Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix AWS S3 bucket import of acl and grant attributes #20670

Closed
wants to merge 2 commits into from
Closed

Fix AWS S3 bucket import of acl and grant attributes #20670

wants to merge 2 commits into from

Conversation

pdecat
Copy link
Contributor

@pdecat pdecat commented Aug 24, 2021
edited
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #6193 and #17791

Relates #3728

Output from acceptance testing:

$ AWS_REGION=eu-west-3 make testacc TESTARGS='-run=TestAccAWSS3Bucket_Security'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSS3Bucket_Security -timeout 180m
=== RUN   TestAccAWSS3Bucket_Security_policy
=== PAUSE TestAccAWSS3Bucket_Security_policy
=== RUN   TestAccAWSS3Bucket_Security_updateACL
=== PAUSE TestAccAWSS3Bucket_Security_updateACL
=== RUN   TestAccAWSS3Bucket_Security_updateGrant
=== PAUSE TestAccAWSS3Bucket_Security_updateGrant
=== RUN   TestAccAWSS3Bucket_Security_ACLToGrant
=== PAUSE TestAccAWSS3Bucket_Security_ACLToGrant
=== RUN   TestAccAWSS3Bucket_Security_GrantToACL
=== PAUSE TestAccAWSS3Bucket_Security_GrantToACL
=== RUN   TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== PAUSE TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== RUN   TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== PAUSE TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== RUN   TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== PAUSE TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== RUN   TestAccAWSS3Bucket_Security_corsUpdate
=== PAUSE TestAccAWSS3Bucket_Security_corsUpdate
=== RUN   TestAccAWSS3Bucket_Security_corsDelete
=== PAUSE TestAccAWSS3Bucket_Security_corsDelete
=== RUN   TestAccAWSS3Bucket_Security_corsEmptyOrigin
=== PAUSE TestAccAWSS3Bucket_Security_corsEmptyOrigin
=== RUN   TestAccAWSS3Bucket_Security_logging
=== PAUSE TestAccAWSS3Bucket_Security_logging
=== CONT  TestAccAWSS3Bucket_Security_policy
=== CONT  TestAccAWSS3Bucket_Security_ACLToGrant
=== CONT  TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== CONT  TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== CONT  TestAccAWSS3Bucket_Security_logging
=== CONT  TestAccAWSS3Bucket_Security_corsDelete
=== CONT  TestAccAWSS3Bucket_Security_corsEmptyOrigin
=== CONT  TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== CONT  TestAccAWSS3Bucket_Security_updateGrant
=== CONT  TestAccAWSS3Bucket_Security_GrantToACL
=== CONT  TestAccAWSS3Bucket_Security_updateACL
=== CONT  TestAccAWSS3Bucket_Security_corsUpdate
--- PASS: TestAccAWSS3Bucket_Security_corsDelete (28.51s)
--- PASS: TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical (31.10s)
--- PASS: TestAccAWSS3Bucket_Security_corsEmptyOrigin (31.45s)
--- PASS: TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed (32.20s)
--- PASS: TestAccAWSS3Bucket_Security_logging (33.30s)
--- PASS: TestAccAWSS3Bucket_Security_ACLToGrant (45.32s)
--- PASS: TestAccAWSS3Bucket_Security_corsUpdate (45.82s)
--- PASS: TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled (46.39s)
--- PASS: TestAccAWSS3Bucket_Security_GrantToACL (47.10s)
--- PASS: TestAccAWSS3Bucket_Security_policy (57.15s)
--- PASS: TestAccAWSS3Bucket_Security_updateGrant (60.18s)
--- PASS: TestAccAWSS3Bucket_Security_updateACL (99.12s)
PASS
ok      github.com/terraform-providers/terraform-provider-aws/aws       99.222s

@github-actions github-actions bot added needs-triage Waiting for first response or review from a maintainer. size/XL Managed by automation to categorize the size of a PR. service/s3 Issues and PRs that pertain to the s3 service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Aug 24, 2021
pdecat
pdecat commented Aug 24, 2021
View reviewed changes
aws/resource_aws_s3_bucket.go Outdated Show resolved Hide resolved
pdecat
pdecat commented Aug 24, 2021
View reviewed changes
aws/resource_aws_s3_bucket.go Outdated
Comment on lines 2795 to 2789
// There may be more than one occurrence of each grant combination but it is apparently unimportant as
// the AWS console states "The console displays combined access grants for duplicate grantees"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Example of such a case:

# aws --profile myprofile s3api get-bucket-acl --bucket mybucket
{
    "Owner": {
        "DisplayName": "awsroot.myaccount",
        "ID": "98a033a4faed3******146099526853"
    },
    "Grants": [
        {
            "Grantee": {
                "DisplayName": "awsroot.myaccount",
                "ID": "98a033a4faed3******146099526853",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        },
        {
            "Grantee": {
                "DisplayName": "awsroot.myaccount",
                "ID": "98a033a4faed3******146099526853",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        }
    ]
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also found a case where there are three duplicate grants on another bucket in the same account:

# aws --profile myprofile s3api get-bucket-acl --bucket myotherbucket
{
    "Owner": {
        "DisplayName": "awsroot.myaccount",
        "ID": "98a033a4faed389d1c9e409dab5aa9aede0b78c92084b551a946146099526853"
    },
    "Grants": [
        {
            "Grantee": {
                "DisplayName": "awsroot.myaccount",
                "ID": "98a033a4faed3******146099526853",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        },
        {
            "Grantee": {
                "DisplayName": "awsroot.myaccount",
                "ID": "98a033a4faed3******146099526853",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        },
        {
            "Grantee": {
                "DisplayName": "awsroot.myaccount",
                "ID": "98a033a4faed3******146099526853",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        }
    ]
}

@pdecat
Copy link
Contributor Author

pdecat commented Aug 24, 2021
edited
Loading

More complete acceptance tests run in us-west-2:

# AWS_REGION=us-west-2 make testacc TESTARGS='-run=TestAccAWSS3Bucket'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSS3Bucket -timeout 180m
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_basic
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_basic
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_removed
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_removed
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_updateBasic
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_updateBasic
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Empty
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Empty
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Prefix
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Prefix
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_SingleTag
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_SingleTag
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_MultipleTags
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_MultipleTags
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_PrefixAndTags
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_PrefixAndTags
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Remove
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Remove
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Empty
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Empty
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Default
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Default
=== RUN   TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Full
=== PAUSE TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Full
=== RUN   TestAccAWSS3BucketInventory_basic
=== PAUSE TestAccAWSS3BucketInventory_basic
=== RUN   TestAccAWSS3BucketInventory_encryptWithSSES3
=== PAUSE TestAccAWSS3BucketInventory_encryptWithSSES3
=== RUN   TestAccAWSS3BucketInventory_encryptWithSSEKMS
=== PAUSE TestAccAWSS3BucketInventory_encryptWithSSEKMS
=== RUN   TestAccAWSS3BucketMetric_basic
=== PAUSE TestAccAWSS3BucketMetric_basic
=== RUN   TestAccAWSS3BucketMetric_WithEmptyFilter
=== PAUSE TestAccAWSS3BucketMetric_WithEmptyFilter
=== RUN   TestAccAWSS3BucketMetric_WithFilterPrefix
=== PAUSE TestAccAWSS3BucketMetric_WithFilterPrefix
=== RUN   TestAccAWSS3BucketMetric_WithFilterPrefixAndMultipleTags
=== PAUSE TestAccAWSS3BucketMetric_WithFilterPrefixAndMultipleTags
=== RUN   TestAccAWSS3BucketMetric_WithFilterPrefixAndSingleTag
=== PAUSE TestAccAWSS3BucketMetric_WithFilterPrefixAndSingleTag
=== RUN   TestAccAWSS3BucketMetric_WithFilterMultipleTags
=== PAUSE TestAccAWSS3BucketMetric_WithFilterMultipleTags
=== RUN   TestAccAWSS3BucketMetric_WithFilterSingleTag
=== PAUSE TestAccAWSS3BucketMetric_WithFilterSingleTag
=== RUN   TestAccAWSS3BucketNotification_LambdaFunction
=== PAUSE TestAccAWSS3BucketNotification_LambdaFunction
=== RUN   TestAccAWSS3BucketNotification_LambdaFunction_LambdaFunctionArn_Alias
=== PAUSE TestAccAWSS3BucketNotification_LambdaFunction_LambdaFunctionArn_Alias
=== RUN   TestAccAWSS3BucketNotification_Queue
=== PAUSE TestAccAWSS3BucketNotification_Queue
=== RUN   TestAccAWSS3BucketNotification_Topic
=== PAUSE TestAccAWSS3BucketNotification_Topic
=== RUN   TestAccAWSS3BucketNotification_Topic_Multiple
=== PAUSE TestAccAWSS3BucketNotification_Topic_Multiple
=== RUN   TestAccAWSS3BucketNotification_update
=== PAUSE TestAccAWSS3BucketNotification_update
=== RUN   TestAccAWSS3BucketObject_noNameNoKey
=== PAUSE TestAccAWSS3BucketObject_noNameNoKey
=== RUN   TestAccAWSS3BucketObject_empty
=== PAUSE TestAccAWSS3BucketObject_empty
=== RUN   TestAccAWSS3BucketObject_source
=== PAUSE TestAccAWSS3BucketObject_source
=== RUN   TestAccAWSS3BucketObject_content
=== PAUSE TestAccAWSS3BucketObject_content
=== RUN   TestAccAWSS3BucketObject_etagEncryption
=== PAUSE TestAccAWSS3BucketObject_etagEncryption
=== RUN   TestAccAWSS3BucketObject_contentBase64
=== PAUSE TestAccAWSS3BucketObject_contentBase64
=== RUN   TestAccAWSS3BucketObject_sourceHashTrigger
=== PAUSE TestAccAWSS3BucketObject_sourceHashTrigger
=== RUN   TestAccAWSS3BucketObject_withContentCharacteristics
=== PAUSE TestAccAWSS3BucketObject_withContentCharacteristics
=== RUN   TestAccAWSS3BucketObject_nonVersioned
=== PAUSE TestAccAWSS3BucketObject_nonVersioned
=== RUN   TestAccAWSS3BucketObject_updates
=== PAUSE TestAccAWSS3BucketObject_updates
=== RUN   TestAccAWSS3BucketObject_updateSameFile
=== PAUSE TestAccAWSS3BucketObject_updateSameFile
=== RUN   TestAccAWSS3BucketObject_updatesWithVersioning
=== PAUSE TestAccAWSS3BucketObject_updatesWithVersioning
=== RUN   TestAccAWSS3BucketObject_updatesWithVersioningViaAccessPoint
=== PAUSE TestAccAWSS3BucketObject_updatesWithVersioningViaAccessPoint
=== RUN   TestAccAWSS3BucketObject_kms
=== PAUSE TestAccAWSS3BucketObject_kms
=== RUN   TestAccAWSS3BucketObject_sse
=== PAUSE TestAccAWSS3BucketObject_sse
=== RUN   TestAccAWSS3BucketObject_acl
=== PAUSE TestAccAWSS3BucketObject_acl
=== RUN   TestAccAWSS3BucketObject_metadata
=== PAUSE TestAccAWSS3BucketObject_metadata
=== RUN   TestAccAWSS3BucketObject_storageClass
=== PAUSE TestAccAWSS3BucketObject_storageClass
=== RUN   TestAccAWSS3BucketObject_tags
=== PAUSE TestAccAWSS3BucketObject_tags
=== RUN   TestAccAWSS3BucketObject_tagsLeadingSingleSlash
=== PAUSE TestAccAWSS3BucketObject_tagsLeadingSingleSlash
=== RUN   TestAccAWSS3BucketObject_tagsLeadingMultipleSlashes
=== PAUSE TestAccAWSS3BucketObject_tagsLeadingMultipleSlashes
=== RUN   TestAccAWSS3BucketObject_tagsMultipleSlashes
=== PAUSE TestAccAWSS3BucketObject_tagsMultipleSlashes
=== RUN   TestAccAWSS3BucketObject_objectLockLegalHoldStartWithNone
=== PAUSE TestAccAWSS3BucketObject_objectLockLegalHoldStartWithNone
=== RUN   TestAccAWSS3BucketObject_objectLockLegalHoldStartWithOn
=== PAUSE TestAccAWSS3BucketObject_objectLockLegalHoldStartWithOn
=== RUN   TestAccAWSS3BucketObject_objectLockRetentionStartWithNone
=== PAUSE TestAccAWSS3BucketObject_objectLockRetentionStartWithNone
=== RUN   TestAccAWSS3BucketObject_objectLockRetentionStartWithSet
=== PAUSE TestAccAWSS3BucketObject_objectLockRetentionStartWithSet
=== RUN   TestAccAWSS3BucketObject_objectBucketKeyEnabled
=== PAUSE TestAccAWSS3BucketObject_objectBucketKeyEnabled
=== RUN   TestAccAWSS3BucketObject_bucketBucketKeyEnabled
=== PAUSE TestAccAWSS3BucketObject_bucketBucketKeyEnabled
=== RUN   TestAccAWSS3BucketObject_defaultBucketSSE
=== PAUSE TestAccAWSS3BucketObject_defaultBucketSSE
=== RUN   TestAccAWSS3BucketObject_ignoreTags
=== PAUSE TestAccAWSS3BucketObject_ignoreTags
=== RUN   TestAccAWSS3BucketOwnershipControls_basic
=== PAUSE TestAccAWSS3BucketOwnershipControls_basic
=== RUN   TestAccAWSS3BucketOwnershipControls_disappears
=== PAUSE TestAccAWSS3BucketOwnershipControls_disappears
=== RUN   TestAccAWSS3BucketOwnershipControls_disappears_Bucket
=== PAUSE TestAccAWSS3BucketOwnershipControls_disappears_Bucket
=== RUN   TestAccAWSS3BucketOwnershipControls_Rule_ObjectOwnership
=== PAUSE TestAccAWSS3BucketOwnershipControls_Rule_ObjectOwnership
=== RUN   TestAccAWSS3BucketPolicy_basic
=== PAUSE TestAccAWSS3BucketPolicy_basic
=== RUN   TestAccAWSS3BucketPolicy_policyUpdate
=== PAUSE TestAccAWSS3BucketPolicy_policyUpdate
=== RUN   TestAccAWSS3BucketPublicAccessBlock_basic
=== PAUSE TestAccAWSS3BucketPublicAccessBlock_basic
=== RUN   TestAccAWSS3BucketPublicAccessBlock_disappears
=== PAUSE TestAccAWSS3BucketPublicAccessBlock_disappears
=== RUN   TestAccAWSS3BucketPublicAccessBlock_disappears_Bucket
=== PAUSE TestAccAWSS3BucketPublicAccessBlock_disappears_Bucket
=== RUN   TestAccAWSS3BucketPublicAccessBlock_BlockPublicAcls
=== PAUSE TestAccAWSS3BucketPublicAccessBlock_BlockPublicAcls
=== RUN   TestAccAWSS3BucketPublicAccessBlock_BlockPublicPolicy
=== PAUSE TestAccAWSS3BucketPublicAccessBlock_BlockPublicPolicy
=== RUN   TestAccAWSS3BucketPublicAccessBlock_IgnorePublicAcls
=== PAUSE TestAccAWSS3BucketPublicAccessBlock_IgnorePublicAcls
=== RUN   TestAccAWSS3BucketPublicAccessBlock_RestrictPublicBuckets
=== PAUSE TestAccAWSS3BucketPublicAccessBlock_RestrictPublicBuckets
=== RUN   TestAccAWSS3Bucket_Basic_basic
=== PAUSE TestAccAWSS3Bucket_Basic_basic
=== RUN   TestAccAWSS3Bucket_Basic_emptyString
=== PAUSE TestAccAWSS3Bucket_Basic_emptyString
=== RUN   TestAccAWSS3Bucket_Tags_withNoSystemTags
=== PAUSE TestAccAWSS3Bucket_Tags_withNoSystemTags
=== RUN   TestAccAWSS3Bucket_Tags_withSystemTags
=== PAUSE TestAccAWSS3Bucket_Tags_withSystemTags
=== RUN   TestAccAWSS3Bucket_Tags_ignoreTags
=== PAUSE TestAccAWSS3Bucket_Tags_ignoreTags
=== RUN   TestAccAWSS3Bucket_Tags_basic
=== PAUSE TestAccAWSS3Bucket_Tags_basic
=== RUN   TestAccAWSS3Bucket_Basic_namePrefix
=== PAUSE TestAccAWSS3Bucket_Basic_namePrefix
=== RUN   TestAccAWSS3Bucket_Basic_generatedName
=== PAUSE TestAccAWSS3Bucket_Basic_generatedName
=== RUN   TestAccAWSS3Bucket_Basic_acceleration
=== PAUSE TestAccAWSS3Bucket_Basic_acceleration
=== RUN   TestAccAWSS3Bucket_Basic_requestPayer
=== PAUSE TestAccAWSS3Bucket_Basic_requestPayer
=== RUN   TestAccAWSS3Bucket_Security_policy
=== PAUSE TestAccAWSS3Bucket_Security_policy
=== RUN   TestAccAWSS3Bucket_Security_updateACL
=== PAUSE TestAccAWSS3Bucket_Security_updateACL
=== RUN   TestAccAWSS3Bucket_Security_updateGrant
=== PAUSE TestAccAWSS3Bucket_Security_updateGrant
=== RUN   TestAccAWSS3Bucket_Security_ACLToGrant
=== PAUSE TestAccAWSS3Bucket_Security_ACLToGrant
=== RUN   TestAccAWSS3Bucket_Security_GrantToACL
=== PAUSE TestAccAWSS3Bucket_Security_GrantToACL
=== RUN   TestAccAWSS3Bucket_Web_simple
=== PAUSE TestAccAWSS3Bucket_Web_simple
=== RUN   TestAccAWSS3Bucket_Web_redirect
=== PAUSE TestAccAWSS3Bucket_Web_redirect
=== RUN   TestAccAWSS3Bucket_Web_routingRules
=== PAUSE TestAccAWSS3Bucket_Web_routingRules
=== RUN   TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== PAUSE TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== RUN   TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== PAUSE TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== RUN   TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== PAUSE TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== RUN   TestAccAWSS3Bucket_Basic_keyEnabled
=== PAUSE TestAccAWSS3Bucket_Basic_keyEnabled
=== RUN   TestAccAWSS3Bucket_Basic_shouldFailNotFound
=== PAUSE TestAccAWSS3Bucket_Basic_shouldFailNotFound
=== RUN   TestAccAWSS3Bucket_Manage_versioning
=== PAUSE TestAccAWSS3Bucket_Manage_versioning
=== RUN   TestAccAWSS3Bucket_Security_corsUpdate
=== PAUSE TestAccAWSS3Bucket_Security_corsUpdate
=== RUN   TestAccAWSS3Bucket_Security_corsDelete
=== PAUSE TestAccAWSS3Bucket_Security_corsDelete
=== RUN   TestAccAWSS3Bucket_Security_corsEmptyOrigin
=== PAUSE TestAccAWSS3Bucket_Security_corsEmptyOrigin
=== RUN   TestAccAWSS3Bucket_Security_logging
=== PAUSE TestAccAWSS3Bucket_Security_logging
=== RUN   TestAccAWSS3Bucket_Manage_lifecycleBasic
=== PAUSE TestAccAWSS3Bucket_Manage_lifecycleBasic
=== RUN   TestAccAWSS3Bucket_Manage_lifecycleExpireMarkerOnly
=== PAUSE TestAccAWSS3Bucket_Manage_lifecycleExpireMarkerOnly
=== RUN   TestAccAWSS3Bucket_Manage_lifecycleRuleExpirationEmptyConfigurationBlock
=== PAUSE TestAccAWSS3Bucket_Manage_lifecycleRuleExpirationEmptyConfigurationBlock
=== RUN   TestAccAWSS3Bucket_Manage_lifecycleRuleAbortIncompleteMultipartUploadDaysNoExpiration
=== PAUSE TestAccAWSS3Bucket_Manage_lifecycleRuleAbortIncompleteMultipartUploadDaysNoExpiration
=== RUN   TestAccAWSS3Bucket_Replication_basic
=== PAUSE TestAccAWSS3Bucket_Replication_basic
=== RUN   TestAccAWSS3Bucket_Replication_multipleDestinationsEmptyFilter
=== PAUSE TestAccAWSS3Bucket_Replication_multipleDestinationsEmptyFilter
=== RUN   TestAccAWSS3Bucket_Replication_multipleDestinationsNonEmptyFilter
=== PAUSE TestAccAWSS3Bucket_Replication_multipleDestinationsNonEmptyFilter
=== RUN   TestAccAWSS3Bucket_Replication_twoDestination
=== PAUSE TestAccAWSS3Bucket_Replication_twoDestination
=== RUN   TestAccAWSS3Bucket_Replication_configurationRuleDestinationAccessControlTranslation
=== PAUSE TestAccAWSS3Bucket_Replication_configurationRuleDestinationAccessControlTranslation
=== RUN   TestAccAWSS3Bucket_Replication_configurationRuleDestinationAddAccessControlTranslation
=== PAUSE TestAccAWSS3Bucket_Replication_configurationRuleDestinationAddAccessControlTranslation
=== RUN   TestAccAWSS3Bucket_Replication_withoutStorageClass
=== PAUSE TestAccAWSS3Bucket_Replication_withoutStorageClass
=== RUN   TestAccAWSS3Bucket_Replication_expectVersioningValidationError
=== PAUSE TestAccAWSS3Bucket_Replication_expectVersioningValidationError
=== RUN   TestAccAWSS3Bucket_Replication_withoutPrefix
=== PAUSE TestAccAWSS3Bucket_Replication_withoutPrefix
=== RUN   TestAccAWSS3Bucket_Replication_schemaV2
=== PAUSE TestAccAWSS3Bucket_Replication_schemaV2
=== RUN   TestAccAWSS3Bucket_Replication_schemaV2SameRegion
=== PAUSE TestAccAWSS3Bucket_Replication_schemaV2SameRegion
=== RUN   TestAccAWSS3Bucket_Manage_objectLock
=== PAUSE TestAccAWSS3Bucket_Manage_objectLock
=== RUN   TestAccAWSS3Bucket_Basic_forceDestroy
=== PAUSE TestAccAWSS3Bucket_Basic_forceDestroy
=== RUN   TestAccAWSS3Bucket_Basic_forceDestroyWithEmptyPrefixes
=== PAUSE TestAccAWSS3Bucket_Basic_forceDestroyWithEmptyPrefixes
=== RUN   TestAccAWSS3Bucket_Basic_forceDestroyWithObjectLockEnabled
=== PAUSE TestAccAWSS3Bucket_Basic_forceDestroyWithObjectLockEnabled
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_basic
=== CONT  TestAccAWSS3Bucket_Replication_multipleDestinationsEmptyFilter
=== CONT  TestAccAWSS3BucketObject_objectLockRetentionStartWithNone
=== CONT  TestAccAWSS3Bucket_Manage_lifecycleExpireMarkerOnly
=== CONT  TestAccAWSS3Bucket_Replication_withoutPrefix
=== CONT  TestAccAWSS3Bucket_Basic_forceDestroyWithObjectLockEnabled
=== CONT  TestAccAWSS3Bucket_Basic_forceDestroyWithEmptyPrefixes
=== CONT  TestAccAWSS3Bucket_Replication_expectVersioningValidationError
=== CONT  TestAccAWSS3Bucket_Basic_forceDestroy
=== CONT  TestAccAWSS3Bucket_Manage_objectLock
=== CONT  TestAccAWSS3Bucket_Replication_schemaV2SameRegion
=== CONT  TestAccAWSS3Bucket_Replication_schemaV2
=== CONT  TestAccAWSS3Bucket_Basic_generatedName
=== CONT  TestAccAWSS3Bucket_Replication_basic
=== CONT  TestAccAWSS3Bucket_Manage_lifecycleRuleAbortIncompleteMultipartUploadDaysNoExpiration
=== CONT  TestAccAWSS3Bucket_Manage_lifecycleRuleExpirationEmptyConfigurationBlock
=== CONT  TestAccAWSS3Bucket_Replication_withoutStorageClass
=== CONT  TestAccAWSS3Bucket_Replication_configurationRuleDestinationAddAccessControlTranslation
=== CONT  TestAccAWSS3Bucket_Replication_configurationRuleDestinationAccessControlTranslation
=== CONT  TestAccAWSS3BucketNotification_Topic_Multiple
--- PASS: TestAccAWSS3Bucket_Replication_expectVersioningValidationError (34.27s)
=== CONT  TestAccAWSS3Bucket_Replication_twoDestination
--- PASS: TestAccAWSS3Bucket_Manage_lifecycleRuleExpirationEmptyConfigurationBlock (53.06s)
=== CONT  TestAccAWSS3Bucket_Replication_multipleDestinationsNonEmptyFilter
--- PASS: TestAccAWSS3Bucket_Basic_forceDestroyWithEmptyPrefixes (56.46s)
=== CONT  TestAccAWSS3BucketObject_objectLockLegalHoldStartWithOn
--- PASS: TestAccAWSS3Bucket_Basic_forceDestroy (58.50s)
=== CONT  TestAccAWSS3BucketObject_objectLockLegalHoldStartWithNone
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_basic (60.19s)
=== CONT  TestAccAWSS3BucketInventory_encryptWithSSES3
--- PASS: TestAccAWSS3Bucket_Basic_forceDestroyWithObjectLockEnabled (63.36s)
=== CONT  TestAccAWSS3BucketObject_tagsMultipleSlashes
--- PASS: TestAccAWSS3BucketNotification_Topic_Multiple (64.44s)
=== CONT  TestAccAWSS3BucketObject_tagsLeadingMultipleSlashes
--- PASS: TestAccAWSS3Bucket_Basic_generatedName (68.30s)
=== CONT  TestAccAWSS3BucketNotification_Topic
--- PASS: TestAccAWSS3Bucket_Manage_lifecycleRuleAbortIncompleteMultipartUploadDaysNoExpiration (69.85s)
=== CONT  TestAccAWSS3BucketObject_tagsLeadingSingleSlash
--- PASS: TestAccAWSS3Bucket_Replication_withoutPrefix (83.92s)
=== CONT  TestAccAWSS3BucketNotification_Queue
--- PASS: TestAccAWSS3Bucket_Replication_withoutStorageClass (90.62s)
=== CONT  TestAccAWSS3BucketObject_tags
--- PASS: TestAccAWSS3Bucket_Replication_multipleDestinationsEmptyFilter (92.93s)
=== CONT  TestAccAWSS3BucketNotification_LambdaFunction_LambdaFunctionArn_Alias
--- PASS: TestAccAWSS3Bucket_Replication_schemaV2SameRegion (94.10s)
=== CONT  TestAccAWSS3BucketObject_storageClass
--- PASS: TestAccAWSS3BucketInventory_encryptWithSSES3 (50.12s)
=== CONT  TestAccAWSS3BucketNotification_LambdaFunction
--- PASS: TestAccAWSS3Bucket_Replication_twoDestination (78.39s)
=== CONT  TestAccAWSS3BucketObject_metadata
--- PASS: TestAccAWSS3Bucket_Manage_objectLock (116.17s)
=== CONT  TestAccAWSS3BucketMetric_WithFilterSingleTag
--- PASS: TestAccAWSS3Bucket_Manage_lifecycleExpireMarkerOnly (117.61s)
=== CONT  TestAccAWSS3BucketObject_acl
--- PASS: TestAccAWSS3BucketNotification_Topic (55.65s)
=== CONT  TestAccAWSS3BucketMetric_WithFilterMultipleTags
--- PASS: TestAccAWSS3Bucket_Replication_multipleDestinationsNonEmptyFilter (78.20s)
=== CONT  TestAccAWSS3BucketObject_sse
--- PASS: TestAccAWSS3BucketNotification_Queue (57.94s)
=== CONT  TestAccAWSS3BucketMetric_WithFilterPrefixAndSingleTag
--- PASS: TestAccAWSS3BucketObject_objectLockRetentionStartWithNone (142.62s)
=== CONT  TestAccAWSS3BucketObject_kms
--- PASS: TestAccAWSS3BucketObject_objectLockLegalHoldStartWithOn (89.33s)
=== CONT  TestAccAWSS3BucketObject_updatesWithVersioningViaAccessPoint
--- PASS: TestAccAWSS3Bucket_Replication_configurationRuleDestinationAddAccessControlTranslation (155.89s)
=== CONT  TestAccAWSS3BucketObject_updatesWithVersioning
--- PASS: TestAccAWSS3BucketNotification_LambdaFunction_LambdaFunctionArn_Alias (63.94s)
=== CONT  TestAccAWSS3BucketObject_etagEncryption
--- PASS: TestAccAWSS3Bucket_Replication_configurationRuleDestinationAccessControlTranslation (157.52s)
=== CONT  TestAccAWSS3BucketObject_content
--- PASS: TestAccAWSS3BucketNotification_LambdaFunction (61.88s)
=== CONT  TestAccAWSS3BucketObject_source
--- PASS: TestAccAWSS3BucketObject_sse (50.00s)
=== CONT  TestAccAWSS3BucketObject_empty
--- PASS: TestAccAWSS3BucketObject_objectLockLegalHoldStartWithNone (136.34s)
=== CONT  TestAccAWSS3BucketObject_noNameNoKey
--- PASS: TestAccAWSS3BucketObject_kms (54.93s)
=== CONT  TestAccAWSS3BucketNotification_update
--- PASS: TestAccAWSS3BucketObject_noNameNoKey (3.02s)
=== CONT  TestAccAWSS3BucketObject_nonVersioned
    provider_test.go:2242: skipping test; environment variable TF_ACC_ASSUME_ROLE_ARN must be set. Usage: Amazon Resource Name (ARN) of existing IAM Role to assume for testing restricted permissions
--- SKIP: TestAccAWSS3BucketObject_nonVersioned (0.00s)
=== CONT  TestAccAWSS3BucketObject_updateSameFile
--- PASS: TestAccAWSS3BucketMetric_WithFilterSingleTag (88.11s)
=== CONT  TestAccAWSS3BucketMetric_WithFilterPrefixAndMultipleTags
--- PASS: TestAccAWSS3BucketObject_etagEncryption (53.15s)
=== CONT  TestAccAWSS3BucketObject_updates
--- PASS: TestAccAWSS3BucketObject_content (52.61s)
=== CONT  TestAccAWSS3BucketMetric_WithFilterPrefix
--- PASS: TestAccAWSS3BucketMetric_WithFilterMultipleTags (88.97s)
=== CONT  TestAccAWSS3BucketObject_contentBase64
--- PASS: TestAccAWSS3BucketObject_source (52.45s)
=== CONT  TestAccAWSS3BucketMetric_WithEmptyFilter
--- PASS: TestAccAWSS3BucketMetric_WithEmptyFilter (1.68s)
=== CONT  TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical
--- PASS: TestAccAWSS3BucketMetric_WithFilterPrefixAndSingleTag (89.16s)
=== CONT  TestAccAWSS3BucketObject_withContentCharacteristics
--- PASS: TestAccAWSS3BucketObject_empty (51.19s)
=== CONT  TestAccAWSS3BucketMetric_basic
--- PASS: TestAccAWSS3BucketObject_tagsMultipleSlashes (178.26s)
=== CONT  TestAccAWSS3Bucket_Manage_lifecycleBasic
--- PASS: TestAccAWSS3BucketObject_tagsLeadingMultipleSlashes (178.41s)
=== CONT  TestAccAWSS3BucketObject_sourceHashTrigger
--- PASS: TestAccAWSS3BucketObject_metadata (136.27s)
=== CONT  TestAccAWSS3Bucket_Security_logging
--- PASS: TestAccAWSS3BucketObject_updatesWithVersioningViaAccessPoint (104.22s)
=== CONT  TestAccAWSS3BucketInventory_encryptWithSSEKMS
--- PASS: TestAccAWSS3BucketObject_tagsLeadingSingleSlash (183.32s)
=== CONT  TestAccAWSS3Bucket_Security_corsEmptyOrigin
--- PASS: TestAccAWSS3BucketObject_updatesWithVersioning (97.62s)
=== CONT  TestAccAWSS3Bucket_Security_corsUpdate
--- PASS: TestAccAWSS3BucketObject_acl (140.55s)
=== CONT  TestAccAWSS3Bucket_Basic_shouldFailNotFound
--- PASS: TestAccAWSS3Bucket_Replication_basic (258.97s)
=== CONT  TestAccAWSS3Bucket_Basic_keyEnabled
--- PASS: TestAccAWSS3BucketObject_contentBase64 (49.14s)
=== CONT  TestAccAWSS3Bucket_Security_corsDelete
--- PASS: TestAccAWSS3BucketObject_tags (180.09s)
=== CONT  TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
--- PASS: TestAccAWSS3BucketObject_withContentCharacteristics (46.89s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Default
--- PASS: TestAccAWSS3BucketMetric_basic (49.36s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_PrefixAndTags
--- PASS: TestAccAWSS3Bucket_Basic_shouldFailNotFound (32.03s)
=== CONT  TestAccAWSS3BucketInventory_basic
--- PASS: TestAccAWSS3BucketObject_updateSameFile (92.93s)
=== CONT  TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
--- PASS: TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenTypical (64.57s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Full
--- PASS: TestAccAWSS3BucketMetric_WithFilterPrefixAndMultipleTags (91.21s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Empty
--- PASS: TestAccAWSS3BucketNotification_update (99.46s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Remove
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Empty (3.27s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Prefix
--- PASS: TestAccAWSS3BucketMetric_WithFilterPrefix (92.30s)
=== CONT  TestAccAWSS3Bucket_Security_ACLToGrant
--- PASS: TestAccAWSS3BucketInventory_encryptWithSSEKMS (54.20s)
=== CONT  TestAccAWSS3Bucket_Security_policy
--- PASS: TestAccAWSS3BucketObject_updates (97.63s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_MultipleTags
--- PASS: TestAccAWSS3Bucket_Security_corsDelete (46.63s)
=== CONT  TestAccAWSS3Bucket_Web_routingRules
--- PASS: TestAccAWSS3Bucket_Security_corsEmptyOrigin (60.09s)
=== CONT  TestAccAWSS3Bucket_Security_updateGrant
