Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: adding transit gateway security group referencing support #34542

Merged
merged 6 commits into from
Sep 26, 2024
Merged

feat: adding transit gateway security group referencing support #34542

merged 6 commits into from
Sep 26, 2024

Conversation

phergoualch
Copy link
Contributor

Description

AWS released a much anticipated feature to reference security groups across VPCs attached to a Transit Gateway. They added it to the Transit Gateway documentation and then rolled it back, so I'm not sure if this was a mistake and they are waiting for re:invent (no blog post has been published yet).
Anyway, the feature is available in the GO SDK from version v1.48.1.

Relations

Closes #34541

References

https://github.com/aws/aws-sdk-go/releases/tag/v1.48.1

Output from Acceptance Testing

% make testacc TESTS=TestAccXXX PKG=ec2

...

@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/L Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/transitgateway Issues and PRs that pertain to the transitgateway service. labels Nov 23, 2023
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Nov 23, 2023
github-actions[bot]
github-actions bot reviewed Nov 23, 2023
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @phergoualch 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@phergoualch phergoualch force-pushed the f-transit-gateway-security-group-referencing-support branch from b31e6fd to 0efe03d Compare November 23, 2023 13:57
@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Dec 1, 2023
@ewbankkit
Copy link
Contributor

Let's wait until there has been an announcement to merge this.

@Michagogo
Copy link
Contributor

I can confirm that despite it being in the SDKs (and the CLI) it doesn’t actually work yet. Trying to specify that option via the CLI returns an error saying that it’s not supported in this region, and the option doesn’t appear in the API Reference, and the documentation specifically mentions that it’s not possible yet.

@Tuurtje
Copy link

Tuurtje commented Apr 5, 2024

I asked AWS support 4 months ago. Unfortunately it still hasn't been released.

Hello!

My name is xxxxxxx with AWS Support. I understand that you would like to know when security group referencing will be released for Transit Gateway.

At this time there is no ETA that can be provided.

I will say that the feature is very close and it was to be released late this year, but some unforseen challenges have prevented this from being rolled out entirely. Once the Transit Gateway teams decide to release this feature you will see that here https://aws.amazon.com/about-aws/whats-new/networking_and_content_delivery/ .

@telepath
Copy link

telepath commented Jul 1, 2024

How are features handled during their rollout? Obviously some regions get new features first, but I assume there will also be users who get access to new features before others or even before an official release. For those users it would be beneficial if they could use terraform with the new feature and also test the terraform implementation.
Is there some pre-release branch that such users could use for testing?

@nicolas-fidel-wmx
Copy link

@phergoualch Do you have any news?

@nicolas-fidel-wmx
Copy link

https://docs.aws.amazon.com/vpc/latest/tgw/working-with-transit-gateways.html

@ewbankkit ewbankkit added the enhancement Requests to existing resources that expand the functionality or scope. label Sep 26, 2024
@ewbankkit ewbankkit self-assigned this Sep 26, 2024
@github-actions github-actions bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Sep 26, 2024
@ewbankkit
Merge branch 'main' into HEAD
09537f6 
# Conflicts:
#	internal/service/ec2/transitgateway_.go
#	internal/service/ec2/transitgateway_data_source.go
#	internal/service/ec2/transitgateway_data_source_test.go
#	internal/service/ec2/transitgateway_test.go
#	internal/service/ec2/transitgateway_vpc_attachment.go
#	internal/service/ec2/transitgateway_vpc_attachment_accepter_test.go
#	internal/service/ec2/transitgateway_vpc_attachment_data_source.go
#	internal/service/ec2/transitgateway_vpc_attachment_test.go
@ewbankkit ewbankkit requested a review from a team as a code owner September 26, 2024 15:02
@ewbankkit ewbankkit mentioned this pull request Sep 26, 2024
Closed
ewbankkit
ewbankkit approved these changes Sep 26, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% ACCTEST_TIMEOUT=720m make testacc TESTARGS='-run=TestAccTransitGateway_serial' PKG=ec2
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.1 test ./internal/service/ec2/... -v -count 1 -parallel 20  -run=TestAccTransitGateway_serial -timeout 720m
=== RUN   TestAccTransitGateway_serial
=== PAUSE TestAccTransitGateway_serial
=== CONT  TestAccTransitGateway_serial
=== RUN   TestAccTransitGateway_serial/MulticastGroupMember_basic
=== PAUSE TestAccTransitGateway_serial/MulticastGroupMember_basic
=== RUN   TestAccTransitGateway_serial/MulticastGroupMember_disappears
=== PAUSE TestAccTransitGateway_serial/MulticastGroupMember_disappears
=== RUN   TestAccTransitGateway_serial/MulticastGroupMember_DomainDisappears
=== PAUSE TestAccTransitGateway_serial/MulticastGroupMember_DomainDisappears
=== RUN   TestAccTransitGateway_serial/MulticastGroupMember_TwoMembers
=== PAUSE TestAccTransitGateway_serial/MulticastGroupMember_TwoMembers
=== RUN   TestAccTransitGateway_serial/PolicyTable_tags
=== PAUSE TestAccTransitGateway_serial/PolicyTable_tags
=== RUN   TestAccTransitGateway_serial/PolicyTable_basic
=== PAUSE TestAccTransitGateway_serial/PolicyTable_basic
=== RUN   TestAccTransitGateway_serial/PolicyTable_disappears
=== PAUSE TestAccTransitGateway_serial/PolicyTable_disappears
=== RUN   TestAccTransitGateway_serial/PolicyTable_disappearsTransitGateway
=== PAUSE TestAccTransitGateway_serial/PolicyTable_disappearsTransitGateway
=== RUN   TestAccTransitGateway_serial/PolicyTableAssociation_basic
=== PAUSE TestAccTransitGateway_serial/PolicyTableAssociation_basic
=== RUN   TestAccTransitGateway_serial/PolicyTableAssociation_disappears
=== PAUSE TestAccTransitGateway_serial/PolicyTableAssociation_disappears
=== RUN   TestAccTransitGateway_serial/PrefixListReference_basic
=== PAUSE TestAccTransitGateway_serial/PrefixListReference_basic
=== RUN   TestAccTransitGateway_serial/PrefixListReference_disappears
=== PAUSE TestAccTransitGateway_serial/PrefixListReference_disappears
=== RUN   TestAccTransitGateway_serial/PrefixListReference_disappearsTransitGateway
=== PAUSE TestAccTransitGateway_serial/PrefixListReference_disappearsTransitGateway
=== RUN   TestAccTransitGateway_serial/PrefixListReference_TransitGatewayAttachmentId
=== PAUSE TestAccTransitGateway_serial/PrefixListReference_TransitGatewayAttachmentId
=== RUN   TestAccTransitGateway_serial/RouteTable_disappears
=== PAUSE TestAccTransitGateway_serial/RouteTable_disappears
=== RUN   TestAccTransitGateway_serial/RouteTable_disappearsTransitGateway
=== PAUSE TestAccTransitGateway_serial/RouteTable_disappearsTransitGateway
=== RUN   TestAccTransitGateway_serial/RouteTable_tags
=== PAUSE TestAccTransitGateway_serial/RouteTable_tags
=== RUN   TestAccTransitGateway_serial/RouteTable_basic
=== PAUSE TestAccTransitGateway_serial/RouteTable_basic
=== RUN   TestAccTransitGateway_serial/Connect_tags
=== PAUSE TestAccTransitGateway_serial/Connect_tags
=== RUN   TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociation
=== PAUSE TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociation
=== RUN   TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled
=== PAUSE TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled
=== RUN   TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTablePropagation
=== PAUSE TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTablePropagation
=== RUN   TestAccTransitGateway_serial/Connect_basic
=== PAUSE TestAccTransitGateway_serial/Connect_basic
=== RUN   TestAccTransitGateway_serial/Connect_disappears
