Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue-20146 Add username parameter to RDS proxy auth #24264

Merged
merged 10 commits into from
Apr 18, 2022
Merged

Issue-20146 Add username parameter to RDS proxy auth #24264

merged 10 commits into from
Apr 18, 2022

Conversation

enicholson125
Copy link
Contributor

@enicholson125 enicholson125 commented Apr 15, 2022
edited
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

This PR adds the username parameter into the auth config for the RDS proxy, to match the API provided by AWS for the proxy. I have not included an acceptance test for setting the username field, as the behaviour of the API with this parameter does not support it: the API returns an error for requests setting both username and auth_scheme. Setting username without auth_scheme is successful but leads to a diff in the subsequent plan, as auth_scheme is added automatically to the resource.

It seemed sensible to make the terraform provider fully support the parameters available in the API, even though the username parameter doesn't do much.

Closes #20146

Output from acceptance testing:

I did these in a few batches to avoid VPC quota issues.

$ make testacc TESTS=TestAccRDSProxy_n PKG=rds                         
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/rds/... -v -count 1 -parallel 7 -run='TestAccRDSProxy_n'  -timeout 180m
=== RUN   TestAccRDSProxy_name
=== PAUSE TestAccRDSProxy_name
=== CONT  TestAccRDSProxy_name
--- PASS: TestAccRDSProxy_name (609.66s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/rds        609.741s

$ make testacc TESTS=TestAccRDSProxy_[db] PKG=rds 
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/rds/... -v -count 1 -parallel 7 -run='TestAccRDSProxy_[db]'  -timeout 180m
=== RUN   TestAccRDSProxy_basic
=== PAUSE TestAccRDSProxy_basic
=== RUN   TestAccRDSProxy_debugLogging
=== PAUSE TestAccRDSProxy_debugLogging
=== RUN   TestAccRDSProxy_disappears
=== PAUSE TestAccRDSProxy_disappears
=== CONT  TestAccRDSProxy_basic
=== CONT  TestAccRDSProxy_disappears
=== CONT  TestAccRDSProxy_debugLogging
--- PASS: TestAccRDSProxy_basic (523.43s)
--- PASS: TestAccRDSProxy_debugLogging (611.90s)
--- PASS: TestAccRDSProxy_disappears (652.27s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/rds        652.368s

$ make testacc TESTS=TestAccRDSProxy_a PKG=rds  
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/rds/... -v -count 1 -parallel 7 -run='TestAccRDSProxy_a'  -timeout 180m
=== RUN   TestAccRDSProxy_authDescription
=== PAUSE TestAccRDSProxy_authDescription
=== RUN   TestAccRDSProxy_authIAMAuth
=== PAUSE TestAccRDSProxy_authIAMAuth
=== RUN   TestAccRDSProxy_authSecretARN
=== PAUSE TestAccRDSProxy_authSecretARN
=== RUN   TestAccRDSProxy_authUsername
=== PAUSE TestAccRDSProxy_authUsername
=== CONT  TestAccRDSProxy_authDescription
=== CONT  TestAccRDSProxy_authSecretARN
=== CONT  TestAccRDSProxy_authIAMAuth
=== CONT  TestAccRDSProxy_authUsername
--- PASS: TestAccRDSProxy_authIAMAuth (529.97s)
--- PASS: TestAccRDSProxy_authDescription (540.66s)
--- PASS: TestAccRDSProxy_authUsername (592.87s)
--- PASS: TestAccRDSProxy_authSecretARN (621.82s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/rds        621.895s

$ make testacc TESTS=TestAccRDSProxy_[rivt] PKG=rds                               ⎈ (kmi-ap1-uat-alpha/accounts-services)
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/rds/... -v -count 1 -parallel 7 -run='TestAccRDSProxy_[rivt]'  -timeout 180m
=== RUN   TestAccRDSProxy_idleClientTimeout
=== PAUSE TestAccRDSProxy_idleClientTimeout
=== RUN   TestAccRDSProxy_requireTLS
=== PAUSE TestAccRDSProxy_requireTLS
=== RUN   TestAccRDSProxy_roleARN
=== PAUSE TestAccRDSProxy_roleARN
=== RUN   TestAccRDSProxy_vpcSecurityGroupIDs
=== PAUSE TestAccRDSProxy_vpcSecurityGroupIDs
=== RUN   TestAccRDSProxy_tags
=== PAUSE TestAccRDSProxy_tags
=== CONT  TestAccRDSProxy_idleClientTimeout
=== CONT  TestAccRDSProxy_vpcSecurityGroupIDs
=== CONT  TestAccRDSProxy_roleARN
=== CONT  TestAccRDSProxy_tags
=== CONT  TestAccRDSProxy_requireTLS
--- PASS: TestAccRDSProxy_tags (603.20s)
--- PASS: TestAccRDSProxy_roleARN (658.33s)
--- PASS: TestAccRDSProxy_vpcSecurityGroupIDs (668.33s)
--- PASS: TestAccRDSProxy_idleClientTimeout (685.29s)
--- PASS: TestAccRDSProxy_requireTLS (775.37s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/rds        775.481s

@github-actions github-actions bot added service/rds Issues and PRs that pertain to the rds service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. needs-triage Waiting for first response or review from a maintainer. size/S Managed by automation to categorize the size of a PR. labels Apr 15, 2022
github-actions[bot]
github-actions bot reviewed Apr 15, 2022
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @enicholson125 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTING guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@enicholson125 enicholson125 marked this pull request as ready for review April 15, 2022 15:18
@ewbankkit ewbankkit added enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. labels Apr 18, 2022
@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. and removed size/S Managed by automation to categorize the size of a PR. labels Apr 18, 2022
ewbankkit
ewbankkit approved these changes Apr 18, 2022
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTS=TestAccRDSProxy_ PKG=rds ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/rds/... -v -count 1 -parallel 2 -run='TestAccRDSProxy_'  -timeout 180m
=== RUN   TestAccRDSProxy_basic
=== PAUSE TestAccRDSProxy_basic
=== RUN   TestAccRDSProxy_name
=== PAUSE TestAccRDSProxy_name
=== RUN   TestAccRDSProxy_debugLogging
=== PAUSE TestAccRDSProxy_debugLogging
=== RUN   TestAccRDSProxy_idleClientTimeout
=== PAUSE TestAccRDSProxy_idleClientTimeout
=== RUN   TestAccRDSProxy_requireTLS
=== PAUSE TestAccRDSProxy_requireTLS
=== RUN   TestAccRDSProxy_roleARN
=== PAUSE TestAccRDSProxy_roleARN
=== RUN   TestAccRDSProxy_vpcSecurityGroupIDs
=== PAUSE TestAccRDSProxy_vpcSecurityGroupIDs
=== RUN   TestAccRDSProxy_authDescription
=== PAUSE TestAccRDSProxy_authDescription
=== RUN   TestAccRDSProxy_authIAMAuth
=== PAUSE TestAccRDSProxy_authIAMAuth
=== RUN   TestAccRDSProxy_authSecretARN
=== PAUSE TestAccRDSProxy_authSecretARN
=== RUN   TestAccRDSProxy_authUsername
=== PAUSE TestAccRDSProxy_authUsername
=== RUN   TestAccRDSProxy_tags
=== PAUSE TestAccRDSProxy_tags
=== RUN   TestAccRDSProxy_disappears
=== PAUSE TestAccRDSProxy_disappears
=== CONT  TestAccRDSProxy_basic
=== CONT  TestAccRDSProxy_authDescription
--- PASS: TestAccRDSProxy_basic (681.58s)
=== CONT  TestAccRDSProxy_authUsername
--- PASS: TestAccRDSProxy_authDescription (681.71s)
=== CONT  TestAccRDSProxy_disappears
--- PASS: TestAccRDSProxy_disappears (518.96s)
=== CONT  TestAccRDSProxy_tags
--- PASS: TestAccRDSProxy_authUsername (524.51s)
=== CONT  TestAccRDSProxy_requireTLS
--- PASS: TestAccRDSProxy_requireTLS (581.99s)
=== CONT  TestAccRDSProxy_vpcSecurityGroupIDs
--- PASS: TestAccRDSProxy_tags (613.46s)
=== CONT  TestAccRDSProxy_roleARN
--- PASS: TestAccRDSProxy_roleARN (634.13s)
=== CONT  TestAccRDSProxy_debugLogging
--- PASS: TestAccRDSProxy_vpcSecurityGroupIDs (736.20s)
=== CONT  TestAccRDSProxy_idleClientTimeout
--- PASS: TestAccRDSProxy_debugLogging (894.40s)
=== CONT  TestAccRDSProxy_name
--- PASS: TestAccRDSProxy_idleClientTimeout (818.55s)
=== CONT  TestAccRDSProxy_authSecretARN
--- PASS: TestAccRDSProxy_authSecretARN (824.41s)
=== CONT  TestAccRDSProxy_authIAMAuth
--- PASS: TestAccRDSProxy_name (824.82s)
--- PASS: TestAccRDSProxy_authIAMAuth (960.37s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/rds	5131.093s

@ewbankkit
Copy link
Contributor

@enicholson125 Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit a00eb72 into hashicorp:main Apr 18, 2022
@github-actions github-actions bot added this to the v4.11.0 milestone Apr 18, 2022
@ewbankkit ewbankkit mentioned this pull request Apr 18, 2022
Merged
@github-actions
Copy link

This functionality has been released in v4.11.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/rds Issues and PRs that pertain to the rds service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v4.11.0
Development

Successfully merging this pull request may close these issues.

The documented auth > username field does not exist on aws_rds_proxy
2 participants
@enicholson125 @ewbankkit