-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
resource/aws_inspector2_enabler: Fix various errors #31038
Conversation
Community NoteVoting for Prioritization
For Submitters
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think docs/running-and-writing-acceptance-tests.md
also needs to be updated with the THIRD information.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀.
% make testacc TESTARGS='-run=TestAccInspector2_serial' PKG=inspector2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/inspector2/... -v -count 1 -parallel 20 -run=TestAccInspector2_serial -timeout 180m
=== RUN TestAccInspector2_serial
=== PAUSE TestAccInspector2_serial
=== CONT TestAccInspector2_serial
=== RUN TestAccInspector2_serial/Enabler
=== RUN TestAccInspector2_serial/Enabler/disappears
=== RUN TestAccInspector2_serial/Enabler/lambda
=== RUN TestAccInspector2_serial/Enabler/updateResourceTypes
=== RUN TestAccInspector2_serial/Enabler/updateResourceTypes_disjoint
=== RUN TestAccInspector2_serial/Enabler/memberAccount_basic
=== RUN TestAccInspector2_serial/Enabler/memberAccount_multiple
enabler_test.go:327: Step 1/1 error: Error running apply: exit status 1
Error: creating Amazon Inspector Member Association (123456789012): waiting for completion: timeout while waiting for state to become 'ENABLED' (last state: 'CREATED', timeout: 5m0s)
with aws_inspector2_member_association.members[1],
on terraform_plugin_test.tf line 38, in resource "aws_inspector2_member_association" "members":
38: resource "aws_inspector2_member_association" "members" {
=== RUN TestAccInspector2_serial/Enabler/basic
=== RUN TestAccInspector2_serial/Enabler/accountID
=== RUN TestAccInspector2_serial/Enabler/memberAccount_updateMemberAccounts
enabler_test.go:367: Step 2/3 error: Error running apply: exit status 1
Error: creating Amazon Inspector Member Association (123456789012): operation error Inspector2: AssociateMember, https response error StatusCode: 400, RequestID: c99b77a7-5ef1-4579-855f-86f82ab2bc13, ValidationException: The request is rejected because the given account ID is already a member or associated member of the current account.
with aws_inspector2_member_association.members[1],
on terraform_plugin_test.tf line 38, in resource "aws_inspector2_member_association" "members":
38: resource "aws_inspector2_member_association" "members" {
=== RUN TestAccInspector2_serial/Enabler/memberAccount_updateMemberAccountsAndScanTypes
enabler_test.go:435: Step 2/3 error: Error running apply: exit status 1
Error: creating Amazon Inspector Member Association (123456789012): operation error Inspector2: AssociateMember, https response error StatusCode: 400, RequestID: 11de407d-edd2-43b2-a68a-08c51fce0035, ValidationException: The request is rejected because the given account ID is already a member or associated member of the current account.
with aws_inspector2_member_association.members[1],
on terraform_plugin_test.tf line 38, in resource "aws_inspector2_member_association" "members":
38: resource "aws_inspector2_member_association" "members" {
=== RUN TestAccInspector2_serial/Enabler/memberAccount_disappearsMemberAssociation
=== RUN TestAccInspector2_serial/DelegatedAdminAccount
=== RUN TestAccInspector2_serial/DelegatedAdminAccount/basic
=== RUN TestAccInspector2_serial/DelegatedAdminAccount/disappears
=== RUN TestAccInspector2_serial/MemberAssociation
=== RUN TestAccInspector2_serial/MemberAssociation/basic
=== RUN TestAccInspector2_serial/MemberAssociation/disappears
=== RUN TestAccInspector2_serial/OrganizationConfiguration
=== RUN TestAccInspector2_serial/OrganizationConfiguration/disappears
=== RUN TestAccInspector2_serial/OrganizationConfiguration/ec2ECR
=== RUN TestAccInspector2_serial/OrganizationConfiguration/lambda
=== RUN TestAccInspector2_serial/OrganizationConfiguration/basic
--- FAIL: TestAccInspector2_serial (2192.64s)
--- FAIL: TestAccInspector2_serial/Enabler (1994.62s)
--- PASS: TestAccInspector2_serial/Enabler/disappears (235.33s)
--- PASS: TestAccInspector2_serial/Enabler/lambda (132.01s)
--- PASS: TestAccInspector2_serial/Enabler/updateResourceTypes (395.53s)
--- PASS: TestAccInspector2_serial/Enabler/updateResourceTypes_disjoint (396.69s)
--- PASS: TestAccInspector2_serial/Enabler/memberAccount_basic (96.64s)
--- FAIL: TestAccInspector2_serial/Enabler/memberAccount_multiple (312.57s)
--- PASS: TestAccInspector2_serial/Enabler/basic (51.65s)
--- PASS: TestAccInspector2_serial/Enabler/accountID (118.79s)
--- FAIL: TestAccInspector2_serial/Enabler/memberAccount_updateMemberAccounts (76.21s)
--- FAIL: TestAccInspector2_serial/Enabler/memberAccount_updateMemberAccountsAndScanTypes (79.79s)
--- PASS: TestAccInspector2_serial/Enabler/memberAccount_disappearsMemberAssociation (99.41s)
--- PASS: TestAccInspector2_serial/DelegatedAdminAccount (31.70s)
--- PASS: TestAccInspector2_serial/DelegatedAdminAccount/basic (17.93s)
--- PASS: TestAccInspector2_serial/DelegatedAdminAccount/disappears (13.77s)
--- PASS: TestAccInspector2_serial/MemberAssociation (45.40s)
--- PASS: TestAccInspector2_serial/MemberAssociation/basic (24.80s)
--- PASS: TestAccInspector2_serial/MemberAssociation/disappears (20.60s)
--- PASS: TestAccInspector2_serial/OrganizationConfiguration (120.92s)
--- PASS: TestAccInspector2_serial/OrganizationConfiguration/disappears (35.41s)
--- PASS: TestAccInspector2_serial/OrganizationConfiguration/ec2ECR (28.96s)
--- PASS: TestAccInspector2_serial/OrganizationConfiguration/lambda (27.77s)
--- PASS: TestAccInspector2_serial/OrganizationConfiguration/basic (28.77s)
FAIL
FAIL github.com/hashicorp/terraform-provider-aws/internal/service/inspector2 2198.225s
FAIL
make: *** [testacc] Error 1
The failures are an artifact of the way I have my testing accounts configured and are not related to this change.
This functionality has been released in v4.66.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Description
Enabling scanning for Lambda resources using
aws_inspector2_enabler
did not work, though the parameter was accepted.Additionally, the resource used the
Disable
API call rather thanBatchGetAccountStatus
, which sometimes timed out, and also possibly ran into permissions problems if the user did not have authorization to disable Inspector.Lastly, the
Enable
API call can either be called for the Organization Administrator account or a set of Member accounts.Relations
Closes #30776
Closes #30144
Closes #27644
Closes #27639
Output from Acceptance Testing