Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not retrieve EMR AD Domain Join User from AWS API #8559

Merged
merged 1 commit into from
Jul 1, 2019
Merged

Not retrieve EMR AD Domain Join User from AWS API #8559

merged 1 commit into from
Jul 1, 2019

Conversation

joelthompson
Copy link
Contributor

The AWS API returns ******** for the ADDomainJoinUser attribute, the
same as for ADDomainJoinPassword, CrossRealmTrustPrincipalPassword, and
KdcAdminPassword. This causes a terraform plan to always attempt to
rebuild the cluster since the ad_domain_join_user attribute is seen as
changing from ******** to what is specified and desired in the plan.
This now configures EMR to not retrieve this attribute from the AWS APIs
so that it doesn't always attempt to rebuild the cluster.

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Release note for CHANGELOG:

Fix bug with AWS EMR clusters that have an `ad_domain_join_user` specified in the `kerberos_attributes` always attempting to recreate the cluster even when no changes are specified.

Output from acceptance testing:

N/A: I didn't run the acceptance tests as it looks like there is any test behavior for this aspect of EMR, and spinning up EMR clusters

@joelthompson
Not retrieve EMR AD Domain Join User from AWS API
1d26666 
The AWS API returns ******** for the ADDomainJoinUser attribute, the
same as for ADDomainJoinPassword, CrossRealmTrustPrincipalPassword, and
KdcAdminPassword. This causes a terraform plan to always attempt to
rebuild the cluster since the ad_domain_join_user attribute is seen as
changing from ******** to what is specified and desired in the plan.
This now configures EMR to not retrieve this attribute from the AWS APIs
so that it doesn't always attempt to rebuild the cluster.
@ghost ghost added size/XS Managed by automation to categorize the size of a PR. service/emr Issues and PRs that pertain to the emr service. labels May 8, 2019
@aeschright aeschright requested a review from a team June 26, 2019 16:55
@bflad bflad added the bug Addresses a defect in current functionality. label Jul 1, 2019
@bflad bflad mentioned this pull request Jul 1, 2019
Closed
@bflad bflad added this to the v2.18.0 milestone Jul 1, 2019
bflad
bflad approved these changes Jul 1, 2019
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this, @joelthompson 🚀 Given #9129 I'd like to pull this in, even without the acceptance testing being 100% since I'm familiar with the code here. Post merge I'm going to ensure the documentation notes that Terraform cannot perform drift detection on these arguments just to clear up any confusion regarding that. 👍

@bflad bflad merged commit bcbf76c into hashicorp:master Jul 1, 2019
bflad added a commit that referenced this pull request Jul 1, 2019
@bflad
Update CHANGELOG for #8559
a766d58
@bflad
Copy link
Contributor

bflad commented Jul 5, 2019

This has been released in version 2.18.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@suryadevarauday
Copy link

Still not working on 2.18.0

$ terraform version
Terraform v0.11.14

  • provider.aws v2.18.0

Your version of Terraform is out of date! The latest version
is 0.12.5. You can update by downloading from www.terraform.io/downloads.html

kerberos_attributes.0.ad_domain_join_user: "********" => "newvalue" (forces new resource)

@joelthompson joelthompson deleted the emr_domain_join_user branch August 16, 2019 14:07
@ghost
Copy link

ghost commented Nov 1, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Nov 1, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bflad bflad bflad approved these changes

Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/emr Issues and PRs that pertain to the emr service. size/XS Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v2.18.0
Development

Successfully merging this pull request may close these issues.
3 participants
@joelthompson @bflad @suryadevarauday