--- PASS: TestAccAWSS3BucketObject_storageClass (220.84s)
=== CONT  TestAccAWSS3Bucket_Manage_versioning
--- PASS: TestAccAWSS3Bucket_Basic_keyEnabled (64.58s)
=== CONT  TestAccAWSS3Bucket_Web_redirect
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Default (49.51s)
=== CONT  TestAccAWSS3Bucket_Security_updateACL
--- PASS: TestAccAWSS3Bucket_Security_logging (81.62s)
=== CONT  TestAccAWSS3Bucket_Web_simple
--- PASS: TestAccAWSS3BucketObject_sourceHashTrigger (95.22s)
=== CONT  TestAccAWSS3BucketPublicAccessBlock_disappears
--- PASS: TestAccAWSS3Bucket_Replication_schemaV2 (340.94s)
=== CONT  TestAccAWSS3BucketOwnershipControls_disappears
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithStorageClassAnalysis_Full (52.14s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_SingleTag
--- PASS: TestAccAWSS3BucketInventory_basic (54.00s)
=== CONT  TestAccAWSS3BucketPublicAccessBlock_basic
--- PASS: TestAccAWSS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed (58.38s)
=== CONT  TestAccAWSS3Bucket_Basic_namePrefix
--- PASS: TestAccAWSS3Bucket_Security_corsUpdate (108.35s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_updateBasic
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_PrefixAndTags (88.68s)
=== CONT  TestAccAWSS3BucketPolicy_policyUpdate
--- PASS: TestAccAWSS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled (103.51s)
=== CONT  TestAccAWSS3Bucket_Tags_basic
--- PASS: TestAccAWSS3BucketOwnershipControls_disappears (43.76s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Empty
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Remove (88.70s)
=== CONT  TestAccAWSS3BucketPolicy_basic
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Empty (1.94s)
=== CONT  TestAccAWSS3Bucket_Tags_ignoreTags
--- PASS: TestAccAWSS3BucketPublicAccessBlock_disappears (49.94s)
=== CONT  TestAccAWSS3BucketOwnershipControls_Rule_ObjectOwnership
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_Prefix (90.43s)
=== CONT  TestAccAWSS3BucketAnalyticsConfiguration_removed
--- PASS: TestAccAWSS3Bucket_Manage_lifecycleBasic (152.36s)
=== CONT  TestAccAWSS3Bucket_Security_GrantToACL
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_MultipleTags (89.00s)
=== CONT  TestAccAWSS3BucketPublicAccessBlock_RestrictPublicBuckets
--- PASS: TestAccAWSS3BucketPublicAccessBlock_basic (52.79s)
=== CONT  TestAccAWSS3Bucket_Tags_withNoSystemTags
--- PASS: TestAccAWSS3Bucket_Basic_namePrefix (55.17s)
=== CONT  TestAccAWSS3BucketPublicAccessBlock_IgnorePublicAcls
--- PASS: TestAccAWSS3Bucket_Web_routingRules (106.54s)
=== CONT  TestAccAWSS3BucketObject_defaultBucketSSE
--- PASS: TestAccAWSS3Bucket_Security_ACLToGrant (120.43s)
=== CONT  TestAccAWSS3Bucket_Basic_emptyString
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_WithFilter_SingleTag (88.83s)
=== CONT  TestAccAWSS3Bucket_Tags_withSystemTags
--- PASS: TestAccAWSS3Bucket_Tags_basic (60.25s)
=== CONT  TestAccAWSS3BucketOwnershipControls_basic
--- PASS: TestAccAWSS3BucketPolicy_basic (51.78s)
=== CONT  TestAccAWSS3Bucket_Basic_basic
--- PASS: TestAccAWSS3Bucket_Security_policy (152.26s)
=== CONT  TestAccAWSS3BucketObject_ignoreTags
--- PASS: TestAccAWSS3BucketPolicy_policyUpdate (90.48s)
=== CONT  TestAccAWSS3BucketPublicAccessBlock_BlockPublicAcls
--- PASS: TestAccAWSS3Bucket_Manage_versioning (147.99s)
=== CONT  TestAccAWSS3Bucket_Basic_requestPayer
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_removed (81.05s)
=== CONT  TestAccAWSS3Bucket_Basic_acceleration
--- PASS: TestAccAWSS3BucketObject_defaultBucketSSE (57.31s)
=== CONT  TestAccAWSS3BucketObject_objectBucketKeyEnabled
--- PASS: TestAccAWSS3BucketOwnershipControls_Rule_ObjectOwnership (86.67s)
=== CONT  TestAccAWSS3BucketPublicAccessBlock_disappears_Bucket
--- PASS: TestAccAWSS3Bucket_Basic_emptyString (55.84s)
=== CONT  TestAccAWSS3BucketObject_objectLockRetentionStartWithSet
--- PASS: TestAccAWSS3Bucket_Web_redirect (157.87s)
=== CONT  TestAccAWSS3BucketOwnershipControls_disappears_Bucket
--- PASS: TestAccAWSS3BucketOwnershipControls_basic (47.40s)
=== CONT  TestAccAWSS3BucketObject_bucketBucketKeyEnabled
--- PASS: TestAccAWSS3Bucket_Tags_ignoreTags (95.26s)
=== CONT  TestAccAWSS3BucketPublicAccessBlock_BlockPublicPolicy
--- PASS: TestAccAWSS3Bucket_Web_simple (156.04s)
--- PASS: TestAccAWSS3Bucket_Basic_basic (55.12s)
--- PASS: TestAccAWSS3Bucket_Security_updateGrant (182.79s)
--- PASS: TestAccAWSS3BucketAnalyticsConfiguration_updateBasic (138.89s)
--- PASS: TestAccAWSS3BucketPublicAccessBlock_disappears_Bucket (33.95s)
--- PASS: TestAccAWSS3BucketOwnershipControls_disappears_Bucket (31.72s)
--- PASS: TestAccAWSS3Bucket_Security_GrantToACL (120.07s)
--- PASS: TestAccAWSS3BucketObject_objectBucketKeyEnabled (46.66s)
--- PASS: TestAccAWSS3BucketPublicAccessBlock_RestrictPublicBuckets (125.85s)
--- PASS: TestAccAWSS3BucketPublicAccessBlock_IgnorePublicAcls (124.54s)
--- PASS: TestAccAWSS3BucketObject_bucketBucketKeyEnabled (55.27s)
--- PASS: TestAccAWSS3BucketObject_ignoreTags (93.42s)
--- PASS: TestAccAWSS3Bucket_Basic_requestPayer (101.57s)
--- PASS: TestAccAWSS3Bucket_Basic_acceleration (99.58s)
--- PASS: TestAccAWSS3BucketPublicAccessBlock_BlockPublicAcls (123.09s)
--- PASS: TestAccAWSS3Bucket_Tags_withNoSystemTags (193.80s)
--- PASS: TestAccAWSS3BucketPublicAccessBlock_BlockPublicPolicy (121.95s)
--- PASS: TestAccAWSS3BucketObject_objectLockRetentionStartWithSet (163.32s)
--- PASS: TestAccAWSS3Bucket_Tags_withSystemTags (231.22s)
--- PASS: TestAccAWSS3Bucket_Security_updateACL (344.02s)
PASS
ok      github.com/terraform-providers/terraform-provider-aws/aws       672.029s

pdecat
pdecat commented Aug 24, 2021
View reviewed changes
aws/resource_aws_s3_bucket.go Outdated
d.Set("acl", "aws-exec-read")
case owner_full_control && !all_users_read && !all_users_write && !authenticated_users_read && !ec2_read && logdelivery_read_acp && logdelivery_write:
d.Set("acl", "log-delivery-write")
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We probably want to add a default branch that returns false to indicate that no canned ACL matched and that we need to record all grants.

Copy link
Contributor Author

@pdecat pdecat Aug 24, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a test case for this:

# make testacc TESTARGS='-run=TestAccAWSS3Bucket_Security_updateGrant'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSS3Bucket_Security_updateGrant -timeout 180m
=== RUN   TestAccAWSS3Bucket_Security_updateGrant
=== PAUSE TestAccAWSS3Bucket_Security_updateGrant
=== CONT  TestAccAWSS3Bucket_Security_updateGrant
    resource_aws_s3_bucket_test.go:712: Step 5/8 error: After applying this test step and performing a `terraform refresh`, the plan was not empty.
        stdout


        Terraform used the selected providers to generate the following execution
        plan. Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_s3_bucket.bucket will be updated in-place
          ~ resource "aws_s3_bucket" "bucket" {
                id                          = "tf-test-bucket-42309041846304674"
                tags                        = {}
                # (10 unchanged attributes hidden)

              + grant {
                  + permissions = [
                      + "READ",
                    ]
                  + type        = "Group"
                  + uri         = "http://acs.amazonaws.com/groups/global/AllUsers"
                }
              + grant {
                  + permissions = [
                      + "READ_ACP",
                    ]
                  + type        = "Group"
                  + uri         = "http://acs.amazonaws.com/groups/s3/LogDelivery"
                }
              + grant {
                  + id          = "d6d601a******992e82e04d96d"
                  + permissions = [
                      + "FULL_CONTROL",
                    ]
                  + type        = "CanonicalUser"
                }

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.
--- FAIL: TestAccAWSS3Bucket_Security_updateGrant (170.02s)
FAIL
FAIL    github.com/terraform-providers/terraform-provider-aws/aws       170.104s
FAIL
make: *** [GNUmakefile:30: testacc] Error 1

And implemented the above mentioned fix to make the test pass:

# make testacc TESTARGS='-run=TestAccAWSS3Bucket_Security_updateGrant'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSS3Bucket_Security_updateGrant -timeout 180m
=== RUN   TestAccAWSS3Bucket_Security_updateGrant
=== PAUSE TestAccAWSS3Bucket_Security_updateGrant
=== CONT  TestAccAWSS3Bucket_Security_updateGrant
--- PASS: TestAccAWSS3Bucket_Security_updateGrant (242.17s)
PASS
ok      github.com/terraform-providers/terraform-provider-aws/aws       242.255s

@breathingdust breathingdust added enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. labels Aug 26, 2021
@zhelding
Copy link
Contributor

Pull request #21306 has significantly refactored the AWS Provider codebase. As a result, most PRs opened prior to the refactor now have merge conflicts that must be resolved before proceeding.

Specifically, PR #21306 relocated the code for all AWS resources and data sources from a single aws directory to a large number of separate directories in internal/service, each corresponding to a particular AWS service. This separation of code has also allowed for us to simplify the names of underlying functions -- while still avoiding namespace collisions.

We recognize that many pull requests have been open for some time without yet being addressed by our maintainers. Therefore, we want to make it clear that resolving these conflicts in no way affects the prioritization of a particular pull request. Once a pull request has been prioritized for review, the necessary changes will be made by a maintainer -- either directly or in collaboration with the pull request author.

For a more complete description of this refactor, including examples of how old filepaths and function names correspond to their new counterparts: please refer to issue #20000.

For a quick guide on how to amend your pull request to resolve the merge conflicts resulting from this refactor and bring it in line with our new code patterns: please refer to our Service Package Refactor Pull Request Guide.

@pdecat
Copy link
Contributor Author

pdecat commented Oct 19, 2021

Rebased on current main branch, acceptance tests results:

make testacc PKG_NAME=internal/service/s3 TESTARGS='-run=TestAccS3Bucket_Security'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/s3 -v -count 1 -parallel 20 -run=TestAccS3Bucket_Security -timeout 180m
=== RUN   TestAccS3Bucket_Security_policy
=== PAUSE TestAccS3Bucket_Security_policy
=== RUN   TestAccS3Bucket_Security_updateACL
=== PAUSE TestAccS3Bucket_Security_updateACL
=== RUN   TestAccS3Bucket_Security_updateGrant
=== PAUSE TestAccS3Bucket_Security_updateGrant
=== RUN   TestAccS3Bucket_Security_aclToGrant
=== PAUSE TestAccS3Bucket_Security_aclToGrant
=== RUN   TestAccS3Bucket_Security_grantToACL
=== PAUSE TestAccS3Bucket_Security_grantToACL
=== RUN   TestAccS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== PAUSE TestAccS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== RUN   TestAccS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== PAUSE TestAccS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== RUN   TestAccS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== PAUSE TestAccS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== RUN   TestAccS3Bucket_Security_corsUpdate
=== PAUSE TestAccS3Bucket_Security_corsUpdate
=== RUN   TestAccS3Bucket_Security_corsDelete
=== PAUSE TestAccS3Bucket_Security_corsDelete
=== RUN   TestAccS3Bucket_Security_corsEmptyOrigin
=== PAUSE TestAccS3Bucket_Security_corsEmptyOrigin
=== RUN   TestAccS3Bucket_Security_logging
=== PAUSE TestAccS3Bucket_Security_logging
=== CONT  TestAccS3Bucket_Security_policy
=== CONT  TestAccS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed
=== CONT  TestAccS3Bucket_Security_corsDelete
=== CONT  TestAccS3Bucket_Security_logging
=== CONT  TestAccS3Bucket_Security_aclToGrant
=== CONT  TestAccS3Bucket_Security_corsEmptyOrigin
=== CONT  TestAccS3Bucket_Security_enableDefaultEncryptionWhenTypical
=== CONT  TestAccS3Bucket_Security_grantToACL
=== CONT  TestAccS3Bucket_Security_corsUpdate
=== CONT  TestAccS3Bucket_Security_updateGrant
=== CONT  TestAccS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled
=== CONT  TestAccS3Bucket_Security_updateACL
--- PASS: TestAccS3Bucket_Security_corsDelete (78.52s)
--- PASS: TestAccS3Bucket_Security_enableDefaultEncryptionWhenAES256IsUsed (94.04s)
--- PASS: TestAccS3Bucket_Security_corsEmptyOrigin (95.17s)
--- PASS: TestAccS3Bucket_Security_enableDefaultEncryptionWhenTypical (99.06s)
--- PASS: TestAccS3Bucket_Security_logging (110.06s)
--- PASS: TestAccS3Bucket_Security_disableDefaultEncryptionWhenDefaultEncryptionIsEnabled (140.82s)
--- PASS: TestAccS3Bucket_Security_corsUpdate (143.06s)
--- PASS: TestAccS3Bucket_Security_grantToACL (158.66s)
--- PASS: TestAccS3Bucket_Security_aclToGrant (160.98s)
--- PASS: TestAccS3Bucket_Security_policy (191.48s)
--- PASS: TestAccS3Bucket_Security_updateGrant (286.08s)
--- PASS: TestAccS3Bucket_Security_updateACL (387.01s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/s3 387.280s

@pdecat pdecat mentioned this pull request Feb 3, 2022
Closed
@pdecat
Copy link
Contributor Author

pdecat commented Feb 11, 2022

This PR is now obsolete because of #22537

resource/aws_s3_bucket: The acl and grant arguments have been deprecated and are now read-only. Use the aws_s3_bucket_acl resource instead when available in a future minor version.

b09aa2c

@pdecat pdecat closed this Feb 11, 2022
@pdecat pdecat deleted the fix_aws_s3_bucket_import branch February 11, 2022 07:57
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 20, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/s3 Issues and PRs that pertain to the s3 service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

import aws_s3_bucket does not store important attributes like acl
3 participants
@pdecat @zhelding @breathingdust