Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/aws_iam_openid_connect_provider: Make thumbprint_list attribute optional #37255

Merged
merged 14 commits into from
Dec 10, 2024
Merged

r/aws_iam_openid_connect_provider: Make thumbprint_list attribute optional #37255

merged 14 commits into from
Dec 10, 2024

Conversation

tmatilai
Copy link
Contributor

@tmatilai tmatilai commented May 3, 2024
edited by YakDriver
Loading

Description

Make the thumbprint_list argument optional in the aws_iam_openid_connect_provider resource.

AWS now secures communication with some OIDC identity providers (IdPs) through a library of trusted root certificate authorities (CAs) instead of using a certificate thumbprint to verify the IdP server certificate.

And with orher IdPs, if the thumbprint list is not specified, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OIDC identity provider server certificate.

Relations

Closes #32480
Closes #35112
Relates #40509

References

The thumbprint list was made optional in the go-sdk 1.51.20:
https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md#release-v15120-2024-04-11

Output from Acceptance Testing

Output 
% make testacc TESTS=TestAccIAMOpenIDConnectProvider_ PKG=iam
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/iam/... -v -count 1 -parallel 20 -run='TestAccIAMOpenIDConnectProvider_'  -timeout 360m
=== RUN   TestAccIAMOpenIDConnectProvider_tags
=== PAUSE TestAccIAMOpenIDConnectProvider_tags
=== RUN   TestAccIAMOpenIDConnectProvider_tags_null
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_null
=== RUN   TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_basic
=== PAUSE TestAccIAMOpenIDConnectProvider_basic
=== RUN   TestAccIAMOpenIDConnectProvider_withoutThumbprints
=== PAUSE TestAccIAMOpenIDConnectProvider_withoutThumbprints
=== RUN   TestAccIAMOpenIDConnectProvider_disappears
=== PAUSE TestAccIAMOpenIDConnectProvider_disappears
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== CONT  TestAccIAMOpenIDConnectProvider_tags
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== CONT  TestAccIAMOpenIDConnectProvider_basic
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_null
=== CONT  TestAccIAMOpenIDConnectProvider_disappears
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== CONT  TestAccIAMOpenIDConnectProvider_withoutThumbprints
--- PASS: TestAccIAMOpenIDConnectProvider_withoutThumbprints (31.51s)
--- PASS: TestAccIAMOpenIDConnectProvider_disappears (32.15s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag (35.89s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag (35.98s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag (36.08s)
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDListOrder (36.70s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_null (41.33s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly (43.81s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate (46.16s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace (46.37s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly (47.33s)
--- PASS: TestAccIAMOpenIDConnectProvider_basic (47.84s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate (50.86s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add (59.34s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping (64.69s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping (64.99s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags (74.95s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly (77.28s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/iam        81.779s

tmatilai added 2 commits May 3, 2024 17:10
@tmatilai
r/aws_iam_openid_connect_provider: Make thumbprint_list attribute o…
62e7b84 
…ptional

AWS now secures communication with some OIDC identity providers (IdPs)
through a library of trusted root certificate authorities (CAs) instead
of using a certificate thumbprint to verify the IdP server certificate.

And with orher IdPs, if the thumbprint list is not specified, IAM will
retrieve and use the top intermediate certificate authority (CA)
thumbprint of the OIDC identity provider server certificate.
@tmatilai
Add changelog item
d7fd5f9
@github-actions GitHub Actions
Copy link

github-actions bot commented May 3, 2024

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/M Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/iam Issues and PRs that pertain to the iam service. labels May 3, 2024
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label May 3, 2024
tmatilai
tmatilai commented May 3, 2024
View reviewed changes
internal/service/iam/openid_connect_provider.go Outdated
Comment on lines 157 to 168
thumbprintList := d.Get("thumbprint_list").([]interface{})
if thumbprintList != nil {
input := &iam.UpdateOpenIDConnectProviderThumbprintInput{
OpenIDConnectProviderArn: aws.String(d.Id()),
ThumbprintList: flex.ExpandStringValueList(thumbprintList),
}

_, err := conn.UpdateOpenIDConnectProviderThumbprint(ctx, input)

if err != nil {
return sdkdiag.AppendErrorf(diags, "updating IAM OIDC Provider (%s) thumbprint: %s", d.Id(), err)
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not correct, but I don't know how to fix it. 🤔

If the IdP is implicitly trusted by AWS, it doesn't matter what the thumbprint_list is. So that's fine.

