-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds support for AMI sharing to Orgs and OUs #21694
Adds support for AMI sharing to Orgs and OUs #21694
Conversation
You will need to use an AWS account that's linked to an AWS Organization to be able to use the Organization's ARN as a data source. What should the default behavior be if the testing account is not in an Organization? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Welcome @joraff 👋
It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTING guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.
Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.
Thanks again, and welcome to the community! 😃
Regarding default behavior if the testing account is not in an org, I found the PreCheck to handle this behavior. |
Could this be added to the imagebuilder as well? It's in the api. |
I'm not a fan of the "arn_type" property -- the underlying API is strongly-typed with UserId, Group, OrganizationalUnitArn, or OrganizationArn. I think it makes more sense to have:
This makes the api more self-documenting and aligns with the other SDKs around this resource. It also reduces the need to lookup a case-sensitive string in the docs. Here are the docs for the launch permission: |
I agree with the use of distinct, strongly-types arguments as suggested above, and have implemented the changes. Tests and website docs have been added. $ make testacc TESTARGS='-run TestAccEC2AMILaunchPermission_organization' PKG_NAME=internal/service/ec2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 20 -run TestAccEC2AMILaunchPermission_organization -timeout 180m
=== RUN TestAccEC2AMILaunchPermission_organization
=== PAUSE TestAccEC2AMILaunchPermission_organization
=== CONT TestAccEC2AMILaunchPermission_organization
2022/04/06 23:24:53 Waiting for AMI ami-0dddfaa907ae8da63 to become available...
2022/04/06 23:30:23 Waiting for AMI ami-0dddfaa907ae8da63 to be deleted...
--- PASS: TestAccEC2AMILaunchPermission_organization (344.49s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/ec2 346.991s |
Acceptance test output: % make testacc TESTS=TestAccEC2AMILaunchPermission_basic PKG=ec2 ACCTEST_PARALLELISM=3 ==> Checking that code complies with gofmt requirements... TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 3 -run='TestAccEC2AMILaunchPermission_basic' -timeout 180m === RUN TestAccEC2AMILaunchPermission_basic === PAUSE TestAccEC2AMILaunchPermission_basic === CONT TestAccEC2AMILaunchPermission_basic --- PASS: TestAccEC2AMILaunchPermission_basic (357.87s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/ec2 361.846s
…tTimeout CRUD handler signatures (hashicorp#15090).
This reverts commit 1cb51f2.
…ami_launch_permission
Acceptance test output: % make testacc TESTARGS='-run=TestAccEC2AMILaunchPermission_group\|TestAccEC2AMILaunchPermission_basic' PKG=ec2 ==> Checking that code complies with gofmt requirements... TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 20 -run=TestAccEC2AMILaunchPermission_group\|TestAccEC2AMILaunchPermission_basic -timeout 180m === RUN TestAccEC2AMILaunchPermission_basic === PAUSE TestAccEC2AMILaunchPermission_basic === RUN TestAccEC2AMILaunchPermission_group === PAUSE TestAccEC2AMILaunchPermission_group === CONT TestAccEC2AMILaunchPermission_basic === CONT TestAccEC2AMILaunchPermission_group --- PASS: TestAccEC2AMILaunchPermission_basic (361.32s) --- PASS: TestAccEC2AMILaunchPermission_group (364.94s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/ec2 371.503s
This reverts commit 1040f01.
This reverts commit 00dd171.
This reverts commit 99f110c.
This reverts commit 38203e5.
This reverts commit 08c38a8.
This reverts commit d9b4f95.
This reverts commit 0b275c1.
…_unit_arn' arguments.
…ILaunchPermission_organizationalUnitARN'.
1c3f153
to
15519b9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀.
% make testacc TESTS=TestAccEC2AMILaunchPermission_ PKG=ec2 ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 2 -run='TestAccEC2AMILaunchPermission_' -timeout 180m
=== RUN TestAccEC2AMILaunchPermission_basic
=== PAUSE TestAccEC2AMILaunchPermission_basic
=== RUN TestAccEC2AMILaunchPermission_disappears
=== PAUSE TestAccEC2AMILaunchPermission_disappears
=== RUN TestAccEC2AMILaunchPermission_Disappears_ami
=== PAUSE TestAccEC2AMILaunchPermission_Disappears_ami
=== RUN TestAccEC2AMILaunchPermission_group
=== PAUSE TestAccEC2AMILaunchPermission_group
=== RUN TestAccEC2AMILaunchPermission_organizationARN
=== PAUSE TestAccEC2AMILaunchPermission_organizationARN
=== RUN TestAccEC2AMILaunchPermission_organizationalUnitARN
=== PAUSE TestAccEC2AMILaunchPermission_organizationalUnitARN
=== CONT TestAccEC2AMILaunchPermission_basic
=== CONT TestAccEC2AMILaunchPermission_group
--- PASS: TestAccEC2AMILaunchPermission_group (361.35s)
=== CONT TestAccEC2AMILaunchPermission_Disappears_ami
--- PASS: TestAccEC2AMILaunchPermission_basic (361.98s)
=== CONT TestAccEC2AMILaunchPermission_organizationalUnitARN
acctest.go:688: skipping tests; this AWS account must not be an existing member of an AWS Organization
--- SKIP: TestAccEC2AMILaunchPermission_organizationalUnitARN (0.23s)
=== CONT TestAccEC2AMILaunchPermission_organizationARN
--- PASS: TestAccEC2AMILaunchPermission_Disappears_ami (350.94s)
=== CONT TestAccEC2AMILaunchPermission_disappears
--- PASS: TestAccEC2AMILaunchPermission_organizationARN (355.95s)
--- PASS: TestAccEC2AMILaunchPermission_disappears (355.58s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/ec2 1071.663s
% make testacc TESTS=TestAccEC2AMILaunchPermission_organizationalUnitARN PKG=ec2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/ec2/... -v -count 1 -parallel 20 -run='TestAccEC2AMILaunchPermission_organizationalUnitARN' -timeout 180m
=== RUN TestAccEC2AMILaunchPermission_organizationalUnitARN
=== PAUSE TestAccEC2AMILaunchPermission_organizationalUnitARN
=== CONT TestAccEC2AMILaunchPermission_organizationalUnitARN
--- PASS: TestAccEC2AMILaunchPermission_organizationalUnitARN (345.34s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/ec2 349.518s
This functionality has been released in v4.10.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
This PR adds two new arguments to the
aws_ami_launch_permission
resource to allow for Organization and OrganizationalUnit sharing.Community Note
Closes #21617.
Closes #11101.
Output from acceptance testing: