Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS Private S2S VPN #25529

Merged
merged 13 commits into from
Jun 23, 2022
Merged

AWS Private S2S VPN #25529

merged 13 commits into from
Jun 23, 2022

Conversation

NetDevAutomate
Copy link
Contributor

@NetDevAutomate NetDevAutomate commented Jun 22, 2022
edited by ewbankkit
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #25530.

PR for support for Private IP VPNs, a new feature allowing S2S VPN connections to use private ip addresses as the tunnel outside ip address over Direct Connect as transport.

Output from acceptance testing:

$  make testacc TESTS=TestAccSiteVPNConnection_ PKG=ec2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 20 -run='TestAccSiteVPNConnection_'  -timeout 180m
=== RUN   TestAccSiteVPNConnection_basic
=== PAUSE TestAccSiteVPNConnection_basic
=== RUN   TestAccSiteVPNConnection_transitGatewayID
=== PAUSE TestAccSiteVPNConnection_transitGatewayID
=== RUN   TestAccSiteVPNConnection_tunnel1InsideCIDR
=== PAUSE TestAccSiteVPNConnection_tunnel1InsideCIDR
=== RUN   TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR
=== PAUSE TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR
=== RUN   TestAccSiteVPNConnection_tunnel1PreSharedKey
=== PAUSE TestAccSiteVPNConnection_tunnel1PreSharedKey
=== RUN   TestAccSiteVPNConnection_tunnelOptions
=== PAUSE TestAccSiteVPNConnection_tunnelOptions
=== RUN   TestAccSiteVPNConnection_tunnelOptionsLesser
=== PAUSE TestAccSiteVPNConnection_tunnelOptionsLesser
=== RUN   TestAccSiteVPNConnection_staticRoutes
=== PAUSE TestAccSiteVPNConnection_staticRoutes
=== RUN   TestAccSiteVPNConnection_outsideAddressTypePrivate
=== PAUSE TestAccSiteVPNConnection_outsideAddressTypePrivate
=== RUN   TestAccSiteVPNConnection_outsideAddressTypePublic
=== PAUSE TestAccSiteVPNConnection_outsideAddressTypePublic
=== RUN   TestAccSiteVPNConnection_enableAcceleration
=== PAUSE TestAccSiteVPNConnection_enableAcceleration
=== RUN   TestAccSiteVPNConnection_ipv6
=== PAUSE TestAccSiteVPNConnection_ipv6
=== RUN   TestAccSiteVPNConnection_tags
=== PAUSE TestAccSiteVPNConnection_tags
=== RUN   TestAccSiteVPNConnection_specifyIPv4
=== PAUSE TestAccSiteVPNConnection_specifyIPv4
=== RUN   TestAccSiteVPNConnection_specifyIPv6
=== PAUSE TestAccSiteVPNConnection_specifyIPv6
=== RUN   TestAccSiteVPNConnection_disappears
=== PAUSE TestAccSiteVPNConnection_disappears
=== RUN   TestAccSiteVPNConnection_updateCustomerGatewayID
=== PAUSE TestAccSiteVPNConnection_updateCustomerGatewayID
=== RUN   TestAccSiteVPNConnection_updateVPNGatewayID
=== PAUSE TestAccSiteVPNConnection_updateVPNGatewayID
=== RUN   TestAccSiteVPNConnection_updateTransitGatewayID
=== PAUSE TestAccSiteVPNConnection_updateTransitGatewayID
=== RUN   TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID
=== PAUSE TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID
=== RUN   TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID
=== PAUSE TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID
=== CONT  TestAccSiteVPNConnection_basic
=== CONT  TestAccSiteVPNConnection_ipv6
=== CONT  TestAccSiteVPNConnection_updateCustomerGatewayID
=== CONT  TestAccSiteVPNConnection_specifyIPv6
=== CONT  TestAccSiteVPNConnection_disappears
=== CONT  TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID
=== CONT  TestAccSiteVPNConnection_tunnelOptionsLesser
=== CONT  TestAccSiteVPNConnection_specifyIPv4
=== CONT  TestAccSiteVPNConnection_outsideAddressTypePrivate
=== CONT  TestAccSiteVPNConnection_enableAcceleration
=== CONT  TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR
=== CONT  TestAccSiteVPNConnection_tunnel1InsideCIDR
=== CONT  TestAccSiteVPNConnection_tunnel1PreSharedKey
=== CONT  TestAccSiteVPNConnection_staticRoutes
=== CONT  TestAccSiteVPNConnection_tags
=== CONT  TestAccSiteVPNConnection_updateVPNGatewayID
=== CONT  TestAccSiteVPNConnection_outsideAddressTypePublic
=== CONT  TestAccSiteVPNConnection_updateTransitGatewayID
=== CONT  TestAccSiteVPNConnection_tunnelOptions
=== CONT  TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID
--- PASS: TestAccSiteVPNConnection_disappears (237.93s)
=== CONT  TestAccSiteVPNConnection_transitGatewayID
--- PASS: TestAccSiteVPNConnection_tunnel1InsideCIDR (240.27s)
--- PASS: TestAccSiteVPNConnection_tunnel1PreSharedKey (240.32s)
--- PASS: TestAccSiteVPNConnection_staticRoutes (243.16s)
--- PASS: TestAccSiteVPNConnection_outsideAddressTypePublic (243.22s)
--- PASS: TestAccSiteVPNConnection_tunnelOptions (243.24s)
--- PASS: TestAccSiteVPNConnection_basic (245.86s)
--- PASS: TestAccSiteVPNConnection_tags (268.53s)
--- PASS: TestAccSiteVPNConnection_updateCustomerGatewayID (465.99s)
--- PASS: TestAccSiteVPNConnection_updateVPNGatewayID (499.75s)
--- PASS: TestAccSiteVPNConnection_specifyIPv4 (561.93s)
--- PASS: TestAccSiteVPNConnection_transitGatewayID (791.96s)
--- PASS: TestAccSiteVPNConnection_updateTransitGatewayID (1148.08s)
=== CONT  TestAccSiteVPNConnection_tunnelOptionsLesser
    vpnsite_connection_test.go:540: Step 5/5 error: Check failed: 3 errors occurred:
        	* Check 12/52 error: aws_vpn_connection.test: list or set attribute 'tunnel1_phase1_dh_group_numbers' must be checked by element count key (tunnel1_phase1_dh_group_numbers.#) or element value keys (e.g. tunnel1_phase1_dh_group_numbers.0). Set element value checks should use TestCheckTypeSet functions instead.
        	* Check 13/52 error: aws_vpn_connection.test: list or set attribute 'tunnel1_phase1_encryption_algorithms' must be checked by element count key (tunnel1_phase1_encryption_algorithms.#) or element value keys (e.g. tunnel1_phase1_encryption_algorithms.0). Set element value checks should use TestCheckTypeSet functions instead.
        	* Check 14/52 error: aws_vpn_connection.test: list or set attribute 'tunnel1_phase1_integrity_algorithms' must be checked by element count key (tunnel1_phase1_integrity_algorithms.#) or element value keys (e.g. tunnel1_phase1_integrity_algorithms.0). Set element value checks should use TestCheckTypeSet functions instead.

--- FAIL: TestAccSiteVPNConnection_tunnelOptionsLesser (1182.01s)
--- PASS: TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR (1238.79s)
--- PASS: TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID (1240.33s)
--- PASS: TestAccSiteVPNConnection_outsideAddressTypePrivate (1454.86s)
--- PASS: TestAccSiteVPNConnection_specifyIPv6 (1653.20s)
--- PASS: TestAccSiteVPNConnection_enableAcceleration (1693.20s)
--- PASS: TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID (1694.92s)
--- PASS: TestAccSiteVPNConnection_ipv6 (1773.72s)
FAIL
FAIL	github.com/hashicorp/terraform-provider-aws/internal/service/ec2	1776.162s

** Note **
Acceptance tests TestAccSiteVPNConnection_tunnelOptionsLesser fail, however these also failed on previous versions

...

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. service/vpnsite Issues and PRs that pertain to the vpnsite service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Jun 22, 2022
@github-actions
Copy link

Thank you for your contribution! 🚀

Please note that typically Go dependency changes are handled in this repository by dependabot or the maintainers. This is to prevent pull request merge conflicts and further delay reviews of contributions. Remove any changes to the go.mod or go.sum files and commit them into this pull request.

Additional details:

  • Check open pull requests with the dependencies label to view other dependency updates.
  • If this pull request includes an update the AWS Go SDK (or any other dependency) version, only updates submitted via dependabot will be merged. This pull request will need to remove these changes and will need to be rebased after the existing dependency update via dependabot has been merged for this pull request to be reviewed.
  • If this pull request is for supporting a new AWS service:
    • Ensure the new AWS service changes are following the Contributing Guide section on new services, in particular that the dependency addition and initial provider support are in a separate pull request from other changes (e.g. new resources). Contributions not following this item will not be reviewed until the changes are split.
    • If this pull request is already a separate pull request from the above item, you can ignore this message.

@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Jun 22, 2022
AdamTylerLynch
AdamTylerLynch suggested changes Jun 22, 2022
View reviewed changes
Copy link
Collaborator

@AdamTylerLynch AdamTylerLynch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove the changes to the go.mod and go.sum.

@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Jun 22, 2022
@github-actions github-actions bot added size/L Managed by automation to categorize the size of a PR. and removed size/XL Managed by automation to categorize the size of a PR. labels Jun 22, 2022
@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. and removed size/L Managed by automation to categorize the size of a PR. labels Jun 22, 2022
ewbankkit
ewbankkit approved these changes Jun 23, 2022
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccSiteVPNConnection_\|TestAccSiteVPNCustomerGateway_' PKG=ec2 ACCTEST_PARALLELISM=3
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 3  -run=TestAccSiteVPNConnection_\|TestAccSiteVPNCustomerGateway_ -timeout 180m
=== RUN   TestAccSiteVPNConnection_basic
=== PAUSE TestAccSiteVPNConnection_basic
=== RUN   TestAccSiteVPNConnection_transitGatewayID
=== PAUSE TestAccSiteVPNConnection_transitGatewayID
=== RUN   TestAccSiteVPNConnection_tunnel1InsideCIDR
=== PAUSE TestAccSiteVPNConnection_tunnel1InsideCIDR
=== RUN   TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR
=== PAUSE TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR
=== RUN   TestAccSiteVPNConnection_tunnel1PreSharedKey
=== PAUSE TestAccSiteVPNConnection_tunnel1PreSharedKey
=== RUN   TestAccSiteVPNConnection_tunnelOptions
=== PAUSE TestAccSiteVPNConnection_tunnelOptions
=== RUN   TestAccSiteVPNConnection_tunnelOptionsLesser
=== PAUSE TestAccSiteVPNConnection_tunnelOptionsLesser
=== RUN   TestAccSiteVPNConnection_staticRoutes
=== PAUSE TestAccSiteVPNConnection_staticRoutes
=== RUN   TestAccSiteVPNConnection_outsideAddressTypePrivate
=== PAUSE TestAccSiteVPNConnection_outsideAddressTypePrivate
=== RUN   TestAccSiteVPNConnection_outsideAddressTypePublic
=== PAUSE TestAccSiteVPNConnection_outsideAddressTypePublic
=== RUN   TestAccSiteVPNConnection_enableAcceleration
=== PAUSE TestAccSiteVPNConnection_enableAcceleration
=== RUN   TestAccSiteVPNConnection_ipv6
=== PAUSE TestAccSiteVPNConnection_ipv6
=== RUN   TestAccSiteVPNConnection_tags
=== PAUSE TestAccSiteVPNConnection_tags
=== RUN   TestAccSiteVPNConnection_specifyIPv4
=== PAUSE TestAccSiteVPNConnection_specifyIPv4
=== RUN   TestAccSiteVPNConnection_specifyIPv6
=== PAUSE TestAccSiteVPNConnection_specifyIPv6
=== RUN   TestAccSiteVPNConnection_disappears
=== PAUSE TestAccSiteVPNConnection_disappears
=== RUN   TestAccSiteVPNConnection_updateCustomerGatewayID
=== PAUSE TestAccSiteVPNConnection_updateCustomerGatewayID
=== RUN   TestAccSiteVPNConnection_updateVPNGatewayID
=== PAUSE TestAccSiteVPNConnection_updateVPNGatewayID
=== RUN   TestAccSiteVPNConnection_updateTransitGatewayID
=== PAUSE TestAccSiteVPNConnection_updateTransitGatewayID
=== RUN   TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID
=== PAUSE TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID
=== RUN   TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID
=== PAUSE TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID
=== RUN   TestAccSiteVPNCustomerGateway_basic
=== PAUSE TestAccSiteVPNCustomerGateway_basic
=== RUN   TestAccSiteVPNCustomerGateway_disappears
=== PAUSE TestAccSiteVPNCustomerGateway_disappears
=== RUN   TestAccSiteVPNCustomerGateway_privateIpv4
=== PAUSE TestAccSiteVPNCustomerGateway_privateIpv4
=== RUN   TestAccSiteVPNCustomerGateway_tags
=== PAUSE TestAccSiteVPNCustomerGateway_tags
=== RUN   TestAccSiteVPNCustomerGateway_deviceName
=== PAUSE TestAccSiteVPNCustomerGateway_deviceName
=== RUN   TestAccSiteVPNCustomerGateway_4ByteASN
=== PAUSE TestAccSiteVPNCustomerGateway_4ByteASN
=== RUN   TestAccSiteVPNCustomerGateway_certificate
=== PAUSE TestAccSiteVPNCustomerGateway_certificate
=== CONT  TestAccSiteVPNConnection_basic
=== CONT  TestAccSiteVPNConnection_specifyIPv6
=== CONT  TestAccSiteVPNCustomerGateway_basic
--- PASS: TestAccSiteVPNCustomerGateway_basic (27.10s)
=== CONT  TestAccSiteVPNCustomerGateway_certificate
--- PASS: TestAccSiteVPNCustomerGateway_certificate (81.61s)
=== CONT  TestAccSiteVPNCustomerGateway_4ByteASN
--- PASS: TestAccSiteVPNCustomerGateway_4ByteASN (26.08s)
=== CONT  TestAccSiteVPNCustomerGateway_deviceName
--- PASS: TestAccSiteVPNCustomerGateway_deviceName (25.97s)
=== CONT  TestAccSiteVPNCustomerGateway_tags
--- PASS: TestAccSiteVPNConnection_basic (207.41s)
=== CONT  TestAccSiteVPNCustomerGateway_privateIpv4
--- PASS: TestAccSiteVPNCustomerGateway_tags (57.40s)
=== CONT  TestAccSiteVPNCustomerGateway_disappears
--- PASS: TestAccSiteVPNCustomerGateway_privateIpv4 (26.33s)
=== CONT  TestAccSiteVPNConnection_updateCustomerGatewayID
--- PASS: TestAccSiteVPNCustomerGateway_disappears (21.61s)
=== CONT  TestAccSiteVPNConnection_updateVPNGatewayID
--- PASS: TestAccSiteVPNConnection_specifyIPv6 (415.75s)
=== CONT  TestAccSiteVPNConnection_disappears
--- PASS: TestAccSiteVPNConnection_disappears (197.08s)
=== CONT  TestAccSiteVPNConnection_staticRoutes
--- PASS: TestAccSiteVPNConnection_updateCustomerGatewayID (468.45s)
=== CONT  TestAccSiteVPNConnection_specifyIPv4
--- PASS: TestAccSiteVPNConnection_updateVPNGatewayID (491.30s)
=== CONT  TestAccSiteVPNConnection_tags
--- PASS: TestAccSiteVPNConnection_staticRoutes (204.16s)
=== CONT  TestAccSiteVPNConnection_ipv6
--- PASS: TestAccSiteVPNConnection_tags (408.47s)
=== CONT  TestAccSiteVPNConnection_enableAcceleration
--- PASS: TestAccSiteVPNConnection_ipv6 (490.09s)
=== CONT  TestAccSiteVPNConnection_outsideAddressTypePublic
--- PASS: TestAccSiteVPNConnection_specifyIPv4 (613.60s)
=== CONT  TestAccSiteVPNConnection_updateTransitGatewayID
--- PASS: TestAccSiteVPNConnection_updateTransitGatewayID (1619.19s)
=== CONT  TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID
--- PASS: TestAccSiteVPNConnection_outsideAddressTypePublic (1873.90s)
=== CONT  TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID
--- PASS: TestAccSiteVPNConnection_enableAcceleration (2104.59s)
=== CONT  TestAccSiteVPNConnection_outsideAddressTypePrivate
--- PASS: TestAccSiteVPNConnection_transitGatewayIDToVPNGatewayID (637.06s)
=== CONT  TestAccSiteVPNConnection_tunnel1InsideCIDR
--- PASS: TestAccSiteVPNConnection_tunnel1InsideCIDR (199.07s)
=== CONT  TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR
--- PASS: TestAccSiteVPNConnection_vpnGatewayIDToTransitGatewayID (736.98s)
=== CONT  TestAccSiteVPNConnection_tunnelOptionsLesser
--- PASS: TestAccSiteVPNConnection_tunnel1InsideIPv6CIDR (403.67s)
=== CONT  TestAccSiteVPNConnection_tunnelOptions
--- PASS: TestAccSiteVPNConnection_tunnelOptions (203.89s)
=== CONT  TestAccSiteVPNConnection_transitGatewayID
--- PASS: TestAccSiteVPNConnection_outsideAddressTypePrivate (1347.85s)
=== CONT  TestAccSiteVPNConnection_tunnel1PreSharedKey
--- PASS: TestAccSiteVPNConnection_tunnel1PreSharedKey (202.65s)
--- PASS: TestAccSiteVPNConnection_transitGatewayID (426.92s)
--- PASS: TestAccSiteVPNConnection_tunnelOptionsLesser (1248.04s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/ec2	5760.331s

@ewbankkit
Copy link
Contributor 

% make providerlint
==> Checking source code with providerlint...

@ewbankkit
Copy link
Contributor

@NetDevAutomate Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit 6cec4a2 into hashicorp:main Jun 23, 2022
@github-actions github-actions bot added this to the v4.20.0 milestone Jun 23, 2022
@github-actions
Copy link

This functionality has been released in v4.20.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 25, 2022
@justinretzolk justinretzolk added the partner Contribution from a partner. label May 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@AdamTylerLynch AdamTylerLynch AdamTylerLynch requested changes

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. partner Contribution from a partner. service/vpnsite Issues and PRs that pertain to the vpnsite service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v4.20.0
Development

Successfully merging this pull request may close these issues.

AWS Site-to-Site VPN Private IP VPNs support
5 participants
@NetDevAutomate @ewbankkit @AdamTylerLynch @justinretzolk @taylaand