-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
f-aws_directconnect_connection_macsec #26274
f-aws_directconnect_connection_macsec #26274
Conversation
- Create docs for resource `aws_dx_macsec_key` - [WIP] Update existing docs for resource `aws_dx_connection`
- Remove default "secret delete" behavior to align with API behavior - Add sweeper for MACsec keys to clean up dangling acceptance test resources
694c200
to
ae5cc7f
Compare
@ddericco All tests pass other than the TestAccDirectConnectConnection_macsecRequested test:
|
@NetDevAutomate I haven't been able to reproduce this locally - I've tried manually setting |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks pretty good thus far! I provided repeated comments/suggestions on a resource and schema names for your consideration.
Update attribute name to align with API Co-authored-by: Albert Silva <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀.
% make testacc TESTARGS='-run=TestAccDirectConnectConnection_' PKG=directconnect ACCTEST_PARALLELISM=3
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/directconnect/... -v -count 1 -parallel 3 -run=TestAccDirectConnectConnection_ -timeout 180m
=== RUN TestAccDirectConnectConnection_basic
=== PAUSE TestAccDirectConnectConnection_basic
=== RUN TestAccDirectConnectConnection_disappears
=== PAUSE TestAccDirectConnectConnection_disappears
=== RUN TestAccDirectConnectConnection_encryptionMode
connection_test.go:82: Environment variable DX_CONNECTION_ID is not set
--- SKIP: TestAccDirectConnectConnection_encryptionMode (0.00s)
=== RUN TestAccDirectConnectConnection_macsecRequested
=== PAUSE TestAccDirectConnectConnection_macsecRequested
=== RUN TestAccDirectConnectConnection_providerName
=== PAUSE TestAccDirectConnectConnection_providerName
=== RUN TestAccDirectConnectConnection_skipDestroy
=== PAUSE TestAccDirectConnectConnection_skipDestroy
=== RUN TestAccDirectConnectConnection_tags
=== PAUSE TestAccDirectConnectConnection_tags
=== CONT TestAccDirectConnectConnection_basic
=== CONT TestAccDirectConnectConnection_providerName
=== CONT TestAccDirectConnectConnection_macsecRequested
=== CONT TestAccDirectConnectConnection_tags
--- PASS: TestAccDirectConnectConnection_basic (21.30s)
--- PASS: TestAccDirectConnectConnection_providerName (23.31s)
=== CONT TestAccDirectConnectConnection_skipDestroy
--- PASS: TestAccDirectConnectConnection_macsecRequested (23.49s)
=== CONT TestAccDirectConnectConnection_disappears
--- PASS: TestAccDirectConnectConnection_disappears (17.44s)
--- PASS: TestAccDirectConnectConnection_skipDestroy (18.00s)
--- PASS: TestAccDirectConnectConnection_tags (46.81s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/directconnect 73.409s
make testacc TESTARGS='-run=TestAccDirectConnectMacSecKey_' PKG=directconnect ACCTEST_PARALLELISM=3
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/directconnect/... -v -count 1 -parallel 3 -run=TestAccDirectConnectMacSecKey_ -timeout 180m
=== RUN TestAccDirectConnectMacSecKey_withCkn
macsec_key_test.go:21: Environment variable DX_CONNECTION_ID is not set
--- SKIP: TestAccDirectConnectMacSecKey_withCkn (0.00s)
=== RUN TestAccDirectConnectMacSecKey_withSecret
macsec_key_test.go:56: Environment variable DX_CONNECTION_ID is not set
--- SKIP: TestAccDirectConnectMacSecKey_withSecret (0.00s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/directconnect 4.897s
Verified that % terraform plan
aws_dx_connection.test: Refreshing state... [id=dxcon-ffjmkunm]
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply":
# aws_dx_connection.test has been changed
~ resource "aws_dx_connection" "test" {
+ aws_device = "ECPO1-251t75d1q8gru"
+ encryption_mode = "unknown"
~ has_logical_redundancy = "unknown" -> "no"
id = "dxcon-ffjmkunm"
~ jumbo_frame_capable = false -> true
+ macsec_capable = false
name = "ewbankkit-test"
+ port_encryption_status = "unknown"
+ tags = {}
# (5 unchanged attributes hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the
following plan may include actions to undo or respond to these changes.
───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
No changes. Your infrastructure matches the configuration.
Your configuration already matches the changes detected above. If you'd like to update the Terraform state to match, create and
apply a refresh-only plan:
terraform apply -refresh-only |
|
% make testacc TESTARGS='-run=TestAccDirectConnectConnection_\|TestAccDirectConnectMacSecKey_' PKG=directconnect ACCTEST_PARALLELISM=3
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/directconnect/... -v -count 1 -parallel 3 -run=TestAccDirectConnectConnection_\|TestAccDirectConnectMacSecKey_ -timeout 180m
=== RUN TestAccDirectConnectConnection_basic
=== PAUSE TestAccDirectConnectConnection_basic
=== RUN TestAccDirectConnectConnection_disappears
=== PAUSE TestAccDirectConnectConnection_disappears
=== RUN TestAccDirectConnectConnection_encryptionMode
connection_test.go:82: Environment variable DX_CONNECTION_ID is not set
--- SKIP: TestAccDirectConnectConnection_encryptionMode (0.00s)
=== RUN TestAccDirectConnectConnection_macsecRequested
=== PAUSE TestAccDirectConnectConnection_macsecRequested
=== RUN TestAccDirectConnectConnection_providerName
=== PAUSE TestAccDirectConnectConnection_providerName
=== RUN TestAccDirectConnectConnection_skipDestroy
=== PAUSE TestAccDirectConnectConnection_skipDestroy
=== RUN TestAccDirectConnectConnection_tags
=== PAUSE TestAccDirectConnectConnection_tags
=== RUN TestAccDirectConnectMacSecKey_withCkn
macsec_key_test.go:21: Environment variable DX_CONNECTION_ID is not set
--- SKIP: TestAccDirectConnectMacSecKey_withCkn (0.00s)
=== RUN TestAccDirectConnectMacSecKey_withSecret
macsec_key_test.go:56: Environment variable DX_CONNECTION_ID is not set
--- SKIP: TestAccDirectConnectMacSecKey_withSecret (0.00s)
=== CONT TestAccDirectConnectConnection_basic
=== CONT TestAccDirectConnectConnection_providerName
=== CONT TestAccDirectConnectConnection_tags
--- PASS: TestAccDirectConnectConnection_basic (29.07s)
=== CONT TestAccDirectConnectConnection_skipDestroy
--- PASS: TestAccDirectConnectConnection_providerName (30.32s)
=== CONT TestAccDirectConnectConnection_macsecRequested
--- PASS: TestAccDirectConnectConnection_skipDestroy (27.34s)
=== CONT TestAccDirectConnectConnection_disappears
--- PASS: TestAccDirectConnectConnection_macsecRequested (35.14s)
--- PASS: TestAccDirectConnectConnection_tags (72.86s)
--- PASS: TestAccDirectConnectConnection_disappears (21.99s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/directconnect 88.039s |
@ddericco Thanks for the contribution 🎉 👏. |
This functionality has been released in v4.48.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Adds support for MACsec on Direct Connect connections:
aws_dx_macsec_key
macsec_requested
to resourceaws_dx_connection
to support requesting MACsec on new connectionsencryption_mode
,macsec_capable
, andport_encryption_status
to resourceaws_dx_connection
Notes
DX_CONNECTION_ID
with a valid DX connection ID before running the tests.aws_dx_macsec_key
will change the DX connection to a pending state as part of the add/remove operation. If the DX connection is in any state other than available when starting the tests, the acceptance test will fail with error:DirectConnectClientException: The port is not in available state to associate the key for account <accountID>
.Community Note
Closes #21082
Output from acceptance testing: