-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
r/aws_apigatewayv2_domain_name: Support mutual TLS authentication #15249
r/aws_apigatewayv2_domain_name: Support mutual TLS authentication #15249
Conversation
Investigating acceptance test failure... |
4313fbe
to
4b7544b
Compare
Mutual TLS requires that the API Gateway domain name be configured with an $ AWS_APIGATEWAYV2_CERTIFICATE_DOMAIN_NAME=<domain name> make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication -timeout 120m
=== RUN TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
--- PASS: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (109.89s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 109.939s |
…bute. Acceptance test output: $ make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_' ==> Checking that code complies with gofmt requirements... TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_ -timeout 120m === RUN TestAccAWSAPIGatewayV2DomainName_basic === PAUSE TestAccAWSAPIGatewayV2DomainName_basic === RUN TestAccAWSAPIGatewayV2DomainName_disappears === PAUSE TestAccAWSAPIGatewayV2DomainName_disappears === RUN TestAccAWSAPIGatewayV2DomainName_Tags === PAUSE TestAccAWSAPIGatewayV2DomainName_Tags === RUN TestAccAWSAPIGatewayV2DomainName_UpdateCertificate === PAUSE TestAccAWSAPIGatewayV2DomainName_UpdateCertificate === RUN TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication === PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication === CONT TestAccAWSAPIGatewayV2DomainName_basic === CONT TestAccAWSAPIGatewayV2DomainName_UpdateCertificate === CONT TestAccAWSAPIGatewayV2DomainName_Tags === CONT TestAccAWSAPIGatewayV2DomainName_disappears === CONT TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication resource_aws_apigatewayv2_domain_name_test.go:273: Step 1/3 error: terraform failed: exit status 1 stderr: Error: error creating API Gateway v2 domain name: BadRequestException: The certificate provided must be issued by ACM and not imported. (Service: APIGateway; Status Code: 400; Error Code: BadRequestException; Request ID: TOopqAEdPHcEJsw=; Proxy: null) --- FAIL: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (19.79s) === CONT TestAccAWSAPIGatewayV2DomainName_disappears resource_aws_apigatewayv2_domain_name_test.go:115: [INFO] Got non-empty plan, as expected --- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (25.41s) --- PASS: TestAccAWSAPIGatewayV2DomainName_basic (65.41s) --- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (115.63s) --- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (392.86s) FAIL FAIL github.com/terraform-providers/terraform-provider-aws/aws 393.417s FAIL GNUmakefile:27: recipe for target 'testacc' failed make: *** [testacc] Error 1
…ssued private certificate.
…aCertificateAuthorityDisableCA'." This reverts commit aa6d1a451d6ef108aa878f8b9ecbe3e50d8f5501.
… mutual TLS acceptance tests.
c8a2a2d
to
b60662e
Compare
…AwsAcmpcaCertificateAuthorityDisableCA'."" This reverts commit ee22ef2.
