-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't send empty kms_arn in glue_security_configuration if mode is DISABLED #13618
Don't send empty kms_arn in glue_security_configuration if mode is DISABLED #13618
Conversation
* If logs and/or bookmark encryption are DISABLED, don't send these fields empty to the API call
Hey @AndresCidoncha, can you also add an acceptance test to verify the use case? |
Hey @DrFaust92 , I wanted to do a new test but I found a problem: The empty configuration is already tested in There's a way to validate the fields sent in the request to AWS? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor comment, lets just run the basic test and ill verify all other. Looks good to me.
@@ -214,7 +214,9 @@ func expandGlueCloudWatchEncryption(l []interface{}) *glue.CloudWatchEncryption | |||
} | |||
|
|||
if v, ok := m["kms_key_arn"]; ok { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lets remove the extra if by doing this:
if v, ok := m["kms_key_arn"]; ok && v.(string) != "" {
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@@ -248,7 +250,9 @@ func expandGlueJobBookmarksEncryption(l []interface{}) *glue.JobBookmarksEncrypt | |||
} | |||
|
|||
if v, ok := m["kms_key_arn"]; ok { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as above
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (46.12s)
--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (46.38s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (61.96s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (61.98s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (63.91s)
LGTM 🚀 Thanks @AndresCidoncha! Verified Acceptance Tests in Commercial (us-west-2) make testacc TEST=./aws TESTARGS='-run=TestAccAWSGlueSecurityConfiguration_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSGlueSecurityConfiguration_ -timeout 120m
=== RUN TestAccAWSGlueSecurityConfiguration_Basic
=== PAUSE TestAccAWSGlueSecurityConfiguration_Basic
=== RUN TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS
=== PAUSE TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS
=== RUN TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS
=== PAUSE TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS
=== RUN TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS
=== PAUSE TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS
=== RUN TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3
=== PAUSE TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3
=== CONT TestAccAWSGlueSecurityConfiguration_Basic
=== CONT TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS
=== CONT TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3
=== CONT TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS
=== CONT TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (18.15s)
--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (18.20s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (19.85s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (20.19s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (20.21s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 21.582s Verified Acceptance Tests in GovCloud (us-gov-west-1) make testacc TEST=./aws TESTARGS='-run=TestAccAWSGlueSecurityConfiguration_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSGlueSecurityConfiguration_ -timeout 120m
=== RUN TestAccAWSGlueSecurityConfiguration_Basic
=== PAUSE TestAccAWSGlueSecurityConfiguration_Basic
=== RUN TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS
=== PAUSE TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS
=== RUN TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS
=== PAUSE TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS
=== RUN TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS
=== PAUSE TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS
=== RUN TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3
=== PAUSE TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3
=== CONT TestAccAWSGlueSecurityConfiguration_Basic
=== CONT TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS
=== CONT TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3
=== CONT TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS
=== CONT TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS
--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (13.44s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (13.49s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (15.47s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (15.68s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (15.80s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 17.126s |
This has been released in version 3.12.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
Closes #13620
Release note for CHANGELOG:
Output from acceptance testing: