Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EKS access entry and policy association changes #35037

Merged
merged 40 commits into from
Jan 18, 2024
Merged

EKS access entry and policy association changes #35037

merged 40 commits into from
Jan 18, 2024

Conversation

sasidhar-aws
Copy link
Contributor

Description

Work in progress to implement access_entry and access_policy_association resources

Relations

Closes #34982

References

Output from Acceptance Testing

% make testacc TESTS=TestAccXXX PKG=ec2

...

@sasidhar-aws sasidhar-aws marked this pull request as draft December 22, 2023 07:00
@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/eks Issues and PRs that pertain to the eks service. labels Dec 22, 2023
@terraform-aws-provider terraform-aws-provider bot added needs-triage Waiting for first response or review from a maintainer. partner Contribution from a partner. labels Dec 22, 2023
andyspiers
andyspiers reviewed Jan 2, 2024
View reviewed changes
Copy link

@andyspiers andyspiers left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some minor grammatical suggestions for the docs

website/docs/d/eks_access_entry.html.markdown Outdated Show resolved Hide resolved
website/docs/r/eks_access_entry.html.markdown Outdated Show resolved Hide resolved
website/docs/r/eks_access_policy_association.html.markdown Outdated Show resolved Hide resolved
@bryantbiggs bryantbiggs mentioned this pull request Jan 15, 2024
Closed
@sasidhar-aws sasidhar-aws marked this pull request as ready for review January 16, 2024 03:20
@sasidhar-aws sasidhar-aws changed the title [WIP] EKS access entry and policy association changes EKS access entry and policy association changes Jan 16, 2024
@github-actions github-actions bot added the generators Relates to code generators. label Jan 16, 2024
@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Jan 17, 2024
@ewbankkit ewbankkit self-assigned this Jan 17, 2024
@terraform-aws-provider terraform-aws-provider bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Jan 17, 2024
@ewbankkit
Check 'access_config' in 'TestAccEKSClusterDataSource_basic'.
b4501e0
@ewbankkit
r/aws_eks_cluster: Additional 'access_config' checks.
e9431c5
@ewbankkit
Remove 'access_config' from acceptance test configuration.
d3ac1ad
@ewbankkit
Fix terrafmt error.
21ff1a8
@ewbankkit
r/aws_eks_cluster: 'access_config' is Computed.
bced003
@ewbankkit
Acceptance test output:
7c19200 
% make testacc TESTARGS='-run=TestAccEKSCluster_AccessConfig\|TestAccEKSCluster_basic\|TestAccEKSClusterDataSource_basic' PKG=eks ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/eks/... -v -count 1 -parallel 2  -run=TestAccEKSCluster_AccessConfig\|TestAccEKSCluster_basic\|TestAccEKSClusterDataSource_basic -timeout 360m
=== RUN   TestAccEKSClusterDataSource_basic
=== PAUSE TestAccEKSClusterDataSource_basic
=== RUN   TestAccEKSCluster_basic
=== PAUSE TestAccEKSCluster_basic
=== RUN   TestAccEKSCluster_AccessConfig_create
=== PAUSE TestAccEKSCluster_AccessConfig_create
=== RUN   TestAccEKSCluster_AccessConfig_update
=== PAUSE TestAccEKSCluster_AccessConfig_update
=== CONT  TestAccEKSClusterDataSource_basic
=== CONT  TestAccEKSCluster_AccessConfig_create
--- PASS: TestAccEKSClusterDataSource_basic (647.09s)
=== CONT  TestAccEKSCluster_AccessConfig_update
--- PASS: TestAccEKSCluster_AccessConfig_create (670.26s)
=== CONT  TestAccEKSCluster_basic
--- PASS: TestAccEKSCluster_basic (619.94s)
--- PASS: TestAccEKSCluster_AccessConfig_update (1495.46s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/eks	1916.223s
@ewbankkit
aws_eks_access_entry: Tidy up and additional tests.
955f816
@ewbankkit
eks: Correct 'resourceAccessEntryUpdate'.
fb7bef3
@ewbankkit
r/aws_eks_access_policy_association: Tidy up and additional tests.
152868a
ewbankkit
ewbankkit approved these changes Jan 18, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccEKSCluster_AccessConfig\|TestAccEKSCluster_basic\|TestAccEKSClusterDataSource_basic' PKG=eks ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/eks/... -v -count 1 -parallel 2  -run=TestAccEKSCluster_AccessConfig\|TestAccEKSCluster_basic\|TestAccEKSClusterDataSource_basic -timeout 360m
=== RUN   TestAccEKSClusterDataSource_basic
=== PAUSE TestAccEKSClusterDataSource_basic
=== RUN   TestAccEKSCluster_basic
=== PAUSE TestAccEKSCluster_basic
=== RUN   TestAccEKSCluster_AccessConfig_create
=== PAUSE TestAccEKSCluster_AccessConfig_create
=== RUN   TestAccEKSCluster_AccessConfig_update
=== PAUSE TestAccEKSCluster_AccessConfig_update
=== CONT  TestAccEKSClusterDataSource_basic
=== CONT  TestAccEKSCluster_AccessConfig_create
--- PASS: TestAccEKSClusterDataSource_basic (647.09s)
=== CONT  TestAccEKSCluster_AccessConfig_update
--- PASS: TestAccEKSCluster_AccessConfig_create (670.26s)
=== CONT  TestAccEKSCluster_basic
--- PASS: TestAccEKSCluster_basic (619.94s)
--- PASS: TestAccEKSCluster_AccessConfig_update (1495.46s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/eks	1916.223s
% make testacc TESTARGS='-run=TestAccEKSAccessEntryDataSource_\|TestAccEKSAccessEntry_' PKG=eks ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/eks/... -v -count 1 -parallel 2  -run=TestAccEKSAccessEntryDataSource_\|TestAccEKSAccessEntry_ -timeout 360m
=== RUN   TestAccEKSAccessEntryDataSource_basic
=== PAUSE TestAccEKSAccessEntryDataSource_basic
=== RUN   TestAccEKSAccessEntry_basic
=== PAUSE TestAccEKSAccessEntry_basic
=== RUN   TestAccEKSAccessEntry_disappears
=== PAUSE TestAccEKSAccessEntry_disappears
=== RUN   TestAccEKSAccessEntry_tags
=== PAUSE TestAccEKSAccessEntry_tags
=== CONT  TestAccEKSAccessEntryDataSource_basic
=== CONT  TestAccEKSAccessEntry_disappears
--- PASS: TestAccEKSAccessEntry_disappears (550.28s)
=== CONT  TestAccEKSAccessEntry_tags
--- PASS: TestAccEKSAccessEntryDataSource_basic (578.12s)
=== CONT  TestAccEKSAccessEntry_basic
--- PASS: TestAccEKSAccessEntry_basic (615.79s)
--- PASS: TestAccEKSAccessEntry_tags (618.88s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/eks	1221.682s
% make testacc TESTARGS='-run=TestAccEKSAccessEntry_Disappears_cluster\|TestAccEKSAccessPolicyAssociation_' PKG=eks ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/eks/... -v -count 1 -parallel 2  -run=TestAccEKSAccessEntry_Disappears_cluster\|TestAccEKSAccessPolicyAssociation_ -timeout 360m
=== RUN   TestAccEKSAccessEntry_Disappears_cluster
=== PAUSE TestAccEKSAccessEntry_Disappears_cluster
=== RUN   TestAccEKSAccessPolicyAssociation_basic
=== PAUSE TestAccEKSAccessPolicyAssociation_basic
=== RUN   TestAccEKSAccessPolicyAssociation_disappears
=== PAUSE TestAccEKSAccessPolicyAssociation_disappears
=== RUN   TestAccEKSAccessPolicyAssociation_Disappears_cluster
=== PAUSE TestAccEKSAccessPolicyAssociation_Disappears_cluster
=== CONT  TestAccEKSAccessEntry_Disappears_cluster
=== CONT  TestAccEKSAccessPolicyAssociation_disappears
--- PASS: TestAccEKSAccessPolicyAssociation_disappears (614.63s)
=== CONT  TestAccEKSAccessPolicyAssociation_Disappears_cluster
--- PASS: TestAccEKSAccessEntry_Disappears_cluster (649.69s)
=== CONT  TestAccEKSAccessPolicyAssociation_basic
--- PASS: TestAccEKSAccessPolicyAssociation_Disappears_cluster (560.58s)
--- PASS: TestAccEKSAccessPolicyAssociation_basic (571.48s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/eks	1230.880s

@ewbankkit
Copy link
Contributor

@sasidhar-aws Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 68f1f9d into hashicorp:main Jan 18, 2024
43 checks passed
@github-actions github-actions bot added this to the v5.33.0 milestone Jan 18, 2024
@z0rc z0rc mentioned this pull request Jan 18, 2024
Closed
@ewbankkit ewbankkit mentioned this pull request Jan 18, 2024
Merged
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.33.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@sidewinder12s sidewinder12s mentioned this pull request Jan 19, 2024
Closed
@AndrewChubatiuk
Copy link

@ewbankkit why type in aws_eks_access_entry is Computed? It should be configurable

@iandrewt
Copy link
Contributor

Agreed - I'd like to use this to configure access entries for Karpenter nodes, which aren't covered by the autoconfiguration for managed node groups.

@AndrewChubatiuk
Copy link

@iandrewt added PR #35391

@panekj
Copy link
Contributor

panekj commented Jan 19, 2024

it's missing user_name field as well

@AndrewChubatiuk
Copy link

@panekj added user_name as well

@stevehipwell stevehipwell mentioned this pull request Jan 19, 2024
Closed
This was referenced Jan 19, 2024
Merged
Merged
sidewinder12s
sidewinder12s reviewed Jan 19, 2024
View reviewed changes
website/docs/r/eks_access_policy_association.html.markdown
---
subcategory: "EKS (Elastic Kubernetes)"
layout: "aws"
page_title: "AWS: aws_eks_access_policy_associattion"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo

Suggested change
page_title: "AWS: aws_eks_access_policy_associattion"
page_title: "AWS: aws_eks_access_policy_association"

@dominik-ba
Copy link

May I ask why access_scope is a block and namespaces & type not a top level argument?

@panekj
Copy link
Contributor

panekj commented Jan 26, 2024

May I ask why access_scope is a block and namespaces & type not a top level argument?

because that's how AWS API defines it: https://docs.aws.amazon.com/eks/latest/APIReference/API_AccessScope.html

@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 26, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@andyspiers andyspiers andyspiers left review comments

@posquit0 posquit0 posquit0 left review comments

@sidewinder12s sidewinder12s sidewinder12s left review comments

@elliot elliot elliot left review comments

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@ewbankkit ewbankkit

Labels
documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. generators Relates to code generators. new-data-source Introduces a new data source. new-resource Introduces a new resource. partner Contribution from a partner. prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. service/eks Issues and PRs that pertain to the eks service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.33.0
Development

Successfully merging this pull request may close these issues.

[New Resource]: Add EKS cluster IAM access management API resources