Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Allow specifying ARN as sns_topic_name if region/account is different for aws_cloudtrail #41279

Merged
merged 1 commit into from
Feb 7, 2025
Merged

fix: Allow specifying ARN as sns_topic_name if region/account is different for aws_cloudtrail #41279

merged 1 commit into from
Feb 7, 2025
+101 −23

Conversation

acwwat
Copy link
Contributor

@acwwat acwwat commented Feb 7, 2025

Description

This PR is to fix an issue introduced by #41168 where sns_topic_name is always read as the name instead of ARN, even for an SNS topic in another region or account, for the aws_cloudtrail resource.

The documentation is NOT specify that one can specify an SNS topic ARN as sns_topic_name, nor does it specify that the the SNS topic can be in a different region (and presumably different account). I will open an AWS support case separately to seek clarification, but for now we need to fix the regression.

If you think think we should simply roll back the change and fix it again for 6.x for better compatibility, let me know.

Relations

Closes #41262

References

n/a - documentation is wrong anyway...

Output from Acceptance Testing

Note: I am not sure why TestAccCloudTrail_serial/Trail/migrateV0 always fail in my environment.

$ make testacc TESTS="TestAccCloudTrail_serial/Trail/" PKG=cloudtrail
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.5 test ./internal/service/cloudtrail/... -v -count 1 -parallel 20 -run='TestAccCloudTrail_serial/Trail/'  -timeout 360m -vet=off
2025/02/06 21:50:36 Initializing Terraform AWS Provider...
=== RUN   TestAccCloudTrail_serial
=== PAUSE TestAccCloudTrail_serial
=== CONT  TestAccCloudTrail_serial
=== RUN   TestAccCloudTrail_serial/Trail
=== RUN   TestAccCloudTrail_serial/Trail/enableLogging
=== RUN   TestAccCloudTrail_serial/Trail/snsTopicNameAlternateRegion
=== RUN   TestAccCloudTrail_serial/Trail/tags
=== RUN   TestAccCloudTrail_serial/Trail/eventSelectorDynamoDB
=== RUN   TestAccCloudTrail_serial/Trail/insightSelector
=== RUN   TestAccCloudTrail_serial/Trail/disappears
=== RUN   TestAccCloudTrail_serial/Trail/globalServiceEvents
=== RUN   TestAccCloudTrail_serial/Trail/multiRegion
=== RUN   TestAccCloudTrail_serial/Trail/organization
    trail_test.go:230: this AWS account must be the management account of an AWS Organization
=== RUN   TestAccCloudTrail_serial/Trail/kmsKey
=== RUN   TestAccCloudTrail_serial/Trail/eventSelectorExclude
=== RUN   TestAccCloudTrail_serial/Trail/advancedEventSelector
=== RUN   TestAccCloudTrail_serial/Trail/logValidation
=== RUN   TestAccCloudTrail_serial/Trail/eventSelector
=== RUN   TestAccCloudTrail_serial/Trail/migrateV0
    trail_test.go:817: Step 1/2 error: Check failed: Check 4/4 error: aws_cloudtrail.test: Attribute 'id' expected "tf-acc-test-1052551585322808390", got "arn:aws:cloudtrail:us-west-2:100180206982:trail/tf-acc-test-1052551585322808390"
=== RUN   TestAccCloudTrail_serial/Trail/basic
=== RUN   TestAccCloudTrail_serial/Trail/cloudwatch
=== RUN   TestAccCloudTrail_serial/Trail/snsTopicNameBasic
--- FAIL: TestAccCloudTrail_serial (760.78s)
    --- FAIL: TestAccCloudTrail_serial/Trail (760.78s)
        --- PASS: TestAccCloudTrail_serial/Trail/enableLogging (59.34s)
        --- PASS: TestAccCloudTrail_serial/Trail/snsTopicNameAlternateRegion (32.59s)
        --- PASS: TestAccCloudTrail_serial/Trail/tags (54.54s)
        --- PASS: TestAccCloudTrail_serial/Trail/eventSelectorDynamoDB (33.01s)
        --- PASS: TestAccCloudTrail_serial/Trail/insightSelector (70.45s)
        --- PASS: TestAccCloudTrail_serial/Trail/disappears (24.99s)
        --- PASS: TestAccCloudTrail_serial/Trail/globalServiceEvents (24.80s)
        --- PASS: TestAccCloudTrail_serial/Trail/multiRegion (54.32s)
        --- SKIP: TestAccCloudTrail_serial/Trail/organization (0.79s)
        --- PASS: TestAccCloudTrail_serial/Trail/kmsKey (26.18s)
        --- PASS: TestAccCloudTrail_serial/Trail/eventSelectorExclude (59.07s)
        --- PASS: TestAccCloudTrail_serial/Trail/advancedEventSelector (25.46s)
        --- PASS: TestAccCloudTrail_serial/Trail/logValidation (39.70s)
        --- PASS: TestAccCloudTrail_serial/Trail/eventSelector (87.69s)
        --- FAIL: TestAccCloudTrail_serial/Trail/migrateV0 (22.23s)
        --- PASS: TestAccCloudTrail_serial/Trail/basic (43.39s)
        --- PASS: TestAccCloudTrail_serial/Trail/cloudwatch (59.17s)
        --- PASS: TestAccCloudTrail_serial/Trail/snsTopicNameBasic (43.07s)
FAIL
FAIL    github.com/hashicorp/terraform-provider-aws/internal/service/cloudtrail 761.014s
FAIL
make: *** [GNUmakefile:616: testacc] Error 1

$

@acwwat acwwat requested a review from a team as a code owner February 7, 2025 03:10
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 7, 2025

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/cloudtrail Issues and PRs that pertain to the cloudtrail service. needs-triage Waiting for first response or review from a maintainer. external-maintainer Contribution from a trusted external contributor. labels Feb 7, 2025
@acwwat acwwat force-pushed the b-aws_cloudtrail-fix_sns_topic_name_as_arn branch from 7d9101e to 892e8ea Compare February 7, 2025 03:14
@acwwat
fix: Allow specifying ARN as sns_topic_name if region/account is diff…

Verified

This commit was signed with the committer’s verified signature.
phillebaba Philip Laine
GPG key ID: F6D0B743CA3EFF33
Verified
Learn about vigilant mode
6b4acf9 
…erent for aws_cloudtrail
@acwwat acwwat force-pushed the b-aws_cloudtrail-fix_sns_topic_name_as_arn branch from 892e8ea to 6b4acf9 Compare February 7, 2025 03:27
@justinretzolk justinretzolk added bug Addresses a defect in current functionality. regression Pertains to a degraded workflow resulting from an upstream patch or internal enhancement. and removed needs-triage Waiting for first response or review from a maintainer. labels Feb 7, 2025
@terraform-aws-provider terraform-aws-provider bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Feb 7, 2025
@YakDriver YakDriver self-assigned this Feb 7, 2025
YakDriver
YakDriver approved these changes Feb 7, 2025
View reviewed changes
Copy link
Member

@YakDriver YakDriver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this fix!

% make testacc TESTS="TestAccCloudTrail_serial/Trail/" PKG=cloudtrail
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.5 test ./internal/service/cloudtrail/... -v -count 1 -parallel 20 -run='TestAccCloudTrail_serial/Trail/'  -timeout 360m -vet=off
2025/02/07 14:20:36 Initializing Terraform AWS Provider...
=== RUN   TestAccCloudTrail_serial
=== PAUSE TestAccCloudTrail_serial
=== CONT  TestAccCloudTrail_serial
=== RUN   TestAccCloudTrail_serial/Trail
=== RUN   TestAccCloudTrail_serial/Trail/enableLogging
=== RUN   TestAccCloudTrail_serial/Trail/globalServiceEvents
=== RUN   TestAccCloudTrail_serial/Trail/kmsKey
=== RUN   TestAccCloudTrail_serial/Trail/tags
=== RUN   TestAccCloudTrail_serial/Trail/advancedEventSelector
=== RUN   TestAccCloudTrail_serial/Trail/migrateV0
=== RUN   TestAccCloudTrail_serial/Trail/multiRegion
=== RUN   TestAccCloudTrail_serial/Trail/organization
    trail_test.go:230: this AWS account must be the management account of an AWS Organization
=== RUN   TestAccCloudTrail_serial/Trail/insightSelector
=== RUN   TestAccCloudTrail_serial/Trail/cloudwatch
=== RUN   TestAccCloudTrail_serial/Trail/snsTopicNameBasic
=== RUN   TestAccCloudTrail_serial/Trail/eventSelectorDynamoDB
=== RUN   TestAccCloudTrail_serial/Trail/eventSelectorExclude
=== RUN   TestAccCloudTrail_serial/Trail/basic
=== RUN   TestAccCloudTrail_serial/Trail/logValidation
=== RUN   TestAccCloudTrail_serial/Trail/snsTopicNameAlternateRegion
=== RUN   TestAccCloudTrail_serial/Trail/eventSelector
=== RUN   TestAccCloudTrail_serial/Trail/disappears
--- PASS: TestAccCloudTrail_serial (626.32s)
    --- PASS: TestAccCloudTrail_serial/Trail (626.32s)
        --- SKIP: TestAccCloudTrail_serial/Trail/enableLogging (27.13s)
        --- PASS: TestAccCloudTrail_serial/Trail/globalServiceEvents (20.39s)
        --- PASS: TestAccCloudTrail_serial/Trail/kmsKey (22.63s)
        --- PASS: TestAccCloudTrail_serial/Trail/tags (44.54s)
        --- PASS: TestAccCloudTrail_serial/Trail/advancedEventSelector (20.98s)
        --- PASS: TestAccCloudTrail_serial/Trail/migrateV0 (35.94s)
        --- PASS: TestAccCloudTrail_serial/Trail/multiRegion (44.79s)
        --- SKIP: TestAccCloudTrail_serial/Trail/organization (0.69s)
        --- PASS: TestAccCloudTrail_serial/Trail/insightSelector (57.13s)
        --- PASS: TestAccCloudTrail_serial/Trail/cloudwatch (49.07s)
        --- PASS: TestAccCloudTrail_serial/Trail/snsTopicNameBasic (35.39s)
        --- PASS: TestAccCloudTrail_serial/Trail/eventSelectorDynamoDB (31.27s)
        --- PASS: TestAccCloudTrail_serial/Trail/eventSelectorExclude (48.29s)
        --- PASS: TestAccCloudTrail_serial/Trail/basic (35.28s)
        --- PASS: TestAccCloudTrail_serial/Trail/logValidation (33.14s)
        --- PASS: TestAccCloudTrail_serial/Trail/snsTopicNameAlternateRegion (24.50s)
        --- PASS: TestAccCloudTrail_serial/Trail/eventSelector (74.55s)
        --- PASS: TestAccCloudTrail_serial/Trail/disappears (20.60s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/cloudtrail	630.606s

@YakDriver YakDriver merged commit 5772b45 into hashicorp:main Feb 7, 2025
70 checks passed
@github-actions github-actions bot added this to the v5.87.0 milestone Feb 7, 2025
@gdavison gdavison modified the milestones: v5.87.0, v5.86.1 Feb 10, 2025
@acwwat acwwat deleted the b-aws_cloudtrail-fix_sns_topic_name_as_arn branch February 12, 2025 03:23
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Feb 14, 2025
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.86.1 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YakDriver YakDriver

Assignees

@YakDriver YakDriver

Labels
bug Addresses a defect in current functionality. documentation Introduces or discusses updates to documentation. external-maintainer Contribution from a trusted external contributor. regression Pertains to a degraded workflow resulting from an upstream patch or internal enhancement. service/cloudtrail Issues and PRs that pertain to the cloudtrail service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.86.1
Development

Successfully merging this pull request may close these issues.

[Bug]: aws_cloudtrail sns_topic_name always shows changes
4 participants
@acwwat @YakDriver @gdavison @justinretzolk