Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(remote-state): enable assume_role block in backend configuration to fix deprecation warning #93

Closed
wants to merge 1 commit into from
Closed

feat(remote-state): enable assume_role block in backend configuration to fix deprecation warning #93

wants to merge 1 commit into from

Conversation

kevcube
Copy link

@kevcube kevcube commented Jun 12, 2024

what

Solves a deprecation warning for using role_arn parameter instead of assume_role configuration block.
Doesn't use the complicated negation-of-try-contains ternary logic.. but it seems to work whether the value is present or not, being backwards compatible and not erroring if people don't have assume_role blocks in their configuration. Please test because you guys are more familiar with the usage of this module than I am.

why

I was receiving this deprecation warning and wanted to silence it.

references

https://developer.hashicorp.com/terraform/language/settings/backends/s3#role_arn-1

@kevcube kevcube requested review from a team as code owners June 12, 2024 11:36
@mergify mergify bot added the triage Needs triage label Jun 12, 2024
@Nuru Nuru added do not merge Do not merge this PR, doing so would cause problems invalid This doesn't seem right wontfix This will not be worked on and removed triage Needs triage labels Jun 12, 2024
@osterman
Copy link
Member

@kevcube according to @Nuru

With Terraform 1.6.0, the configuration block for the S3 backend changed.

role_arn = <role to assume>

changed to:

assume_role = {
  role_arn = <role to assume>
}

(other things, moved, too.)

The PR probably won't actually work. The proper fix breaks Terraform 1.5.7 and MPL licensed terraform (e.g. OpenTofu)

│ The given configuration is not valid for backend "s3": unexpected attribute "assume_role".

Confirm it works with

  • SuperAdmin
  • Without requiring assumed roles

@osterman
Copy link
Member

To be clear, we want to fix this - we just don't know how to given the incompatibilities between MPL licensed terraform and BSL licensed terraform (>= 1.6.x).

@Nuru Nuru added the needs-cloudposse Needs Cloud Posse assistance label Jun 12, 2024
@mergify Mergify
Copy link

mergify bot commented Jun 12, 2024

Important

Cloud Posse Engineering Team Review Required

This pull request modifies files that require Cloud Posse's review. Please be patient, and a core maintainer will review your changes.

To expedite this process, reach out to us on Slack in the #pr-reviews channel.

@osterman
Copy link
Member

This might make this easier:

In addition to supporting .tf extension files as we do today, OpenTofu will support .tofu extension files. When two files have the same name, one with the .tf extension and one with the .tofu extension, OpenTofu will load only the .tofu file and ignore the .tf file. Hence, creating a mechanism that overrides specific files. This way the .tofu extension files will be used for OpenTofu specific features and syntax and the .tf extension files can be used for Terraform compatible features and syntax. Allowing users and module maintainers to use OpenTofu and Terraform in the same project without conflicts.

https://github.com/opentofu/opentofu/pull/1699/files

@Nuru Nuru removed the wontfix This will not be worked on label Jun 14, 2024
@Nuru
Copy link
Contributor

Nuru commented Jun 14, 2024

@kevcube I'm sorry if the labels seem harsh; they do not allow for a lot of nuance. All I mean by them is that this is not the way to fix the problem, and we are not going to go down this path.

I am going to close this PR so it does not get merged. If you want to open an issue about the deprecation warning, that would be fine, and we will address it in the near (but not immediate) future.

@Nuru Nuru closed this Jun 14, 2024
@mergify mergify bot removed the needs-cloudposse Needs Cloud Posse assistance label Jun 14, 2024
@kevcube kevcube mentioned this pull request Jul 18, 2024
Closed
@osterman
Copy link
Member

This feature is making it's way into OpenTofu 1.8 (I hope!)

opentofu/opentofu#1738

@kevcube
Copy link
Author

kevcube commented Jul 18, 2024

This feature is making it's way into OpenTofu 1.8 (I hope!)

opentofu/opentofu#1738

The issue would still be present for Terraform users though

@Nuru
Copy link
Contributor

Nuru commented Oct 15, 2024

Fixed by #105 released in v1.8.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
do not merge Do not merge this PR, doing so would cause problems invalid This doesn't seem right
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kevcube @osterman @Nuru