looking initiatives we have in the provider.
| return fmt.Errorf("Error deleting authorization: %s", err) | ||
| } | ||
|
|
||
| d.SetId("") |
There was a problem hiding this comment.
Minor nitpick: d.SetId("") is extraneous in delete functions
| @@ -303,6 +303,7 @@ func Provider() terraform.ResourceProvider { | |||
| "aws_cloudwatch_log_resource_policy": resourceAwsCloudWatchLogResourcePolicy(), | |||
| "aws_cloudwatch_log_stream": resourceAwsCloudWatchLogStream(), | |||
| "aws_cloudwatch_log_subscription_filter": resourceAwsCloudwatchLogSubscriptionFilter(), | |||
| "aws_config_authorization": resourceAwsConfigAuthorization(), | |||
There was a problem hiding this comment.
Sorry this is going to be very pedantic but the Config API refers to these as "aggregate" authorization and the resource/function naming should reflect that for clarity and in case they introduce other forms/types of authorization.
"aws_config_aggregate_authorization": resourceAwsConfigAggregateAuthoriation(),| d.Set("account_id", accountId) | ||
| d.Set("region", region) | ||
|
|
||
| res, err := conn.DescribeAggregationAuthorizations(&configservice.DescribeAggregationAuthorizationsInput{}) |
There was a problem hiding this comment.
This call does not currently handle NextToken so it can incorrectly report errors/missing resources in large or separate API responses.
| } | ||
| conn := client.(*AWSClient).configconn | ||
|
|
||
| resp, err := conn.DescribeAggregationAuthorizations(&configservice.DescribeAggregationAuthorizationsInput{}) |
There was a problem hiding this comment.
This call does not currently handle NextToken so it can potentially miss authorizations in large or separate API responses.
| resp, err := conn.DescribeAggregationAuthorizations(&configservice.DescribeAggregationAuthorizationsInput{}) | ||
|
|
||
| if err == nil { | ||
| if len(resp.AggregationAuthorizations) != 0 && |
There was a problem hiding this comment.
There may be additional other authorizations present, especially with testing concurrency or in non-testing accounts. This needs to be updated to specifically handle NextToken and loop through all authorizations, only returning an error if the account ID and region is found.
|
|
||
| ## Attributes Reference | ||
|
|
||
| The following attributes are exported: |
There was a problem hiding this comment.
We're in the process of updating all these for clarity (#4685): In addition to all arguments above, the following attributes are exported:
| "github.com/hashicorp/terraform/helper/resource" | ||
| ) | ||
|
|
||
| func TestAccConfigAuthorization_import(t *testing.T) { |
There was a problem hiding this comment.
Minor nitpick: we're going to move away from separate import test files and tests (#4705). We can simply add the final TestStep the existing _basic test 👍
=== RUN TestAccAWSConfigAggregateAuthorization_basic --- PASS: TestAccAWSConfigAggregateAuthorization_basic (41.80s)
|
@bflad Could we have at least stuck with
That doesn't gel well together - it suggests they might be related but not for certain (the console always refers to aggregator(s)) |
|
@gazoakley sorry for any initial confusion -- we wound up renaming both of the resources to match the API more closely. If the link between the two is not obvious we should probably cross-link them accordingly in the resource documentation for each of them. This has been released in version 1.22.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Partially implements #4067
New Resources:
aws_config_authorization