Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/aws_appmesh_virtual_node: AWS App Mesh support for TLS in transit encryption #12541

Merged
merged 21 commits into from
Sep 30, 2020
Merged

r/aws_appmesh_virtual_node: AWS App Mesh support for TLS in transit encryption #12541

merged 21 commits into from
Sep 30, 2020

Conversation

ewbankkit
Copy link
Contributor

@ewbankkit ewbankkit commented Mar 26, 2020
edited
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #10922.

Includes ACMPCA changes from #13684.
Replaces #12528.
Cherry picked relevant commits from #11850.

Release note for CHANGELOG:

resource/aws_appmesh_virtual_node: Add `spec.backend_defaults`, `spec.backend.virtual_service.client_policy` and `spec.listener.tls` attributes to support TLS in transit encryption

Output from acceptance testing:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSAppmesh'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAppmesh -timeout 120m
=== RUN   TestAccAWSAppmesh
=== RUN   TestAccAWSAppmesh/Route
=== RUN   TestAccAWSAppmesh/Route/tags
=== RUN   TestAccAWSAppmesh/Route/httpHeader
=== RUN   TestAccAWSAppmesh/Route/httpRoute
=== RUN   TestAccAWSAppmesh/Route/tcpRoute
=== RUN   TestAccAWSAppmesh/Route/routePriority
=== RUN   TestAccAWSAppmesh/VirtualNode
=== RUN   TestAccAWSAppmesh/VirtualNode/logging
=== RUN   TestAccAWSAppmesh/VirtualNode/tls
=== RUN   TestAccAWSAppmesh/VirtualNode/tags
=== RUN   TestAccAWSAppmesh/VirtualNode/basic
=== RUN   TestAccAWSAppmesh/VirtualNode/backendDefaults
=== RUN   TestAccAWSAppmesh/VirtualNode/clientPolicyAcm
=== RUN   TestAccAWSAppmesh/VirtualNode/cloudMapServiceDiscovery
=== RUN   TestAccAWSAppmesh/VirtualNode/listenerHealthChecks
=== RUN   TestAccAWSAppmesh/VirtualNode/clientPolicyFile
=== RUN   TestAccAWSAppmesh/VirtualRouter
=== RUN   TestAccAWSAppmesh/VirtualRouter/basic
=== RUN   TestAccAWSAppmesh/VirtualRouter/tags
=== RUN   TestAccAWSAppmesh/VirtualService
=== RUN   TestAccAWSAppmesh/VirtualService/tags
=== RUN   TestAccAWSAppmesh/VirtualService/virtualNode
=== RUN   TestAccAWSAppmesh/VirtualService/virtualRouter
=== RUN   TestAccAWSAppmesh/Mesh
=== RUN   TestAccAWSAppmesh/Mesh/basic
=== RUN   TestAccAWSAppmesh/Mesh/egressFilter
=== RUN   TestAccAWSAppmesh/Mesh/tags
--- PASS: TestAccAWSAppmesh (1254.58s)
    --- PASS: TestAccAWSAppmesh/Route (279.11s)
        --- PASS: TestAccAWSAppmesh/Route/tags (73.22s)
        --- PASS: TestAccAWSAppmesh/Route/httpHeader (51.70s)
        --- PASS: TestAccAWSAppmesh/Route/httpRoute (51.45s)
        --- PASS: TestAccAWSAppmesh/Route/tcpRoute (51.61s)
        --- PASS: TestAccAWSAppmesh/Route/routePriority (51.13s)
    --- PASS: TestAccAWSAppmesh/VirtualNode (564.00s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/logging (46.39s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/tls (96.22s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/tags (65.99s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/basic (29.31s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/backendDefaults (46.03s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/clientPolicyAcm (69.99s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/cloudMapServiceDiscovery (117.82s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/listenerHealthChecks (46.01s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/clientPolicyFile (46.23s)
    --- PASS: TestAccAWSAppmesh/VirtualRouter (109.53s)
        --- PASS: TestAccAWSAppmesh/VirtualRouter/basic (45.67s)
        --- PASS: TestAccAWSAppmesh/VirtualRouter/tags (63.86s)
    --- PASS: TestAccAWSAppmesh/VirtualService (171.36s)
        --- PASS: TestAccAWSAppmesh/VirtualService/tags (72.34s)
        --- PASS: TestAccAWSAppmesh/VirtualService/virtualNode (51.69s)
        --- PASS: TestAccAWSAppmesh/VirtualService/virtualRouter (47.34s)
    --- PASS: TestAccAWSAppmesh/Mesh (130.58s)
        --- PASS: TestAccAWSAppmesh/Mesh/basic (24.52s)
        --- PASS: TestAccAWSAppmesh/Mesh/egressFilter (50.66s)
        --- PASS: TestAccAWSAppmesh/Mesh/tags (55.39s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	1254.639s

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAWSAcmCertificate_privateCert'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 20 -run=TestAccAWSAcmCertificate_privateCert -timeout 120m
=== RUN   TestAccAWSAcmCertificate_privateCert
=== PAUSE TestAccAWSAcmCertificate_privateCert
=== CONT  TestAccAWSAcmCertificate_privateCert
--- PASS: TestAccAWSAcmCertificate_privateCert (34.79s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	34.827s

@ewbankkit ewbankkit requested a review from a team March 26, 2020 14:56
@ghost ghost added size/XXL Managed by automation to categorize the size of a PR. needs-triage Waiting for first response or review from a maintainer. documentation Introduces or discusses updates to documentation. service/acmpca Issues and PRs that pertain to the acmpca service. service/appmesh Issues and PRs that pertain to the appmesh service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Mar 26, 2020
@ewbankkit
Copy link
Contributor Author

Waiting for account limit of number of CAs to be raised before I can continue testing.

@ewbankkit ewbankkit mentioned this pull request Mar 27, 2020
Closed
@ewbankkit
Copy link
Contributor Author

The problem is caused by the ACM certificate being in Failed state when I try and assign it to the Virtual Node's TLS listener. This exposed a bug in the App Mesh service.
For the acceptance test we need to make sure that the associated PCA is activated before attempting to issue a cert.

@ghost ghost added the service/acm Issues and PRs that pertain to the acm service. label Mar 27, 2020
@ewbankkit
Copy link
Contributor Author

ewbankkit commented Mar 27, 2020
edited
Loading

Removing WIP.
Ready for review.

@ewbankkit ewbankkit changed the title [WIP] AWS App Mesh support for TLS in transit encryption AWS App Mesh support for TLS in transit encryption Mar 28, 2020
@ewbankkit ewbankkit mentioned this pull request Apr 9, 2020
Closed
@ewbankkit

This comment has been minimized.

Sign in to view
@ewbankkit

This comment has been minimized.

Sign in to view
@ewbankkit ewbankkit changed the title AWS App Mesh support for TLS in transit encryption [WIP] AWS App Mesh support for TLS in transit encryption Jun 7, 2020
@ewbankkit ewbankkit mentioned this pull request Jun 8, 2020
Merged
@mbamber
Copy link
Contributor

mbamber commented Jun 26, 2020

Is this still a WIP? We'd like to get this merged in, so if there's something I can do to help let me know!

@ewbankkit
Copy link
Contributor Author

@mbamber Yes, still a WIP, mainly because of recent changes to the way some of the acceptance test checks are done; I need to fix some merge conflicts.

@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Jul 26, 2020
@ewbankkit ewbankkit changed the title [WIP] AWS App Mesh support for TLS in transit encryption AWS App Mesh support for TLS in transit encryption Jul 26, 2020
@ewbankkit
r/aws_appmesh_virtual_node: Test backend.virtual_service.client_polic…
f8b7e37 
…y...file attribute.

Acceptance testing output:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSAppmesh/VirtualNode/clientPolicyFile'
==> Checking that code complies with gofmt requirements...
GO111MODULE=off TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAppmesh/VirtualNode/clientPolicyFile -timeout 120m
=== RUN   TestAccAWSAppmesh
=== RUN   TestAccAWSAppmesh/VirtualNode
=== RUN   TestAccAWSAppmesh/VirtualNode/clientPolicyFile
--- PASS: TestAccAWSAppmesh (41.99s)
    --- PASS: TestAccAWSAppmesh/VirtualNode (41.99s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/clientPolicyFile (41.99s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	42.027s
@ewbankkit
r/aws_appmesh_virtual_node: Test backend.virtual_service.client_polic…
9c8df8b 
…y...acm attribute.

Acceptance test output:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSAppmesh/VirtualNode/clientPolicyAcm'
==> Checking that code complies with gofmt requirements...
GO111MODULE=off TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAppmesh/VirtualNode/clientPolicyAcm -timeout 120m
=== RUN   TestAccAWSAppmesh
=== RUN   TestAccAWSAppmesh/VirtualNode
=== RUN   TestAccAWSAppmesh/VirtualNode/clientPolicyAcm
--- PASS: TestAccAWSAppmesh (68.09s)
    --- PASS: TestAccAWSAppmesh/VirtualNode (68.09s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/clientPolicyAcm (68.09s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	68.124s
@ewbankkit
r/aws_appmesh_virtual_node: Add spec.backend_defaults attribute.
bd908b5 
Acceptance test output:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSAppmesh/VirtualNode/clientPolicyFile'
==> Checking that code complies with gofmt requirements...
GO111MODULE=off TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAppmesh/VirtualNode/clientPolicyFile -timeout 120m
=== RUN   TestAccAWSAppmesh
=== RUN   TestAccAWSAppmesh/VirtualNode
=== RUN   TestAccAWSAppmesh/VirtualNode/clientPolicyFile
--- PASS: TestAccAWSAppmesh (42.17s)
    --- PASS: TestAccAWSAppmesh/VirtualNode (42.17s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/clientPolicyFile (42.17s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	42.221s
@ewbankkit
r/aws_appmesh_virtual_node: Test spec.backend_defaults attribute.
58e4381 
Acceptance test output:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSAppmesh/VirtualNode/backendDefaults'
==> Checking that code complies with gofmt requirements...
GO111MODULE=off TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAppmesh/VirtualNode/backendDefaults -timeout 120m
=== RUN   TestAccAWSAppmesh
=== RUN   TestAccAWSAppmesh/VirtualNode
=== RUN   TestAccAWSAppmesh/VirtualNode/backendDefaults
--- PASS: TestAccAWSAppmesh (41.99s)
    --- PASS: TestAccAWSAppmesh/VirtualNode (41.99s)
        --- PASS: TestAccAWSAppmesh/VirtualNode/backendDefaults (41.99s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	42.047s
@ewbankkit
Remove artifacts of other preview features.
e7e8365
@ewbankkit
Remove commented-out references to 'sds'. That features is not out of…
1d18576 
… preview.
@ewbankkit
Use multierror in test sweeper:
4668de1 
$ TEST=./aws SWEEP=us-west-2 SWEEPARGS=-sweep-run=aws_appmesh_virtual_node make sweep
WARNING: This will destroy infrastructure. Use only in development accounts.
go test ./aws -v -sweep=us-west-2 -sweep-run=aws_appmesh_virtual_node -timeout 60m
2020/03/26 12:28:45 [DEBUG] Running Sweepers for region (us-west-2):
2020/03/26 12:28:45 [DEBUG] Running Sweeper (aws_appmesh_virtual_node) in region (us-west-2)
2020/03/26 12:28:45 [INFO] Building AWS auth structure
2020/03/26 12:28:45 [INFO] Setting AWS metadata API timeout to 100ms
2020/03/26 12:28:47 [INFO] Ignoring AWS metadata API endpoint at default location as it doesn't return any instance-id
2020/03/26 12:28:47 [INFO] AWS Auth provider used: "EnvProvider"
2020/03/26 12:28:47 [DEBUG] Trying to get account information via sts:GetCallerIdentity
2020/03/26 12:28:47 [DEBUG] Trying to get account information via sts:GetCallerIdentity
2020/03/26 12:28:48 Sweeper Tests ran successfully:
	- aws_appmesh_virtual_node
ok  	github.com/terraform-providers/terraform-provider-aws/aws	2.607s
@ewbankkit
Fix testAccAwsAppmeshVirtualNode_tls acceptance test.
a357177
@ewbankkit
Simplify certificate handling - Some TODOs.
cfb3d7c
@ewbankkit
r/aws_acmpca_certificate_authority: Test CA activation.
b2b05cf 
Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsAcmpcaCertificateAuthority_Enabled'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 20 -run=TestAccAwsAcmpcaCertificateAuthority_Enabled -timeout 120m
=== RUN   TestAccAwsAcmpcaCertificateAuthority_Enabled
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_Enabled
=== CONT  TestAccAwsAcmpcaCertificateAuthority_Enabled
--- PASS: TestAccAwsAcmpcaCertificateAuthority_Enabled (69.95s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	69.989s

Add 'TestAccAwsAcmpcaCertificateAuthority_disappears'.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsAcmpcaCertificateAuthority_disappears'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 20 -run=TestAccAwsAcmpcaCertificateAuthority_disappears -timeout 120m
=== RUN   TestAccAwsAcmpcaCertificateAuthority_disappears
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_disappears
=== CONT  TestAccAwsAcmpcaCertificateAuthority_disappears
--- PASS: TestAccAwsAcmpcaCertificateAuthority_disappears (25.10s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	25.138s
@ewbankkit
Address TODOs.
78fac67
@ewbankkit
'flattenIntList' -> 'flattenInt64List' to match corresponding 'expand…
7849c50 
…' function.
@ewbankkit
Correct listener index in acceptance tests.
a5387f7
@ewbankkit
Use 'TestCheckTypeSetElemNestedAttrs'.
2acf980
@ewbankkit
r/aws_appmesh_virtual_node: Fix 'testAccAwsAppmeshVirtualNode_clientP…
f31af93 
…olicyAcm'.
@ewbankkit
r/aws_appmesh_virtual_node: Delete 'appmeshVirtualNodeBackendHash'.
fb6ad39
@ewbankkit
r/aws_appmesh_virtual_node: Tidy up acceptance tests.
9b8caf6
@ewbankkit
r/aws_acmpca_certificate_authority: Add 'testAccCheckAwsAcmpcaCertifi…
1a02e79 
…cateAuthorityDisableCA'.
@ewbankkit
Copy link
Contributor Author

Rebased.
Acceptance tests:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSAppmesh'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAppmesh -timeout 120m
=== RUN   TestAccAWSAppmesh_serial
=== RUN   TestAccAWSAppmesh_serial/Route
=== RUN   TestAccAWSAppmesh_serial/Route/tcpRoute
=== RUN   TestAccAWSAppmesh_serial/Route/routePriority
=== RUN   TestAccAWSAppmesh_serial/Route/tags
=== RUN   TestAccAWSAppmesh_serial/Route/httpHeader
=== RUN   TestAccAWSAppmesh_serial/Route/httpRetryPolicy
=== RUN   TestAccAWSAppmesh_serial/Route/httpRoute
=== RUN   TestAccAWSAppmesh_serial/VirtualNode
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/tags
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/basic
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/backendDefaults
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/cloudMapServiceDiscovery
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/logging
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/tls
    resource_aws_appmesh_virtual_node_test.go:389: [INFO] Got non-empty plan, as expected
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/clientPolicyAcm
    resource_aws_appmesh_virtual_node_test.go:597: [INFO] Got non-empty plan, as expected
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/clientPolicyFile
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/listenerHealthChecks
=== RUN   TestAccAWSAppmesh_serial/VirtualRouter
=== RUN   TestAccAWSAppmesh_serial/VirtualRouter/basic
=== RUN   TestAccAWSAppmesh_serial/VirtualRouter/tags
=== RUN   TestAccAWSAppmesh_serial/VirtualService
=== RUN   TestAccAWSAppmesh_serial/VirtualService/virtualNode
=== RUN   TestAccAWSAppmesh_serial/VirtualService/virtualRouter
=== RUN   TestAccAWSAppmesh_serial/VirtualService/tags
=== RUN   TestAccAWSAppmesh_serial/Mesh
=== RUN   TestAccAWSAppmesh_serial/Mesh/tags
=== RUN   TestAccAWSAppmesh_serial/Mesh/basic
=== RUN   TestAccAWSAppmesh_serial/Mesh/egressFilter
--- PASS: TestAccAWSAppmesh_serial (1043.85s)
    --- PASS: TestAccAWSAppmesh_serial/Route (283.29s)
        --- PASS: TestAccAWSAppmesh_serial/Route/tcpRoute (55.89s)
        --- PASS: TestAccAWSAppmesh_serial/Route/routePriority (38.56s)
        --- PASS: TestAccAWSAppmesh_serial/Route/tags (56.34s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpHeader (39.17s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpRetryPolicy (38.42s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpRoute (54.90s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualNode (457.18s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/tags (49.27s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/basic (19.13s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/backendDefaults (34.97s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/cloudMapServiceDiscovery (106.01s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/logging (34.19s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/tls (82.78s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/clientPolicyAcm (61.81s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/clientPolicyFile (34.46s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/listenerHealthChecks (34.57s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualRouter (81.36s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualRouter/basic (33.13s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualRouter/tags (48.23s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualService (126.87s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/virtualNode (37.93s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/virtualRouter (34.42s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/tags (54.51s)
    --- PASS: TestAccAWSAppmesh_serial/Mesh (95.15s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/tags (41.77s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/basic (16.30s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/egressFilter (37.08s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	1043.903s

@ewbankkit ewbankkit removed the service/acmpca Issues and PRs that pertain to the acmpca service. label Sep 30, 2020
DrFaust92
DrFaust92 approved these changes Sep 30, 2020
View reviewed changes
Copy link
Collaborator

@DrFaust92 DrFaust92 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

--- PASS: TestAccAWSAppmesh_serial (2435.37s)
    --- PASS: TestAccAWSAppmesh_serial/Mesh (284.03s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/egressFilter (111.26s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/tags (118.81s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/basic (53.95s)
    --- PASS: TestAccAWSAppmesh_serial/Route (703.35s)
        --- PASS: TestAccAWSAppmesh_serial/Route/routePriority (98.51s)
        --- PASS: TestAccAWSAppmesh_serial/Route/tags (145.75s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpHeader (95.11s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpRetryPolicy (90.76s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpRoute (146.93s)
        --- PASS: TestAccAWSAppmesh_serial/Route/tcpRoute (126.28s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualNode (933.34s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/clientPolicyFile (81.10s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/tags (113.79s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/backendDefaults (71.51s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/clientPolicyAcm (117.58s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/listenerHealthChecks (71.25s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/logging (81.20s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/tls (190.93s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/basic (41.22s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/cloudMapServiceDiscovery (164.75s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualRouter (182.88s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualRouter/basic (76.06s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualRouter/tags (106.83s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualService (331.76s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/virtualNode (87.43s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/virtualRouter (90.64s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/tags (153.69s)

@breathingdust
Copy link
Member

LGTM! 🚀 Thanks @ewbankkit

Verified Acceptance Tests in Commercial (us-west-2)

make testacc TEST=./aws TESTARGS='-run=TestAccAWSAppmesh'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAppmesh -timeout 120m
=== RUN   TestAccAWSAppmesh_serial
=== RUN   TestAccAWSAppmesh_serial/Mesh
=== RUN   TestAccAWSAppmesh_serial/Mesh/basic
=== RUN   TestAccAWSAppmesh_serial/Mesh/egressFilter
=== RUN   TestAccAWSAppmesh_serial/Mesh/tags
=== RUN   TestAccAWSAppmesh_serial/Route
=== RUN   TestAccAWSAppmesh_serial/Route/httpRetryPolicy
=== RUN   TestAccAWSAppmesh_serial/Route/httpRoute
=== RUN   TestAccAWSAppmesh_serial/Route/tcpRoute
=== RUN   TestAccAWSAppmesh_serial/Route/routePriority
=== RUN   TestAccAWSAppmesh_serial/Route/tags
=== RUN   TestAccAWSAppmesh_serial/Route/httpHeader
=== RUN   TestAccAWSAppmesh_serial/VirtualNode
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/clientPolicyFile
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/cloudMapServiceDiscovery
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/tags
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/basic
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/backendDefaults
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/logging
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/tls
    resource_aws_appmesh_virtual_node_test.go:389: [INFO] Got non-empty plan, as expected
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/clientPolicyAcm
    resource_aws_appmesh_virtual_node_test.go:597: [INFO] Got non-empty plan, as expected
=== RUN   TestAccAWSAppmesh_serial/VirtualNode/listenerHealthChecks
=== RUN   TestAccAWSAppmesh_serial/VirtualRouter
=== RUN   TestAccAWSAppmesh_serial/VirtualRouter/basic
=== RUN   TestAccAWSAppmesh_serial/VirtualRouter/tags
=== RUN   TestAccAWSAppmesh_serial/VirtualService
=== RUN   TestAccAWSAppmesh_serial/VirtualService/virtualNode
=== RUN   TestAccAWSAppmesh_serial/VirtualService/virtualRouter
=== RUN   TestAccAWSAppmesh_serial/VirtualService/tags
--- PASS: TestAccAWSAppmesh_serial (887.25s)
    --- PASS: TestAccAWSAppmesh_serial/Mesh (87.56s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/basic (15.74s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/egressFilter (33.55s)
        --- PASS: TestAccAWSAppmesh_serial/Mesh/tags (38.27s)
    --- PASS: TestAccAWSAppmesh_serial/Route (220.31s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpRetryPolicy (29.57s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpRoute (44.76s)
        --- PASS: TestAccAWSAppmesh_serial/Route/tcpRoute (43.11s)
        --- PASS: TestAccAWSAppmesh_serial/Route/routePriority (31.22s)
        --- PASS: TestAccAWSAppmesh_serial/Route/tags (42.15s)
        --- PASS: TestAccAWSAppmesh_serial/Route/httpHeader (29.49s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualNode (405.14s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/clientPolicyFile (28.63s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/cloudMapServiceDiscovery (116.60s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/tags (40.09s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/basic (15.75s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/backendDefaults (29.97s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/logging (28.10s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/tls (67.75s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/clientPolicyAcm (50.92s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualNode/listenerHealthChecks (27.32s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualRouter (68.96s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualRouter/basic (27.83s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualRouter/tags (41.13s)
    --- PASS: TestAccAWSAppmesh_serial/VirtualService (105.28s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/virtualNode (31.66s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/virtualRouter (29.56s)
        --- PASS: TestAccAWSAppmesh_serial/VirtualService/tags (44.06s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	889.109s

@breathingdust breathingdust added this to the v3.9.0 milestone Sep 30, 2020
@breathingdust breathingdust merged commit b6a8e65 into hashicorp:master Sep 30, 2020
breathingdust added a commit that referenced this pull request Sep 30, 2020
@breathingdust
Update CHANGELOG for #12541
aa0d097
@ewbankkit ewbankkit deleted the issue-10922 branch October 1, 2020 00:45
@ghost
Copy link

ghost commented Oct 2, 2020

This has been released in version 3.9.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@ghost
Copy link

ghost commented Oct 31, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked as resolved and limited conversation to collaborators Oct 31, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@DrFaust92 DrFaust92 DrFaust92 approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. service/appmesh Issues and PRs that pertain to the appmesh service. size/XXL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v3.9.0
Development

Successfully merging this pull request may close these issues.

AWS App Mesh support for TLS in transit encryption
6 participants
@ewbankkit @mbamber @gurjant31 @rmaskara @breathingdust @DrFaust92