=== PAUSE TestAccTransitGateway_serial/Connect_disappears
=== RUN   TestAccTransitGateway_serial/MulticastDomain_basic
=== PAUSE TestAccTransitGateway_serial/MulticastDomain_basic
=== RUN   TestAccTransitGateway_serial/MulticastDomain_disappears
=== PAUSE TestAccTransitGateway_serial/MulticastDomain_disappears
=== RUN   TestAccTransitGateway_serial/MulticastDomain_tags
=== PAUSE TestAccTransitGateway_serial/MulticastDomain_tags
=== RUN   TestAccTransitGateway_serial/MulticastDomain_IGMPv2Support
=== PAUSE TestAccTransitGateway_serial/MulticastDomain_IGMPv2Support
=== RUN   TestAccTransitGateway_serial/VpcAttachment_tags
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_tags
=== RUN   TestAccTransitGateway_serial/VpcAttachment_DnsSupport
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_DnsSupport
=== RUN   TestAccTransitGateway_serial/VpcAttachment_Ipv6Support
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_Ipv6Support
=== RUN   TestAccTransitGateway_serial/VpcAttachment_SecurityGroupReferencingSupport
=== RUN   TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTablePropagation
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTablePropagation
=== RUN   TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociation
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociation
=== RUN   TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled
=== RUN   TestAccTransitGateway_serial/VpcAttachment_basic
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_basic
=== RUN   TestAccTransitGateway_serial/VpcAttachment_disappears
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_disappears
=== RUN   TestAccTransitGateway_serial/VpcAttachment_ApplianceModeSupport
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_ApplianceModeSupport
=== RUN   TestAccTransitGateway_serial/VpcAttachment_SharedTransitGateway
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_SharedTransitGateway
=== RUN   TestAccTransitGateway_serial/VpcAttachment_SubnetIds
=== PAUSE TestAccTransitGateway_serial/VpcAttachment_SubnetIds
=== RUN   TestAccTransitGateway_serial/VpcAttachmentAccepter_basic
=== PAUSE TestAccTransitGateway_serial/VpcAttachmentAccepter_basic
=== RUN   TestAccTransitGateway_serial/VpcAttachmentAccepter_tags
=== PAUSE TestAccTransitGateway_serial/VpcAttachmentAccepter_tags
=== RUN   TestAccTransitGateway_serial/VpcAttachmentAccepter_TransitGatewayDefaultRouteTableAssociationAndPropagation
=== PAUSE TestAccTransitGateway_serial/VpcAttachmentAccepter_TransitGatewayDefaultRouteTableAssociationAndPropagation
=== RUN   TestAccTransitGateway_serial/ConnectPeer_BgpAsn
=== PAUSE TestAccTransitGateway_serial/ConnectPeer_BgpAsn
=== RUN   TestAccTransitGateway_serial/ConnectPeer_InsideCidrBlocks
=== PAUSE TestAccTransitGateway_serial/ConnectPeer_InsideCidrBlocks
=== RUN   TestAccTransitGateway_serial/ConnectPeer_TransitGatewayAddress
=== PAUSE TestAccTransitGateway_serial/ConnectPeer_TransitGatewayAddress
=== RUN   TestAccTransitGateway_serial/ConnectPeer_basic
=== PAUSE TestAccTransitGateway_serial/ConnectPeer_basic
=== RUN   TestAccTransitGateway_serial/ConnectPeer_disappears
=== PAUSE TestAccTransitGateway_serial/ConnectPeer_disappears
=== RUN   TestAccTransitGateway_serial/ConnectPeer_tags
=== PAUSE TestAccTransitGateway_serial/ConnectPeer_tags
=== RUN   TestAccTransitGateway_serial/PeeringAttachment_disappears
=== PAUSE TestAccTransitGateway_serial/PeeringAttachment_disappears
=== RUN   TestAccTransitGateway_serial/PeeringAttachment_tags
=== PAUSE TestAccTransitGateway_serial/PeeringAttachment_tags
=== RUN   TestAccTransitGateway_serial/PeeringAttachment_DifferentAccount
=== PAUSE TestAccTransitGateway_serial/PeeringAttachment_DifferentAccount
=== RUN   TestAccTransitGateway_serial/PeeringAttachment_options
    transitgateway_peering_attachment_test.go:66: IncorrectState: You cannot create a dynamic peering attachment
=== RUN   TestAccTransitGateway_serial/PeeringAttachment_basic
=== PAUSE TestAccTransitGateway_serial/PeeringAttachment_basic
=== RUN   TestAccTransitGateway_serial/RouteTableAssociation_disappears
=== PAUSE TestAccTransitGateway_serial/RouteTableAssociation_disappears
=== RUN   TestAccTransitGateway_serial/RouteTableAssociation_ReplaceExistingAssociation
=== PAUSE TestAccTransitGateway_serial/RouteTableAssociation_ReplaceExistingAssociation
=== RUN   TestAccTransitGateway_serial/RouteTableAssociation_basic
=== PAUSE TestAccTransitGateway_serial/RouteTableAssociation_basic
=== RUN   TestAccTransitGateway_serial/RouteTablePropagation_basic
=== PAUSE TestAccTransitGateway_serial/RouteTablePropagation_basic
=== RUN   TestAccTransitGateway_serial/RouteTablePropagation_disappears
=== PAUSE TestAccTransitGateway_serial/RouteTablePropagation_disappears
=== RUN   TestAccTransitGateway_serial/Gateway_Description
=== PAUSE TestAccTransitGateway_serial/Gateway_Description
=== RUN   TestAccTransitGateway_serial/Gateway_DnsSupport
=== PAUSE TestAccTransitGateway_serial/Gateway_DnsSupport
=== RUN   TestAccTransitGateway_serial/Gateway_SecurityGroupReferencingSupport
=== RUN   TestAccTransitGateway_serial/Gateway_tags
=== PAUSE TestAccTransitGateway_serial/Gateway_tags
=== RUN   TestAccTransitGateway_serial/Gateway_AmazonSideASN
=== PAUSE TestAccTransitGateway_serial/Gateway_AmazonSideASN
=== RUN   TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociationAndPropagationDisabled
=== PAUSE TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociationAndPropagationDisabled
=== RUN   TestAccTransitGateway_serial/Gateway_DefaultRouteTablePropagation
=== PAUSE TestAccTransitGateway_serial/Gateway_DefaultRouteTablePropagation
=== RUN   TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociation
=== PAUSE TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociation
=== RUN   TestAccTransitGateway_serial/Gateway_VpnEcmpSupport
=== PAUSE TestAccTransitGateway_serial/Gateway_VpnEcmpSupport
=== RUN   TestAccTransitGateway_serial/Gateway_basic
=== PAUSE TestAccTransitGateway_serial/Gateway_basic
=== RUN   TestAccTransitGateway_serial/Gateway_disappears
=== PAUSE TestAccTransitGateway_serial/Gateway_disappears
=== RUN   TestAccTransitGateway_serial/Gateway_AutoAcceptSharedAttachments
=== PAUSE TestAccTransitGateway_serial/Gateway_AutoAcceptSharedAttachments
=== RUN   TestAccTransitGateway_serial/Gateway_CidrBlocks
=== PAUSE TestAccTransitGateway_serial/Gateway_CidrBlocks
=== RUN   TestAccTransitGateway_serial/MulticastDomainAssociation_basic
=== PAUSE TestAccTransitGateway_serial/MulticastDomainAssociation_basic
=== RUN   TestAccTransitGateway_serial/MulticastDomainAssociation_disappears
=== PAUSE TestAccTransitGateway_serial/MulticastDomainAssociation_disappears
=== RUN   TestAccTransitGateway_serial/MulticastDomainAssociation_DomainDisappears
=== PAUSE TestAccTransitGateway_serial/MulticastDomainAssociation_DomainDisappears
=== RUN   TestAccTransitGateway_serial/MulticastDomainAssociation_TwoAssociations
=== PAUSE TestAccTransitGateway_serial/MulticastDomainAssociation_TwoAssociations
=== RUN   TestAccTransitGateway_serial/MulticastGroupSource_basic
=== PAUSE TestAccTransitGateway_serial/MulticastGroupSource_basic
=== RUN   TestAccTransitGateway_serial/MulticastGroupSource_disappears
=== PAUSE TestAccTransitGateway_serial/MulticastGroupSource_disappears
=== RUN   TestAccTransitGateway_serial/MulticastGroupSource_DomainDisappears
=== PAUSE TestAccTransitGateway_serial/MulticastGroupSource_DomainDisappears
=== RUN   TestAccTransitGateway_serial/PeeringAttachmentAccepter_basic
=== PAUSE TestAccTransitGateway_serial/PeeringAttachmentAccepter_basic
=== RUN   TestAccTransitGateway_serial/PeeringAttachmentAccepter_tags
=== PAUSE TestAccTransitGateway_serial/PeeringAttachmentAccepter_tags
=== RUN   TestAccTransitGateway_serial/PeeringAttachmentAccepter_DifferentAccount
=== PAUSE TestAccTransitGateway_serial/PeeringAttachmentAccepter_DifferentAccount
=== RUN   TestAccTransitGateway_serial/Route_basic
=== PAUSE TestAccTransitGateway_serial/Route_basic
=== RUN   TestAccTransitGateway_serial/Route_basicIpv6
=== PAUSE TestAccTransitGateway_serial/Route_basicIpv6
=== RUN   TestAccTransitGateway_serial/Route_blackhole
=== PAUSE TestAccTransitGateway_serial/Route_blackhole
=== RUN   TestAccTransitGateway_serial/Route_disappears
=== PAUSE TestAccTransitGateway_serial/Route_disappears
=== RUN   TestAccTransitGateway_serial/Route_disappearsTransitGatewayAttachment
=== PAUSE TestAccTransitGateway_serial/Route_disappearsTransitGatewayAttachment
=== CONT  TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociation
=== CONT  TestAccTransitGateway_serial/MulticastGroupMember_basic
=== CONT  TestAccTransitGateway_serial/Gateway_AmazonSideASN
=== CONT  TestAccTransitGateway_serial/RouteTable_tags
=== CONT  TestAccTransitGateway_serial/MulticastDomain_basic
=== CONT  TestAccTransitGateway_serial/Route_disappearsTransitGatewayAttachment
=== CONT  TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTablePropagation
=== CONT  TestAccTransitGateway_serial/Connect_basic
=== CONT  TestAccTransitGateway_serial/RouteTablePropagation_disappears
=== CONT  TestAccTransitGateway_serial/Gateway_tags
=== CONT  TestAccTransitGateway_serial/Gateway_DefaultRouteTablePropagation
=== CONT  TestAccTransitGateway_serial/Connect_disappears
=== CONT  TestAccTransitGateway_serial/RouteTableAssociation_basic
=== CONT  TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociationAndPropagationDisabled
=== CONT  TestAccTransitGateway_serial/Gateway_DnsSupport
=== CONT  TestAccTransitGateway_serial/Gateway_Description
=== CONT  TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTablePropagation
=== CONT  TestAccTransitGateway_serial/RouteTableAssociation_ReplaceExistingAssociation
=== CONT  TestAccTransitGateway_serial/RouteTablePropagation_basic
=== CONT  TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociation
=== CONT  TestAccTransitGateway_serial/VpcAttachment_Ipv6Support
=== CONT  TestAccTransitGateway_serial/VpcAttachment_DnsSupport
=== CONT  TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled
=== CONT  TestAccTransitGateway_serial/VpcAttachment_tags
=== CONT  TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociation
=== CONT  TestAccTransitGateway_serial/MulticastDomain_IGMPv2Support
=== CONT  TestAccTransitGateway_serial/MulticastDomain_tags
=== CONT  TestAccTransitGateway_serial/Connect_tags
=== CONT  TestAccTransitGateway_serial/MulticastDomain_disappears
=== CONT  TestAccTransitGateway_serial/RouteTable_basic
=== CONT  TestAccTransitGateway_serial/RouteTableAssociation_disappears
=== CONT  TestAccTransitGateway_serial/PeeringAttachment_basic
=== CONT  TestAccTransitGateway_serial/PeeringAttachment_DifferentAccount
=== CONT  TestAccTransitGateway_serial/Route_disappears
=== CONT  TestAccTransitGateway_serial/Route_blackhole
=== CONT  TestAccTransitGateway_serial/PeeringAttachment_tags
=== CONT  TestAccTransitGateway_serial/Route_basicIpv6
=== CONT  TestAccTransitGateway_serial/Route_basic
=== CONT  TestAccTransitGateway_serial/PeeringAttachmentAccepter_DifferentAccount
=== CONT  TestAccTransitGateway_serial/PeeringAttachmentAccepter_tags
=== CONT  TestAccTransitGateway_serial/PeeringAttachmentAccepter_basic
=== CONT  TestAccTransitGateway_serial/MulticastGroupSource_DomainDisappears
=== CONT  TestAccTransitGateway_serial/MulticastGroupSource_disappears
=== CONT  TestAccTransitGateway_serial/MulticastGroupSource_basic
=== CONT  TestAccTransitGateway_serial/MulticastDomainAssociation_TwoAssociations
=== CONT  TestAccTransitGateway_serial/PeeringAttachment_disappears
=== CONT  TestAccTransitGateway_serial/MulticastDomainAssociation_DomainDisappears
=== CONT  TestAccTransitGateway_serial/ConnectPeer_tags
=== NAME  TestAccTransitGateway_serial/PeeringAttachment_DifferentAccount
    transitgateway_peering_attachment_test.go:197: skipping test because at least one environment variable of [AWS_ALTERNATE_PROFILE AWS_ALTERNATE_ACCESS_KEY_ID] must be set. Usage: credentials for running acceptance testing in alternate AWS account.
=== CONT  TestAccTransitGateway_serial/MulticastDomainAssociation_disappears
=== CONT  TestAccTransitGateway_serial/MulticastDomainAssociation_basic
=== CONT  TestAccTransitGateway_serial/Gateway_CidrBlocks
=== CONT  TestAccTransitGateway_serial/Gateway_AutoAcceptSharedAttachments
=== CONT  TestAccTransitGateway_serial/Gateway_disappears
=== CONT  TestAccTransitGateway_serial/Gateway_basic
=== NAME  TestAccTransitGateway_serial/PeeringAttachmentAccepter_DifferentAccount
    transitgateway_peering_attachment_accepter_test.go:125: skipping test because at least one environment variable of [AWS_ALTERNATE_PROFILE AWS_ALTERNATE_ACCESS_KEY_ID] must be set. Usage: credentials for running acceptance testing in alternate AWS account.
=== CONT  TestAccTransitGateway_serial/Gateway_VpnEcmpSupport
=== CONT  TestAccTransitGateway_serial/ConnectPeer_disappears
=== CONT  TestAccTransitGateway_serial/ConnectPeer_basic
=== CONT  TestAccTransitGateway_serial/ConnectPeer_TransitGatewayAddress
=== CONT  TestAccTransitGateway_serial/ConnectPeer_InsideCidrBlocks
=== CONT  TestAccTransitGateway_serial/ConnectPeer_BgpAsn
=== CONT  TestAccTransitGateway_serial/VpcAttachmentAccepter_TransitGatewayDefaultRouteTableAssociationAndPropagation
=== CONT  TestAccTransitGateway_serial/VpcAttachmentAccepter_tags
=== CONT  TestAccTransitGateway_serial/VpcAttachmentAccepter_basic
=== CONT  TestAccTransitGateway_serial/VpcAttachment_SubnetIds
=== CONT  TestAccTransitGateway_serial/VpcAttachment_SharedTransitGateway
=== CONT  TestAccTransitGateway_serial/VpcAttachment_ApplianceModeSupport
=== CONT  TestAccTransitGateway_serial/VpcAttachment_disappears
=== CONT  TestAccTransitGateway_serial/VpcAttachment_basic
=== CONT  TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled
=== CONT  TestAccTransitGateway_serial/PolicyTableAssociation_basic
=== CONT  TestAccTransitGateway_serial/RouteTable_disappearsTransitGateway
=== CONT  TestAccTransitGateway_serial/RouteTable_disappears
=== CONT  TestAccTransitGateway_serial/PrefixListReference_TransitGatewayAttachmentId
=== CONT  TestAccTransitGateway_serial/PrefixListReference_disappearsTransitGateway
=== CONT  TestAccTransitGateway_serial/PrefixListReference_disappears
=== CONT  TestAccTransitGateway_serial/PrefixListReference_basic
=== NAME  TestAccTransitGateway_serial/VpcAttachmentAccepter_TransitGatewayDefaultRouteTableAssociationAndPropagation
    transitgateway_vpc_attachment_accepter_test.go:131: skipping test because at least one environment variable of [AWS_ALTERNATE_PROFILE AWS_ALTERNATE_ACCESS_KEY_ID] must be set. Usage: credentials for running acceptance testing in alternate AWS account.
=== CONT  TestAccTransitGateway_serial/PolicyTableAssociation_disappears
=== NAME  TestAccTransitGateway_serial/VpcAttachmentAccepter_tags
    transitgateway_vpc_attachment_accepter_test.go:77: skipping test because at least one environment variable of [AWS_ALTERNATE_PROFILE AWS_ALTERNATE_ACCESS_KEY_ID] must be set. Usage: credentials for running acceptance testing in alternate AWS account.
=== CONT  TestAccTransitGateway_serial/PolicyTable_tags
=== NAME  TestAccTransitGateway_serial/VpcAttachmentAccepter_basic
    transitgateway_vpc_attachment_accepter_test.go:32: skipping test because at least one environment variable of [AWS_ALTERNATE_PROFILE AWS_ALTERNATE_ACCESS_KEY_ID] must be set. Usage: credentials for running acceptance testing in alternate AWS account.
=== CONT  TestAccTransitGateway_serial/PolicyTable_disappearsTransitGateway
=== CONT  TestAccTransitGateway_serial/PolicyTable_disappears
=== NAME  TestAccTransitGateway_serial/VpcAttachment_SharedTransitGateway
    transitgateway_vpc_attachment_test.go:266: skipping test because at least one environment variable of [AWS_ALTERNATE_PROFILE AWS_ALTERNATE_ACCESS_KEY_ID] must be set. Usage: credentials for running acceptance testing in alternate AWS account.
=== CONT  TestAccTransitGateway_serial/MulticastGroupMember_DomainDisappears
=== CONT  TestAccTransitGateway_serial/PolicyTable_basic
=== CONT  TestAccTransitGateway_serial/MulticastGroupMember_TwoMembers
=== CONT  TestAccTransitGateway_serial/MulticastGroupMember_disappears
--- PASS: TestAccTransitGateway_serial (543.82s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_SecurityGroupReferencingSupport (350.69s)
    --- SKIP: TestAccTransitGateway_serial/PeeringAttachment_options (0.00s)
    --- PASS: TestAccTransitGateway_serial/Gateway_SecurityGroupReferencingSupport (193.12s)
    --- PASS: TestAccTransitGateway_serial/Gateway_AmazonSideASN (179.68s)
    --- PASS: TestAccTransitGateway_serial/RouteTable_tags (215.15s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomain_basic (219.95s)
    --- PASS: TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociation (274.80s)
    --- PASS: TestAccTransitGateway_serial/MulticastGroupMember_basic (414.15s)
    --- PASS: TestAccTransitGateway_serial/Route_disappearsTransitGatewayAttachment (448.53s)
    --- PASS: TestAccTransitGateway_serial/RouteTablePropagation_disappears (528.77s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTablePropagation (530.75s)
    --- PASS: TestAccTransitGateway_serial/Gateway_tags (552.07s)
    --- PASS: TestAccTransitGateway_serial/Connect_basic (554.46s)
    --- PASS: TestAccTransitGateway_serial/Gateway_DefaultRouteTableAssociationAndPropagationDisabled (638.55s)
    --- PASS: TestAccTransitGateway_serial/Gateway_Description (713.36s)
    --- PASS: TestAccTransitGateway_serial/Gateway_DefaultRouteTablePropagation (713.78s)
    --- PASS: TestAccTransitGateway_serial/Gateway_DnsSupport (892.40s)
    --- PASS: TestAccTransitGateway_serial/Connect_disappears (900.60s)
    --- PASS: TestAccTransitGateway_serial/RouteTableAssociation_basic (926.44s)
    --- PASS: TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTablePropagation (1059.28s)
    --- PASS: TestAccTransitGateway_serial/RouteTableAssociation_ReplaceExistingAssociation (1088.40s)
    --- PASS: TestAccTransitGateway_serial/RouteTablePropagation_basic (1217.51s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_Ipv6Support (1095.96s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociation (1308.81s)
    --- PASS: TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled (1157.49s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_DnsSupport (1192.98s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_tags (1299.71s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomain_IGMPv2Support (1130.18s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomain_tags (1235.70s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomain_disappears (1305.49s)
    --- PASS: TestAccTransitGateway_serial/RouteTable_basic (1324.51s)
    --- SKIP: TestAccTransitGateway_serial/PeeringAttachment_DifferentAccount (1165.56s)