…ting mutual TLS (relates: hashicorp#16139). Acceptance test output: $ ACM_CERTIFICATE_ROOT_DOMAIN=<domain name> make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_' ==> Checking that code complies with gofmt requirements... TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_ -timeout 120m === RUN TestAccAWSAPIGatewayV2DomainName_basic === PAUSE TestAccAWSAPIGatewayV2DomainName_basic === RUN TestAccAWSAPIGatewayV2DomainName_disappears === PAUSE TestAccAWSAPIGatewayV2DomainName_disappears === RUN TestAccAWSAPIGatewayV2DomainName_Tags === PAUSE TestAccAWSAPIGatewayV2DomainName_Tags === RUN TestAccAWSAPIGatewayV2DomainName_UpdateCertificate === PAUSE TestAccAWSAPIGatewayV2DomainName_UpdateCertificate === RUN TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication === PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication === CONT TestAccAWSAPIGatewayV2DomainName_basic === CONT TestAccAWSAPIGatewayV2DomainName_UpdateCertificate === CONT TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication === CONT TestAccAWSAPIGatewayV2DomainName_Tags === CONT TestAccAWSAPIGatewayV2DomainName_disappears --- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (22.46s) --- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (83.52s) --- PASS: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (207.72s) --- PASS: TestAccAWSAPIGatewayV2DomainName_basic (240.48s) --- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (758.06s) PASS ok github.com/terraform-providers/terraform-provider-aws/aws 758.484s
Rebased to remove merge conflict. $ ACM_CERTIFICATE_ROOT_DOMAIN=<domain name> make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_ -timeout 120m
=== RUN TestAccAWSAPIGatewayV2DomainName_basic
=== PAUSE TestAccAWSAPIGatewayV2DomainName_basic
=== RUN TestAccAWSAPIGatewayV2DomainName_disappears
=== PAUSE TestAccAWSAPIGatewayV2DomainName_disappears
=== RUN TestAccAWSAPIGatewayV2DomainName_Tags
=== PAUSE TestAccAWSAPIGatewayV2DomainName_Tags
=== RUN TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== PAUSE TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== RUN TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT TestAccAWSAPIGatewayV2DomainName_basic
=== CONT TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== CONT TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT TestAccAWSAPIGatewayV2DomainName_Tags
=== CONT TestAccAWSAPIGatewayV2DomainName_disappears
--- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (22.46s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (83.52s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (207.72s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_basic (240.48s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (758.06s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 758.484s |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM (for what im able to test :D)
--- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (83.31s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (143.04s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_basic (318.41s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (547.88s)
LGTM 🚀 Thanks @ewbankkit Verified Acceptance Tests in Commercial (us-west-2) ACM_CERTIFICATE_ROOT_DOMAIN=terraform-provider-aws-acctest-acm.com make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_ -timeout 120m
=== RUN TestAccAWSAPIGatewayV2DomainName_basic
=== PAUSE TestAccAWSAPIGatewayV2DomainName_basic
=== RUN TestAccAWSAPIGatewayV2DomainName_disappears
=== PAUSE TestAccAWSAPIGatewayV2DomainName_disappears
=== RUN TestAccAWSAPIGatewayV2DomainName_Tags
=== PAUSE TestAccAWSAPIGatewayV2DomainName_Tags
=== RUN TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== PAUSE TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== RUN TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT TestAccAWSAPIGatewayV2DomainName_basic
=== CONT TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== CONT TestAccAWSAPIGatewayV2DomainName_disappears
=== CONT TestAccAWSAPIGatewayV2DomainName_Tags
=== CONT TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
--- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (65.70s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (106.27s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (256.00s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (403.07s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_basic (527.07s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 529.209s
ACM_CERTIFICATE_ROOT_DOMAIN=terraform-provider-aws-acctest-acm.com make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_ -timeout 120m
=== RUN TestAccAWSAPIGatewayV2DomainName_basic
=== PAUSE TestAccAWSAPIGatewayV2DomainName_basic
=== RUN TestAccAWSAPIGatewayV2DomainName_disappears
=== PAUSE TestAccAWSAPIGatewayV2DomainName_disappears
=== RUN TestAccAWSAPIGatewayV2DomainName_Tags
=== PAUSE TestAccAWSAPIGatewayV2DomainName_Tags
=== RUN TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== PAUSE TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== RUN TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT TestAccAWSAPIGatewayV2DomainName_basic
=== CONT TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== CONT TestAccAWSAPIGatewayV2DomainName_Tags
=== CONT TestAccAWSAPIGatewayV2DomainName_disappears
=== CONT TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
resource_aws_apigatewayv2_domain_name_test.go:273: Step 1/4 error: Error running pre-apply refresh: 2020/12/01 10:54:22 [DEBUG] Using modified User-Agent: Terraform/0.12.29 HashiCorp-terraform-exec/0.10.0
Error: no matching Route53Zone found
--- FAIL: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (2.30s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (18.60s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_basic (192.99s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (371.29s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (446.56s)
FAIL
FAIL github.com/terraform-providers/terraform-provider-aws/aws 448.539s
FAIL
make: *** [testacc] Error 1 |
This has been released in version 3.19.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
Relates #15220.
Relates #13527.
Release note for CHANGELOG:
Output from acceptance testing: