Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Resource: aws_glue_security_configuration #6288

Merged
merged 6 commits into from
Oct 31, 2018
Merged

New Resource: aws_glue_security_configuration #6288

merged 6 commits into from
Oct 31, 2018

Conversation

bflad
Copy link
Contributor

@bflad bflad commented Oct 26, 2018

Closes #6286

Changes proposed in this pull request:

  • New Resource: aws_glue_security_configuration

Output from acceptance testing:

--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (11.83s)
--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (12.00s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (39.17s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (39.26s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (39.38s)

@bflad
New Resource: aws_glue_security_configuration
8be44e6 
```
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (11.83s)
--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (12.00s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (39.17s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (39.26s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (39.38s)
```
@bflad bflad added new-resource Introduces a new resource. service/glue Issues and PRs that pertain to the glue service. labels Oct 26, 2018
@bflad bflad requested a review from a team October 26, 2018 23:43
@ghost ghost added size/XL Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. provider Pertains to the provider itself, rather than any interaction with AWS. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Oct 26, 2018
@bflad bflad mentioned this pull request Oct 26, 2018
Closed
tombuildsstuff
tombuildsstuff approved these changes Oct 31, 2018
View reviewed changes
Copy link
Contributor

@tombuildsstuff tombuildsstuff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some minor comments but this otherwise LGTM 👍

aws/resource_aws_glue_security_configuration.go
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"cloudwatch_encryption": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd argue you could ditch the _encryption suffix here, since you're within encryption_configuration

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we're still preferring to be consistent with the AWS API, CLI, and SDKs for now, with the hopes that maybe the service API authors had a good reason to add all the naming redundancy.

aws/resource_aws_glue_security_configuration.go
},
},
},
"job_bookmarks_encryption": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd argue you could ditch the _encryption suffix here, since you're within encryption_configuration

aws/resource_aws_glue_security_configuration.go
},
},
},
"s3_encryption": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd argue you could ditch the _encryption suffix here, since you're within encryption_configuration

aws/resource_aws_glue_security_configuration.go
}

if err != nil {
return err
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we want to wrap this error to give more context?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes indeed! Will update.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, since this is a helper function, we return the raw error to allow downstream implementers to determine what context they'd like to provide. 😄

website/docs/r/glue_security_configuration.html.markdown
* `cloudwatch_encryption_mode` - (Optional) Encryption mode to use for CloudWatch data. Valid values: `DISABLED`, `SSE-KMS`. Default value: `DISABLED`.
* `kms_key_arn` - (Optional) Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

#### job_bookmarks_encryption Argument Reference
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO this should be:

Suggested change
#### job_bookmarks_encryption Argument Reference
---
A `job_bookmarks_encryption` block as defined below:

website/docs/r/glue_security_configuration.html.markdown
* `job_bookmarks_encryption_mode` - (Optional) Encryption mode to use for job bookmarks data. Valid values: `CSE-KMS`, `DISABLED`. Default value: `DISABLED`.
* `kms_key_arn` - (Optional) Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.

#### s3_encryption Argument Reference
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO this should be:

Suggested change
#### s3_encryption Argument Reference
---
A `s3_encryption` block as defined below:

website/docs/r/glue_security_configuration.html.markdown

#### s3_encryption Argument Reference

* `s3_encryption_mode` - (Optional) Encryption mode to use for S3 data. Valid values: `DISABLED`, `SSE-KMS`, `SSE-S3`. Default value: `DISABLED`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* `s3_encryption_mode` - (Optional) Encryption mode to use for S3 data. Valid values: `DISABLED`, `SSE-KMS`, `SSE-S3`. Default value: `DISABLED`.
* `s3_encryption_mode` - (Optional) Encryption mode to use for S3 data. Possible values are: `DISABLED`, `SSE-KMS`, `SSE-S3`. Defaults to `DISABLED`.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another style consistency thing to followup on, although we do have precedence for Valid values: and Default value: elsewhere.

website/docs/r/glue_security_configuration.html.markdown

#### job_bookmarks_encryption Argument Reference

* `job_bookmarks_encryption_mode` - (Optional) Encryption mode to use for job bookmarks data. Valid values: `CSE-KMS`, `DISABLED`. Default value: `DISABLED`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* `job_bookmarks_encryption_mode` - (Optional) Encryption mode to use for job bookmarks data. Valid values: `CSE-KMS`, `DISABLED`. Default value: `DISABLED`.
* `job_bookmarks_encryption_mode` - (Optional) Encryption mode to use for job bookmarks data. Possible values are `CSE-KMS`, `DISABLED`. Defaults to `DISABLED`.

website/docs/r/glue_security_configuration.html.markdown

#### cloudwatch_encryption Argument Reference

* `cloudwatch_encryption_mode` - (Optional) Encryption mode to use for CloudWatch data. Valid values: `DISABLED`, `SSE-KMS`. Default value: `DISABLED`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* `cloudwatch_encryption_mode` - (Optional) Encryption mode to use for CloudWatch data. Valid values: `DISABLED`, `SSE-KMS`. Default value: `DISABLED`.
* `cloudwatch_encryption_mode` - (Optional) Encryption mode to use for CloudWatch data. Possible values are `DISABLED`, `SSE-KMS`. Defaults to `DISABLED`.

tombuildsstuff and others added 5 commits October 31, 2018 13:09
@tombuildsstuff @bflad
docs/resource/aws_glue_security_configuration: Add Glue to id attri…
6a05960 
…bute documentation

Co-Authored-By: bflad <[email protected]>
@tombuildsstuff @bflad
docs/resource/aws_glue_security_configuration: Update s3_encrytion
52375e1 
…attribute description

Co-Authored-By: bflad <[email protected]>
@tombuildsstuff @bflad
docs/resource/aws_glue_security_configuration: Update `cloudwatch_enc…
6b5143f 
…rytion` attribute description

Co-Authored-By: bflad <[email protected]>
@tombuildsstuff @bflad
docs/resource/aws_glue_security_configuration: Update `job_bookmarks_…
938a763 
…encryption` attribute description

Co-Authored-By: bflad <[email protected]>
@bflad
resource/aws_glue_security_configuration: Use append() for expandGlue…
a1ff22b 
…S3Encryptions and flattenGlueS3Encryptions since elements may be skipped

```
--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (11.52s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (11.97s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (39.27s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (39.42s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (39.49s)
```
@bflad
Copy link
Contributor Author

bflad commented Oct 31, 2018

Updated, passes testing, merging!

--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (11.52s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (11.97s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (39.27s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (39.42s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (39.49s)

@bflad bflad added this to the v1.42.0 milestone Oct 31, 2018
@bflad bflad merged commit 8229068 into master Oct 31, 2018
@bflad bflad deleted the f-aws_glue_security_configuration branch October 31, 2018 17:30
bflad added a commit that referenced this pull request Oct 31, 2018
@bflad
Update CHANGELOG for #6288
5da784a
@bflad
Copy link
Contributor Author

bflad commented Nov 1, 2018

This has been released in version 1.42.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@ghost
Copy link

ghost commented Apr 2, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 2, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tombuildsstuff tombuildsstuff tombuildsstuff approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. new-resource Introduces a new resource. provider Pertains to the provider itself, rather than any interaction with AWS. service/glue Issues and PRs that pertain to the glue service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v1.42.0
Development

Successfully merging this pull request may close these issues.

Feature Request: Resource for Managing Glue Security Configurations
2 participants
@bflad @tombuildsstuff