    --- PASS: TestAccTransitGateway_serial/Connect_TransitGatewayDefaultRouteTableAssociation (1536.35s)
    --- PASS: TestAccTransitGateway_serial/Connect_tags (1445.62s)
    --- PASS: TestAccTransitGateway_serial/PeeringAttachment_basic (1389.12s)
    --- PASS: TestAccTransitGateway_serial/RouteTableAssociation_disappears (1509.33s)
    --- PASS: TestAccTransitGateway_serial/Route_disappears (1295.78s)
    --- SKIP: TestAccTransitGateway_serial/PeeringAttachmentAccepter_DifferentAccount (970.67s)
    --- PASS: TestAccTransitGateway_serial/PeeringAttachment_tags (1360.93s)
    --- PASS: TestAccTransitGateway_serial/Route_blackhole (1390.97s)
    --- PASS: TestAccTransitGateway_serial/Route_basic (1371.75s)
    --- PASS: TestAccTransitGateway_serial/Route_basicIpv6 (1412.34s)
    --- PASS: TestAccTransitGateway_serial/MulticastGroupSource_DomainDisappears (1343.92s)
    --- PASS: TestAccTransitGateway_serial/PeeringAttachmentAccepter_tags (1511.41s)
    --- PASS: TestAccTransitGateway_serial/MulticastGroupSource_basic (1300.69s)
    --- PASS: TestAccTransitGateway_serial/MulticastGroupSource_disappears (1469.54s)
    --- PASS: TestAccTransitGateway_serial/PeeringAttachmentAccepter_basic (1600.32s)
    --- PASS: TestAccTransitGateway_serial/PeeringAttachment_disappears (1235.98s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomainAssociation_TwoAssociations (1523.45s)
    --- PASS: TestAccTransitGateway_serial/Gateway_CidrBlocks (1293.27s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomainAssociation_disappears (1411.34s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomainAssociation_DomainDisappears (1433.84s)
    --- PASS: TestAccTransitGateway_serial/MulticastDomainAssociation_basic (1450.54s)
    --- PASS: TestAccTransitGateway_serial/Gateway_basic (1223.98s)
    --- PASS: TestAccTransitGateway_serial/Gateway_AutoAcceptSharedAttachments (1315.84s)
    --- PASS: TestAccTransitGateway_serial/Gateway_disappears (1271.83s)
    --- PASS: TestAccTransitGateway_serial/ConnectPeer_tags (1645.42s)
    --- PASS: TestAccTransitGateway_serial/Gateway_VpnEcmpSupport (1382.68s)
    --- PASS: TestAccTransitGateway_serial/ConnectPeer_TransitGatewayAddress (1498.26s)
    --- SKIP: TestAccTransitGateway_serial/VpcAttachmentAccepter_TransitGatewayDefaultRouteTableAssociationAndPropagation (1171.36s)
    --- SKIP: TestAccTransitGateway_serial/VpcAttachmentAccepter_tags (1083.21s)
    --- SKIP: TestAccTransitGateway_serial/VpcAttachmentAccepter_basic (1080.74s)
    --- PASS: TestAccTransitGateway_serial/ConnectPeer_InsideCidrBlocks (1634.62s)
    --- SKIP: TestAccTransitGateway_serial/VpcAttachment_SharedTransitGateway (1105.78s)
    --- PASS: TestAccTransitGateway_serial/ConnectPeer_basic (1819.25s)
    --- PASS: TestAccTransitGateway_serial/ConnectPeer_disappears (1825.20s)
    --- PASS: TestAccTransitGateway_serial/ConnectPeer_BgpAsn (1508.70s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_disappears (1143.05s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_SubnetIds (1526.53s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_TransitGatewayDefaultRouteTableAssociationAndPropagationDisabled (1181.71s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_ApplianceModeSupport (1374.23s)
    --- PASS: TestAccTransitGateway_serial/VpcAttachment_basic (1186.62s)
    --- PASS: TestAccTransitGateway_serial/RouteTable_disappearsTransitGateway (1177.55s)
    --- PASS: TestAccTransitGateway_serial/PrefixListReference_disappearsTransitGateway (1151.18s)
    --- PASS: TestAccTransitGateway_serial/RouteTable_disappears (1262.43s)
    --- PASS: TestAccTransitGateway_serial/PrefixListReference_disappears (1169.85s)
    --- PASS: TestAccTransitGateway_serial/PrefixListReference_basic (870.14s)
    --- PASS: TestAccTransitGateway_serial/PrefixListReference_TransitGatewayAttachmentId (1453.77s)
    --- PASS: TestAccTransitGateway_serial/PolicyTable_tags (930.79s)
    --- PASS: TestAccTransitGateway_serial/PolicyTable_disappearsTransitGateway (1000.74s)
    --- PASS: TestAccTransitGateway_serial/PolicyTable_disappears (897.83s)
    --- PASS: TestAccTransitGateway_serial/PolicyTable_basic (1021.36s)
    --- PASS: TestAccTransitGateway_serial/MulticastGroupMember_DomainDisappears (1181.88s)
    --- PASS: TestAccTransitGateway_serial/MulticastGroupMember_TwoMembers (1298.14s)
    --- PASS: TestAccTransitGateway_serial/MulticastGroupMember_disappears (1327.84s)
    --- PASS: TestAccTransitGateway_serial/PolicyTableAssociation_basic (2250.99s)
    --- PASS: TestAccTransitGateway_serial/PolicyTableAssociation_disappears (2068.79s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/ec2	6576.967s

@ewbankkit
Copy link
Contributor

@phergoualch Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 956d32b into hashicorp:main Sep 26, 2024
40 of 41 checks passed
@github-actions github-actions bot added this to the v5.69.0 milestone Sep 26, 2024
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Sep 26, 2024
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.69.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@acwwat acwwat mentioned this pull request Sep 27, 2024
Closed
@ChristophShyper
Copy link
Contributor

ChristophShyper commented Sep 27, 2024
edited
Loading

Why has the default action been changed from enable to disable?

      ~ security_group_referencing_support              = "enable" -> "disable"

EDIT: Yes. It's output from Terraform plan for TGW attachement, from my configuration drift detection that poped out today.

@Michagogo
Copy link
Contributor

Why has the default action been changed to enable?

      ~ security_group_referencing_support              = "enable" -> "disable"

I’m not sure exactly what you’re quoting there, but I’d guess it’s a snippet of a proposed plan intending to change the value on a TGW attachment? It seems from the AWS release blog post that the default value for both preexisting and new TGWs is for SG referencing to be disabled, while for TGW attachments (again, both existing and new) the default is for it to be enabled. In order to function, both need to be enabled, so the default state is that it doesn’t work, but making it so it does only requires an action on the TGW and not all the attachments (and the only time you need configuration there is if you want to make it selective).

However, in this PR, @phergoualch sets the default value for both resources to disable, thereby deviating from the service defaults and introducing drift into every single existing transit gateway attachment resource.

@ewbankkit Was this simply overlooked in review, or is this a case where the provider intentionally does not match defaults with the service?

@ewbankkit
Copy link
Contributor

@ChristophShyper @Michagogo If this drift causes problems please open a GitHub issue and we can consider a hotfix release. Thanks.

@ewbankkit ewbankkit mentioned this pull request Sep 27, 2024
Closed
@ChristophShyper
Copy link
Contributor

@ChristophShyper @Michagogo If this drift causes problems please open a GitHub issue and we can consider a hotfix release. Thanks.

I haven't had time today to investigate it.
But introducing a new property for a resource I would expect it didn't try to change any value but rather use the AWS default.
Imagine seeing it for all VPCs in all AWS accounts in your organization :)

@fe-ax fe-ax mentioned this pull request Oct 2, 2024
Closed
@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 28, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@ewbankkit ewbankkit

Labels
documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. service/transitgateway Issues and PRs that pertain to the transitgateway service. size/L Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.69.0
Development

Successfully merging this pull request may close these issues.

[Enhancement]: Transit Gateway Security Group Referencing Support
7 participants
@phergoualch @ewbankkit @Michagogo @Tuurtje @telepath @nicolas-fidel-wmx @ChristophShyper