Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When the provider assumes a given role, don't use the default profile… #87

Merged
merged 2 commits into from
Nov 1, 2023
Merged

When the provider assumes a given role, don't use the default profile… #87

merged 2 commits into from
Nov 1, 2023

Conversation

massimob76
Copy link
Contributor

… if the profile is not given, but allow aws-sdk-go to find the credentials using the default credential provider chain (#86)

Description

When aws_assume_role_arn is given but no aws_profile, it won't set the profile to default but it will let the aws-sdk-go library to find out the credentials using the default provider chain.
When aws_assume_role_arn is given as well as aws_profile, it won't change its current behaviour and the aws-sdk-go library will use the given profile.

Issues Resolved

This will revolve issue #86

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@massimob76
When the provider assumes a given role, don't use the default profile…
b113bb3 
… if the profile is not given, but allow aws-sdk-go to find the credentials using the default credential provider chain (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>
@massimob76 massimob76 mentioned this pull request Oct 5, 2023
Open
@prudhvigodithi
Copy link
Member

Thanks @massimob76 this looks good, any unit tests can be added?

@prudhvigodithi
Copy link
Member

Hey @massimob76 just following back, can you please add some unit tests so that we can move forward with this PR?
Thank you

@massimob76
Copy link
Contributor Author

hi @prudhvigodithi I will try to add some unit tests this week, sorry I have been very busy lately.

@vasyaxparfenov vasyaxparfenov mentioned this pull request Oct 19, 2023
Merged
@massimob76
Copy link
Contributor Author

Hi @prudhvigodithi, I have added some tests - that required a few changes:

  • added a mock server for intercepting the api call rather than the real AWS endpoint. Only during tests we use a mock server endpoint when calling awsSession, otherwise endpoint="" which will lead to aws-sdk-go to call its real endpoint.
  • swapped the test_aws_config with the test_aws_credentials since when running it locally if a credentials file exists it will have the priority over the test_aws_config fixture. But using test_aws_credentials instead will remove any interference from the local setup.

@massimob76 massimob76 mentioned this pull request Oct 26, 2023
Open
@prudhvigodithi
Copy link
Member

Thanks @massimob76 for your contribution, merging the PR now.

@prudhvigodithi prudhvigodithi merged commit 0cfc9f2 into opensearch-project:main Nov 1, 2023
5 checks passed
@andrejvanderzee
Copy link

Any ETA on releasing this now that it is merged?

@prudhvigodithi prudhvigodithi mentioned this pull request Nov 5, 2023
Closed
afrodidact pushed a commit to afrodidact/terraform-provider-opensearch that referenced this pull request Nov 7, 2023
@massimob76
When the provider assumes a given role, don't use the default profile… (
5ccee4d 
opensearch-project#87)

* When the provider assumes a given role, don't use the default profile if the profile is not given, but allow aws-sdk-go to find the credentials using the default credential provider chain (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

* Adds unit tests for AWS profile change (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

---------

Signed-off-by: Massimo Battestini <[email protected]>
Signed-off-by: Aaron Miller <[email protected]>
afrodidact pushed a commit to afrodidact/terraform-provider-opensearch that referenced this pull request Nov 7, 2023
@massimob76
When the provider assumes a given role, don't use the default profile… (
dbd168f 
opensearch-project#87)

* When the provider assumes a given role, don't use the default profile if the profile is not given, but allow aws-sdk-go to find the credentials using the default credential provider chain (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

* Adds unit tests for AWS profile change (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

---------

Signed-off-by: Massimo Battestini <[email protected]>
@estebane-frb
Copy link

Any chance this can be released soon? This has been a big blocker for us to be able to use the provider.

@justinhauer
Copy link

@prudhvigodithi can you give us any type of time frame when you think this will be released?

@prudhvigodithi
Copy link
Member

prudhvigodithi commented Nov 8, 2023
edited
Loading

Hey @estebane-frb @justinhauer I have an issue created for this purpose #122, I'm planning to go ahead with the release tomorrow (PST), just waiting on one feature PR to support OpenSearch serverless to go in #92, thank you for your patience.
Adding @vasyaxparfenov @bbarani

@prudhvigodithi
Copy link
Member

The provider v2.1.0 has been released, please check.
Provider Download link: https://registry.terraform.io/providers/opensearch-project/opensearch/2.1.0

afrodidact pushed a commit to afrodidact/terraform-provider-opensearch that referenced this pull request Dec 11, 2023
Fix persistent delete of config_id (88)
3708c63 
Signed-off-by: Aaron Miller <[email protected]>

Add anomaly detection (opensearch-project#105)

* Add anomaly detection

Signed-off-by: Rupa Lahiri <[email protected]>

* Add test for update

Signed-off-by: Rupa Lahiri <[email protected]>

* Add audit config in anomaly detector test

Signed-off-by: Rupa Lahiri <[email protected]>

* Format terraform in test

Signed-off-by: Rupa Lahiri <[email protected]>

---------

Signed-off-by: Rupa Lahiri <[email protected]>
Signed-off-by: Aaron Miller <[email protected]>

When the provider assumes a given role, don't use the default profile… (opensearch-project#87)

* When the provider assumes a given role, don't use the default profile if the profile is not given, but allow aws-sdk-go to find the credentials using the default credential provider chain (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

* Adds unit tests for AWS profile change (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

---------

Signed-off-by: Massimo Battestini <[email protected]>
Signed-off-by: Aaron Miller <[email protected]>

Add step to generate terraform provider documentation by running tfplugindocs (opensearch-project#120)

Signed-off-by: Rupa Lahiri <[email protected]>
Signed-off-by: Aaron Miller <[email protected]>

Improve documentation for HTTP basic authentication (opensearch-project#114)

* Update template

Signed-off-by: Jason Parraga <[email protected]>

* Generate docs using tfplugindocs

Signed-off-by: Jason Parraga <[email protected]>

---------

Signed-off-by: Jason Parraga <[email protected]>
Signed-off-by: Aaron Miller <[email protected]>

fix complaints in errcheck linter

Signed-off-by: Aaron Miller <[email protected]>

Add proxy support (opensearch-project#95)

* Add proxy support

Add a new optional parameter to the provider configuration to allow for
setting a proxy.  Using a proxy can be an easier method for connecting
to clusters within a VPC.

Signed-off-by: Tim Wisbauer <[email protected]>

* Add proxy support docs

Signed-off-by: Tim Wisbauer <[email protected]>

---------

Signed-off-by: Tim Wisbauer <[email protected]>

Add anomaly detection (opensearch-project#105)

* Add anomaly detection

Signed-off-by: Rupa Lahiri <[email protected]>

* Add test for update

Signed-off-by: Rupa Lahiri <[email protected]>

* Add audit config in anomaly detector test

Signed-off-by: Rupa Lahiri <[email protected]>

* Format terraform in test

Signed-off-by: Rupa Lahiri <[email protected]>

---------

Signed-off-by: Rupa Lahiri <[email protected]>

When the provider assumes a given role, don't use the default profile… (opensearch-project#87)

* When the provider assumes a given role, don't use the default profile if the profile is not given, but allow aws-sdk-go to find the credentials using the default credential provider chain (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

* Adds unit tests for AWS profile change (opensearch-project#86)

Signed-off-by: Massimo Battestini <[email protected]>

---------

Signed-off-by: Massimo Battestini <[email protected]>

Add step to generate terraform provider documentation by running tfplugindocs (opensearch-project#120)

Signed-off-by: Rupa Lahiri <[email protected]>

Improve documentation for HTTP basic authentication (opensearch-project#114)

* Update template

Signed-off-by: Jason Parraga <[email protected]>

* Generate docs using tfplugindocs

Signed-off-by: Jason Parraga <[email protected]>

---------

Signed-off-by: Jason Parraga <[email protected]>

Add proxy support (opensearch-project#95)

* Add proxy support

Add a new optional parameter to the provider configuration to allow for
setting a proxy.  Using a proxy can be an easier method for connecting
to clusters within a VPC.

Signed-off-by: Tim Wisbauer <[email protected]>

* Add proxy support docs

Signed-off-by: Tim Wisbauer <[email protected]>

---------

Signed-off-by: Tim Wisbauer <[email protected]>

Add anomaly detection (opensearch-project#105)

* Add anomaly detection

Signed-off-by: Rupa Lahiri <[email protected]>

* Add test for update

Signed-off-by: Rupa Lahiri <[email protected]>

* Add audit config in anomaly detector test

Signed-off-by: Rupa Lahiri <[email protected]>

* Format terraform in test

Signed-off-by: Rupa Lahiri <[email protected]>

---------

Signed-off-by: Rupa Lahiri <[email protected]>

Improve documentation for HTTP basic authentication (opensearch-project#114)

* Update template

Signed-off-by: Jason Parraga <[email protected]>

* Generate docs using tfplugindocs

Signed-off-by: Jason Parraga <[email protected]>

---------

Signed-off-by: Jason Parraga <[email protected]>

Add proxy support (opensearch-project#95)

* Add proxy support

Add a new optional parameter to the provider configuration to allow for
setting a proxy.  Using a proxy can be an easier method for connecting
to clusters within a VPC.

Signed-off-by: Tim Wisbauer <[email protected]>

* Add proxy support docs

Signed-off-by: Tim Wisbauer <[email protected]>

---------

Signed-off-by: Tim Wisbauer <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@prudhvigodithi prudhvigodithi prudhvigodithi approved these changes

@peterzhuamazon peterzhuamazon Awaiting requested review from peterzhuamazon peterzhuamazon is a code owner

@jackson-theisen jackson-theisen Awaiting requested review from jackson-theisen jackson-theisen is a code owner

@phillbaker phillbaker Awaiting requested review from phillbaker phillbaker is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@massimob76 @prudhvigodithi @andrejvanderzee @estebane-frb @justinhauer