Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[New Resource]: aws_cloudfront_continuous_deployment_policy #32936

Merged
merged 3 commits into from
Aug 10, 2023
Merged

[New Resource]: aws_cloudfront_continuous_deployment_policy #32936

merged 3 commits into from
Aug 10, 2023

Conversation

jar-b
Copy link
Member

@jar-b jar-b commented Aug 9, 2023
edited
Loading

Description

Adds continuous deployment support for CloudFront distributions.

  • Adds a new aws_cloudfront_continuous_deployment_policy resource
  • Adds staging and continuous_deployment_policy_id arguments to the aws_cloudfront_distribution resource

Relations

Closes #28920

References

Output from Acceptance Testing

% make testacc PKG=cloudfront TESTS=TestAccCloudFrontContinuousDeploymentPolicy_
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cloudfront/... -v -count 1 -parallel 20 -run='TestAccCloudFrontContinuousDeploymentPolicy_'  -timeout 180m

--- PASS: TestAccCloudFrontContinuousDeploymentPolicy_disappears (440.58s)
--- PASS: TestAccCloudFrontContinuousDeploymentPolicy_basic (1029.81s)
--- PASS: TestAccCloudFrontContinuousDeploymentPolicy_trafficConfig (1186.88s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/cloudfront 1189.948s
% make testacc PKG=cloudfront TESTS=TestAccCloudFrontDistribution_ ACCTEST_PARALLELISM=10
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cloudfront/... -v -count 1 -parallel 10 -run='TestAccCloudFrontDistribution_'  -timeout 180m

--- PASS: TestAccCloudFrontDistribution_ViewerCertificateACMCertificateARN_conflictsWithCloudFrontDefaultCertificate (220.63s)
=== CONT  TestAccCloudFrontDistribution_orderedCacheBehavior
--- PASS: TestAccCloudFrontDistribution_basic (224.47s)
=== CONT  TestAccCloudFrontDistribution_multiOrigin
--- PASS: TestAccCloudFrontDistribution_orderedCacheBehaviorCachePolicy (440.62s)
=== CONT  TestAccCloudFrontDistribution_originPolicyOrdered
--- PASS: TestAccCloudFrontDistribution_http11 (445.44s)
=== CONT  TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValues_headers
--- PASS: TestAccCloudFrontDistribution_orderedCacheBehaviorResponseHeadersPolicy (446.96s)
=== CONT  TestAccCloudFrontDistribution_ViewerCertificate_acmCertificateARN
--- PASS: TestAccCloudFrontDistribution_originGroups (478.98s)
=== CONT  TestAccCloudFrontDistribution_s3Origin
--- PASS: TestAccCloudFrontDistribution_originPolicyDefault (481.05s)
=== CONT  TestAccCloudFrontDistribution_customOrigin
--- PASS: TestAccCloudFrontDistribution_waitForDeployment (518.14s)
=== CONT  TestAccCloudFrontDistribution_tags
--- PASS: TestAccCloudFrontDistribution_preconditionFailed (928.87s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedKeyGroups
--- PASS: TestAccCloudFrontDistribution_orderedCacheBehavior (710.37s)
=== CONT  TestAccCloudFrontDistribution_OrderedCacheBehavior_realtimeLogARN
--- PASS: TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValues_headers (488.61s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehavior_realtimeLogARN
--- PASS: TestAccCloudFrontDistribution_multiOrigin (713.65s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedSigners
--- PASS: TestAccCloudFrontDistribution_enabled (939.58s)
=== CONT  TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValuesCookies_whitelistedNames
--- PASS: TestAccCloudFrontDistribution_ViewerCertificate_acmCertificateARN (504.89s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValuesCookies_whitelistedNames
--- PASS: TestAccCloudFrontDistribution_tags (462.20s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValues_headers
--- PASS: TestAccCloudFrontDistribution_customOrigin (691.53s)
=== CONT  TestAccCloudFrontDistribution_retainOnDelete
--- PASS: TestAccCloudFrontDistribution_originPolicyOrdered (732.42s)
=== CONT  TestAccCloudFrontDistribution_disappears
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValuesCookies_whitelistedNames (222.39s)
=== CONT  TestAccCloudFrontDistribution_noCustomErrorResponse
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedKeyGroups (246.46s)
=== CONT  TestAccCloudFrontDistribution_isIPV6Enabled
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedSigners (237.48s)
=== CONT  TestAccCloudFrontDistribution_Origin_connectionTimeout
--- PASS: TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValuesCookies_whitelistedNames (236.54s)
=== CONT  TestAccCloudFrontDistribution_noOptionalItems
--- PASS: TestAccCloudFrontDistribution_s3Origin (701.72s)
=== CONT  TestAccCloudFrontDistribution_Origin_originAccessControl
--- PASS: TestAccCloudFrontDistribution_OrderedCacheBehavior_realtimeLogARN (255.31s)
=== CONT  TestAccCloudFrontDistribution_Origin_originShield
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehavior_realtimeLogARN (254.10s)
=== CONT  TestAccCloudFrontDistribution_Origin_emptyOriginID
--- PASS: TestAccCloudFrontDistribution_Origin_emptyOriginID (1.13s)
=== CONT  TestAccCloudFrontDistribution_Origin_connectionAttempts
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValues_headers (239.65s)
=== CONT  TestAccCloudFrontDistribution_Origin_emptyDomainName
--- PASS: TestAccCloudFrontDistribution_Origin_emptyDomainName (1.29s)
=== CONT  TestAccCloudFrontDistribution_forwardedValuesToCachePolicy
--- PASS: TestAccCloudFrontDistribution_disappears (212.79s)
--- PASS: TestAccCloudFrontDistribution_retainOnDelete (399.85s)
--- PASS: TestAccCloudFrontDistribution_isIPV6Enabled (427.02s)
--- PASS: TestAccCloudFrontDistribution_noOptionalItems (431.18s)
--- PASS: TestAccCloudFrontDistribution_noCustomErrorResponse (435.40s)
--- PASS: TestAccCloudFrontDistribution_Origin_originShield (457.91s)
--- PASS: TestAccCloudFrontDistribution_Origin_connectionTimeout (469.16s)
--- PASS: TestAccCloudFrontDistribution_Origin_connectionAttempts (498.04s)
--- PASS: TestAccCloudFrontDistribution_forwardedValuesToCachePolicy (703.78s)
--- PASS: TestAccCloudFrontDistribution_Origin_originAccessControl (749.62s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/cloudfront 1933.918s

@github-actions
Copy link

github-actions bot commented Aug 9, 2023

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/cloudfront Issues and PRs that pertain to the cloudfront service. generators Relates to code generators. labels Aug 9, 2023
@terraform-aws-provider terraform-aws-provider bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Aug 9, 2023
@jar-b jar-b force-pushed the f-continuous_deployment_policy branch from a983fc0 to acbc072 Compare August 10, 2023 14:27
@jar-b jar-b force-pushed the f-continuous_deployment_policy branch from acbc072 to aae2c8e Compare August 10, 2023 17:54
@jar-b jar-b marked this pull request as ready for review August 10, 2023 17:54
ewbankkit
ewbankkit approved these changes Aug 10, 2023
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccCloudFrontContinuousDeploymentPolicy_\|TestAccCloudFrontDistribution_' PKG=cloudfront ACCTEST_PARALLELISM=4
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/cloudfront/... -v -count 1 -parallel 4  -run=TestAccCloudFrontContinuousDeploymentPolicy_\|TestAccCloudFrontDistribution_ -timeout 180m
=== RUN   TestAccCloudFrontContinuousDeploymentPolicy_basic
=== PAUSE TestAccCloudFrontContinuousDeploymentPolicy_basic
=== RUN   TestAccCloudFrontContinuousDeploymentPolicy_disappears
=== PAUSE TestAccCloudFrontContinuousDeploymentPolicy_disappears
=== RUN   TestAccCloudFrontContinuousDeploymentPolicy_trafficConfig
=== PAUSE TestAccCloudFrontContinuousDeploymentPolicy_trafficConfig
=== RUN   TestAccCloudFrontDistribution_basic
=== PAUSE TestAccCloudFrontDistribution_basic
=== RUN   TestAccCloudFrontDistribution_disappears
=== PAUSE TestAccCloudFrontDistribution_disappears
=== RUN   TestAccCloudFrontDistribution_tags
=== PAUSE TestAccCloudFrontDistribution_tags
=== RUN   TestAccCloudFrontDistribution_s3Origin
=== PAUSE TestAccCloudFrontDistribution_s3Origin
=== RUN   TestAccCloudFrontDistribution_customOrigin
=== PAUSE TestAccCloudFrontDistribution_customOrigin
=== RUN   TestAccCloudFrontDistribution_originPolicyDefault
=== PAUSE TestAccCloudFrontDistribution_originPolicyDefault
=== RUN   TestAccCloudFrontDistribution_originPolicyOrdered
=== PAUSE TestAccCloudFrontDistribution_originPolicyOrdered
=== RUN   TestAccCloudFrontDistribution_multiOrigin
=== PAUSE TestAccCloudFrontDistribution_multiOrigin
=== RUN   TestAccCloudFrontDistribution_orderedCacheBehavior
=== PAUSE TestAccCloudFrontDistribution_orderedCacheBehavior
=== RUN   TestAccCloudFrontDistribution_orderedCacheBehaviorCachePolicy
=== PAUSE TestAccCloudFrontDistribution_orderedCacheBehaviorCachePolicy
=== RUN   TestAccCloudFrontDistribution_orderedCacheBehaviorResponseHeadersPolicy
=== PAUSE TestAccCloudFrontDistribution_orderedCacheBehaviorResponseHeadersPolicy
=== RUN   TestAccCloudFrontDistribution_forwardedValuesToCachePolicy
=== PAUSE TestAccCloudFrontDistribution_forwardedValuesToCachePolicy
=== RUN   TestAccCloudFrontDistribution_Origin_emptyDomainName
=== PAUSE TestAccCloudFrontDistribution_Origin_emptyDomainName
=== RUN   TestAccCloudFrontDistribution_Origin_emptyOriginID
=== PAUSE TestAccCloudFrontDistribution_Origin_emptyOriginID
=== RUN   TestAccCloudFrontDistribution_Origin_connectionAttempts
=== PAUSE TestAccCloudFrontDistribution_Origin_connectionAttempts
=== RUN   TestAccCloudFrontDistribution_Origin_connectionTimeout
=== PAUSE TestAccCloudFrontDistribution_Origin_connectionTimeout
=== RUN   TestAccCloudFrontDistribution_Origin_originShield
=== PAUSE TestAccCloudFrontDistribution_Origin_originShield
=== RUN   TestAccCloudFrontDistribution_Origin_originAccessControl
=== PAUSE TestAccCloudFrontDistribution_Origin_originAccessControl
=== RUN   TestAccCloudFrontDistribution_noOptionalItems
=== PAUSE TestAccCloudFrontDistribution_noOptionalItems
=== RUN   TestAccCloudFrontDistribution_http11
=== PAUSE TestAccCloudFrontDistribution_http11
=== RUN   TestAccCloudFrontDistribution_isIPV6Enabled
=== PAUSE TestAccCloudFrontDistribution_isIPV6Enabled
=== RUN   TestAccCloudFrontDistribution_noCustomErrorResponse
=== PAUSE TestAccCloudFrontDistribution_noCustomErrorResponse
=== RUN   TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValuesCookies_whitelistedNames
=== PAUSE TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValuesCookies_whitelistedNames
=== RUN   TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValues_headers
=== PAUSE TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValues_headers
=== RUN   TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedKeyGroups
=== PAUSE TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedKeyGroups
=== RUN   TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedSigners
=== PAUSE TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedSigners
=== RUN   TestAccCloudFrontDistribution_DefaultCacheBehavior_realtimeLogARN
=== PAUSE TestAccCloudFrontDistribution_DefaultCacheBehavior_realtimeLogARN
=== RUN   TestAccCloudFrontDistribution_OrderedCacheBehavior_realtimeLogARN
=== PAUSE TestAccCloudFrontDistribution_OrderedCacheBehavior_realtimeLogARN
=== RUN   TestAccCloudFrontDistribution_enabled
=== PAUSE TestAccCloudFrontDistribution_enabled
=== RUN   TestAccCloudFrontDistribution_retainOnDelete
=== PAUSE TestAccCloudFrontDistribution_retainOnDelete
=== RUN   TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValuesCookies_whitelistedNames
=== PAUSE TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValuesCookies_whitelistedNames
=== RUN   TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValues_headers
=== PAUSE TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValues_headers
=== RUN   TestAccCloudFrontDistribution_ViewerCertificate_acmCertificateARN
=== PAUSE TestAccCloudFrontDistribution_ViewerCertificate_acmCertificateARN
=== RUN   TestAccCloudFrontDistribution_ViewerCertificateACMCertificateARN_conflictsWithCloudFrontDefaultCertificate
=== PAUSE TestAccCloudFrontDistribution_ViewerCertificateACMCertificateARN_conflictsWithCloudFrontDefaultCertificate
=== RUN   TestAccCloudFrontDistribution_waitForDeployment
=== PAUSE TestAccCloudFrontDistribution_waitForDeployment
=== RUN   TestAccCloudFrontDistribution_preconditionFailed
=== PAUSE TestAccCloudFrontDistribution_preconditionFailed
=== RUN   TestAccCloudFrontDistribution_originGroups
=== PAUSE TestAccCloudFrontDistribution_originGroups
=== CONT  TestAccCloudFrontContinuousDeploymentPolicy_basic
=== CONT  TestAccCloudFrontDistribution_Origin_originAccessControl
=== CONT  TestAccCloudFrontDistribution_originGroups
=== CONT  TestAccCloudFrontDistribution_preconditionFailed
--- PASS: TestAccCloudFrontDistribution_originGroups (550.58s)
=== CONT  TestAccCloudFrontDistribution_waitForDeployment
--- PASS: TestAccCloudFrontDistribution_preconditionFailed (855.25s)
=== CONT  TestAccCloudFrontDistribution_ViewerCertificateACMCertificateARN_conflictsWithCloudFrontDefaultCertificate
--- PASS: TestAccCloudFrontDistribution_Origin_originAccessControl (888.74s)
=== CONT  TestAccCloudFrontDistribution_ViewerCertificate_acmCertificateARN
--- PASS: TestAccCloudFrontDistribution_ViewerCertificateACMCertificateARN_conflictsWithCloudFrontDefaultCertificate (221.24s)
=== CONT  TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValues_headers
--- PASS: TestAccCloudFrontContinuousDeploymentPolicy_basic (1124.39s)
=== CONT  TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValuesCookies_whitelistedNames
--- PASS: TestAccCloudFrontDistribution_waitForDeployment (586.86s)
=== CONT  TestAccCloudFrontDistribution_retainOnDelete
--- PASS: TestAccCloudFrontDistribution_ViewerCertificate_acmCertificateARN (256.92s)
=== CONT  TestAccCloudFrontDistribution_enabled
--- PASS: TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValues_headers (249.54s)
=== CONT  TestAccCloudFrontDistribution_OrderedCacheBehavior_realtimeLogARN
--- PASS: TestAccCloudFrontDistribution_OrderedCacheBehaviorForwardedValuesCookies_whitelistedNames (246.37s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehavior_realtimeLogARN
--- PASS: TestAccCloudFrontDistribution_retainOnDelete (452.59s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedSigners
--- PASS: TestAccCloudFrontDistribution_OrderedCacheBehavior_realtimeLogARN (268.64s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedKeyGroups
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehavior_realtimeLogARN (378.06s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValues_headers
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedSigners (214.52s)
=== CONT  TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValuesCookies_whitelistedNames
--- PASS: TestAccCloudFrontDistribution_enabled (659.85s)
=== CONT  TestAccCloudFrontDistribution_noCustomErrorResponse
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehavior_trustedKeyGroups (216.62s)
=== CONT  TestAccCloudFrontDistribution_isIPV6Enabled
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValues_headers (300.96s)
=== CONT  TestAccCloudFrontDistribution_http11
--- PASS: TestAccCloudFrontDistribution_DefaultCacheBehaviorForwardedValuesCookies_whitelistedNames (302.00s)
=== CONT  TestAccCloudFrontDistribution_noOptionalItems
--- PASS: TestAccCloudFrontDistribution_isIPV6Enabled (464.76s)
=== CONT  TestAccCloudFrontDistribution_multiOrigin
--- PASS: TestAccCloudFrontDistribution_noCustomErrorResponse (476.56s)
=== CONT  TestAccCloudFrontDistribution_Origin_originShield
--- PASS: TestAccCloudFrontDistribution_http11 (461.90s)
=== CONT  TestAccCloudFrontDistribution_Origin_connectionTimeout
--- PASS: TestAccCloudFrontDistribution_noOptionalItems (421.92s)
=== CONT  TestAccCloudFrontDistribution_Origin_connectionAttempts
--- PASS: TestAccCloudFrontDistribution_multiOrigin (475.65s)
=== CONT  TestAccCloudFrontDistribution_Origin_emptyOriginID
--- PASS: TestAccCloudFrontDistribution_Origin_emptyOriginID (2.54s)
=== CONT  TestAccCloudFrontDistribution_Origin_emptyDomainName
--- PASS: TestAccCloudFrontDistribution_Origin_emptyDomainName (2.72s)
=== CONT  TestAccCloudFrontDistribution_forwardedValuesToCachePolicy
--- PASS: TestAccCloudFrontDistribution_Origin_originShield (475.72s)
=== CONT  TestAccCloudFrontDistribution_orderedCacheBehaviorResponseHeadersPolicy
--- PASS: TestAccCloudFrontDistribution_Origin_connectionAttempts (462.33s)
=== CONT  TestAccCloudFrontDistribution_orderedCacheBehaviorCachePolicy
--- PASS: TestAccCloudFrontDistribution_Origin_connectionTimeout (485.96s)
=== CONT  TestAccCloudFrontDistribution_orderedCacheBehavior
--- PASS: TestAccCloudFrontDistribution_orderedCacheBehaviorResponseHeadersPolicy (590.99s)
=== CONT  TestAccCloudFrontDistribution_tags
--- PASS: TestAccCloudFrontDistribution_orderedCacheBehaviorCachePolicy (616.07s)
=== CONT  TestAccCloudFrontDistribution_originPolicyOrdered
--- PASS: TestAccCloudFrontDistribution_tags (304.55s)
=== CONT  TestAccCloudFrontDistribution_originPolicyDefault
--- PASS: TestAccCloudFrontDistribution_orderedCacheBehavior (698.62s)
=== CONT  TestAccCloudFrontDistribution_customOrigin
--- PASS: TestAccCloudFrontDistribution_forwardedValuesToCachePolicy (943.63s)
=== CONT  TestAccCloudFrontDistribution_s3Origin
--- PASS: TestAccCloudFrontDistribution_originPolicyOrdered (502.96s)
=== CONT  TestAccCloudFrontDistribution_basic
--- PASS: TestAccCloudFrontDistribution_originPolicyDefault (461.70s)
=== CONT  TestAccCloudFrontDistribution_disappears
--- PASS: TestAccCloudFrontDistribution_s3Origin (470.40s)
=== CONT  TestAccCloudFrontContinuousDeploymentPolicy_trafficConfig
--- PASS: TestAccCloudFrontDistribution_customOrigin (482.79s)
=== CONT  TestAccCloudFrontContinuousDeploymentPolicy_disappears
--- PASS: TestAccCloudFrontDistribution_disappears (196.53s)
--- PASS: TestAccCloudFrontDistribution_basic (202.88s)
--- PASS: TestAccCloudFrontContinuousDeploymentPolicy_disappears (583.16s)
--- PASS: TestAccCloudFrontContinuousDeploymentPolicy_trafficConfig (1093.93s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/cloudfront	5270.485s

@jar-b jar-b merged commit 1632318 into main Aug 10, 2023
41 checks passed
@jar-b jar-b deleted the f-continuous_deployment_policy branch August 10, 2023 20:04
@github-actions github-actions bot added this to the v5.12.0 milestone Aug 10, 2023
github-actions bot pushed a commit that referenced this pull request Aug 10, 2023
Update CHANGELOG.md for #32936
ba9babf
@github-actions
Copy link

This functionality has been released in v5.12.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@joshaw
Copy link

joshaw commented Aug 31, 2023

Hi. When upgrading the aws provider to include this change, aws_cloudfront_distributions are marked as requiring replacement. This isn't exactly a desirable impact as we've not made any change.

Terraform will perform the following actions:

  # module.flex.aws_cloudfront_distribution.frontend must be replaced
-/+ resource "aws_cloudfront_distribution" "frontend" {
      ~ arn                            = "..." -> (known after apply)
      ~ caller_reference               = "..." -> (known after apply)
      ~ domain_name                    = "....cloudfront.net" -> (known after apply)
      ~ etag                           = "..." -> (known after apply)
      ~ hosted_zone_id                 = "..." -> (known after apply)
      ~ id                             = "..." -> (known after apply)
      ~ in_progress_validation_batches = 0 -> (known after apply)
      ~ last_modified_time             = "2023-01-01 01:01:01.000 +0000 UTC" -> (known after apply)
      + staging                        = false # forces replacement
      ~ status                         = "Deployed" -> (known after apply)
      - tags                           = {} -> null
      ...
  1. Is this expected behaviour (the forces replacement effect), given the default value is false (according to the docs)?
  2. Is there any way to avoid the replacement and just update the state?

Thanks.

@jar-b
Copy link
Member Author

jar-b commented Aug 31, 2023

Hi @joshaw - I suspect this behavior may be surfacing because the distribution is managed within a module, versus the root configuration. In a minimal reproduction I'm able to create a distribution with v5.11.0 (last release prior to the staging attribute addition) and upgrade to v5.14.0 without planned changes.

Show/Hide Reproduction 
% terraform -v
Terraform v1.5.6
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v5.11.0
% terraform state show aws_cloudfront_distribution.test
# aws_cloudfront_distribution.test:
resource "aws_cloudfront_distribution" "test" {
    arn                            = "arn:aws:cloudfront::<redacted>:distribution/E5X3A02ABA9VI"
    caller_reference               = "terraform-20230831172837150800000001"
    domain_name                    = "duw7kxbs3shas.cloudfront.net"
    enabled                        = true
    etag                           = "E2IH1MAAVWQ9IK"
    hosted_zone_id                 = "Z2FDTNDATAQYW2"
    http_version                   = "http2"
    id                             = "E5X3A02ABA9VI"
    in_progress_validation_batches = 0
    is_ipv6_enabled                = false
    last_modified_time             = "2023-08-31 17:28:37.35 +0000 UTC"
    price_class                    = "PriceClass_All"
    retain_on_delete               = false
    status                         = "Deployed"
    tags_all                       = {}
    trusted_key_groups             = [
        {
            enabled = false
            items   = []
        },
    ]
    trusted_signers                = [
        {
            enabled = false
            items   = []
        },
    ]
    wait_for_deployment            = true

    default_cache_behavior {
        allowed_methods        = [
            "GET",
            "HEAD",
        ]
        cached_methods         = [
            "GET",
            "HEAD",
        ]
        compress               = false
        default_ttl            = 0
        max_ttl                = 0
        min_ttl                = 0
        smooth_streaming       = false
        target_origin_id       = "test"
        trusted_key_groups     = []
        trusted_signers        = []
        viewer_protocol_policy = "allow-all"

        forwarded_values {
            headers                 = []
            query_string            = false
            query_string_cache_keys = []

            cookies {
                forward           = "all"
                whitelisted_names = []
            }
        }
    }

    origin {
        connection_attempts = 3
        connection_timeout  = 10
        domain_name         = "www.example.com"
        origin_id           = "test"

        custom_origin_config {
            http_port                = 80
            https_port               = 443
            origin_keepalive_timeout = 5
            origin_protocol_policy   = "https-only"
            origin_read_timeout      = 30
            origin_ssl_protocols     = [
                "TLSv1.2",
            ]
        }
    }

    restrictions {
        geo_restriction {
            locations        = []
            restriction_type = "none"
        }
    }

    viewer_certificate {
        cloudfront_default_certificate = true
        minimum_protocol_version       = "TLSv1"
    }
}

Then, changed the pinned provider version and ran terraform init -upgrade.

% terraform -v
Terraform v1.5.6
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v5.14.0
% terraform plan
aws_cloudfront_distribution.test: Refreshing state... [id=E5X3A02ABA9VI]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

After an apply with no changes, the new staging attribute is written to state.

% terraform apply
aws_cloudfront_distribution.test: Refreshing state... [id=E5X3A02ABA9VI]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
% terraform state show aws_cloudfront_distribution.test
# aws_cloudfront_distribution.test:
resource "aws_cloudfront_distribution" "test" {
    aliases                        = []
    arn                            = "arn:aws:cloudfront::<redacted>:distribution/E5X3A02ABA9VI"
    caller_reference               = "terraform-20230831172837150800000001"
    domain_name                    = "duw7kxbs3shas.cloudfront.net"
    enabled                        = true
    etag                           = "E2IH1MAAVWQ9IK"
    hosted_zone_id                 = "Z2FDTNDATAQYW2"
    http_version                   = "http2"
    id                             = "E5X3A02ABA9VI"
    in_progress_validation_batches = 0
    is_ipv6_enabled                = false
    last_modified_time             = "2023-08-31 17:28:37.35 +0000 UTC"
    price_class                    = "PriceClass_All"
    retain_on_delete               = false
    staging                        = false
    status                         = "Deployed"
    tags                           = {}
    tags_all                       = {}
    trusted_key_groups             = [
        {
            enabled = false
            items   = []
        },
    ]
    trusted_signers                = [
        {
            enabled = false
            items   = []
        },
    ]
    wait_for_deployment            = true

    default_cache_behavior {
        allowed_methods        = [
            "GET",
            "HEAD",
        ]
        cached_methods         = [
            "GET",
            "HEAD",
        ]
        compress               = false
        default_ttl            = 0
        max_ttl                = 0
        min_ttl                = 0
        smooth_streaming       = false
        target_origin_id       = "test"
        trusted_key_groups     = []
        trusted_signers        = []
        viewer_protocol_policy = "allow-all"

        forwarded_values {
            headers                 = []
            query_string            = false
            query_string_cache_keys = []

            cookies {
                forward           = "all"
                whitelisted_names = []
            }
        }
    }

    origin {
        connection_attempts = 3
        connection_timeout  = 10
        domain_name         = "www.example.com"
        origin_id           = "test"

        custom_origin_config {
            http_port                = 80
            https_port               = 443
            origin_keepalive_timeout = 5
            origin_protocol_policy   = "https-only"
            origin_read_timeout      = 30
            origin_ssl_protocols     = [
                "TLSv1.2",
            ]
        }
    }

    restrictions {
        geo_restriction {
            locations        = []
            restriction_type = "none"
        }
    }

    viewer_certificate {
        cloudfront_default_certificate = true
        minimum_protocol_version       = "TLSv1"
    }
}

I suspect the additional module layer between the root configuration and distribution resource is preventing Terraform from accurately detecting that "read-only" change. Some possible options to try:

The goal of both would be to get the computed staging value written to state so the module detects no differences at all (even to "read-only" attributes).

@joshaw
Copy link

joshaw commented Sep 1, 2023

That's really helpful context, thank you. I will try those options.

@github-actions
Copy link

github-actions bot commented Oct 2, 2023

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 2, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. generators Relates to code generators. prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. service/cloudfront Issues and PRs that pertain to the cloudfront service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.12.0
Development

Successfully merging this pull request may close these issues.

[Enhancement]: aws_cloudfront_distribution "Continuous deployment"
3 participants
@jar-b @joshaw @ewbankkit