But if not, and the user unsets the attribute, the old value will now be kept both in AWS and in the state. There doesn't seem to be API call to trigger the automatic fetching of the thumbprint, so I guess the whole resource should be recreated in that case? I guess that should be done through the schema?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's no good way to solve this that I've been able to find. I opened #40509 as a result. Hopefully, it does not affect too many people.

@justinretzolk justinretzolk added enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. labels May 3, 2024
@YakDriver YakDriver self-assigned this Dec 9, 2024
@github-actions github-actions bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Dec 9, 2024
@YakDriver YakDriver requested a review from a team as a code owner December 10, 2024 00:03
@YakDriver YakDriver mentioned this pull request Dec 10, 2024
Open
YakDriver
YakDriver approved these changes Dec 10, 2024
View reviewed changes
Copy link
Member

@YakDriver YakDriver left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution!

% make t T=TestAccIAMOpenIDConnectProvider_ K=iam           
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.3 test ./internal/service/iam/... -v -count 1 -parallel 20 -run='TestAccIAMOpenIDConnectProvider_'  -timeout 360m
2024/12/10 14:22:40 Initializing Terraform AWS Provider...
=== RUN   TestAccIAMOpenIDConnectProvider_tags
=== PAUSE TestAccIAMOpenIDConnectProvider_tags
=== RUN   TestAccIAMOpenIDConnectProvider_tags_null
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_null
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyMap
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyMap
=== RUN   TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_basic
=== PAUSE TestAccIAMOpenIDConnectProvider_basic
=== RUN   TestAccIAMOpenIDConnectProvider_Thumbprints_none
--- PASS: TestAccIAMOpenIDConnectProvider_Thumbprints_none (9.09s)
=== RUN   TestAccIAMOpenIDConnectProvider_Thumbprints_withToWithout
--- PASS: TestAccIAMOpenIDConnectProvider_Thumbprints_withToWithout (14.12s)
=== RUN   TestAccIAMOpenIDConnectProvider_Thumbprints_withoutToWith
--- PASS: TestAccIAMOpenIDConnectProvider_Thumbprints_withoutToWith (14.89s)
=== RUN   TestAccIAMOpenIDConnectProvider_disappears
=== PAUSE TestAccIAMOpenIDConnectProvider_disappears
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDModification
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDModification
=== CONT  TestAccIAMOpenIDConnectProvider_tags
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== CONT  TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyMap
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== CONT  TestAccIAMOpenIDConnectProvider_disappears
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_null
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
--- PASS: TestAccIAMOpenIDConnectProvider_disappears (19.40s)
=== CONT  TestAccIAMOpenIDConnectProvider_basic
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag (29.71s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag (29.75s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag (29.81s)
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDListOrder
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate (29.84s)
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDModification
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag (29.88s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyMap (36.11s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_null (37.03s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate (43.71s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace (44.22s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly (45.84s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add (46.23s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace (47.16s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate (48.54s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag (49.59s)
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDListOrder (20.34s)
--- PASS: TestAccIAMOpenIDConnectProvider_basic (31.64s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add (56.30s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly (29.14s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping (60.07s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping (60.83s)
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDModification (36.77s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag (39.75s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags (69.74s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly (71.06s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/iam	113.154s

ewbankkit
ewbankkit approved these changes Dec 10, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccIAMOpenIDConnectProvider_' PKG=iam ACCTEST_PARALLELISM=3
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.3 test ./internal/service/iam/... -v -count 1 -parallel 3  -run=TestAccIAMOpenIDConnectProvider_ -timeout 360m
2024/12/10 14:40:27 Initializing Terraform AWS Provider...
=== RUN   TestAccIAMOpenIDConnectProvider_tags
=== PAUSE TestAccIAMOpenIDConnectProvider_tags
=== RUN   TestAccIAMOpenIDConnectProvider_tags_null
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_null
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyMap
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyMap
=== RUN   TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
=== RUN   TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
=== RUN   TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag
=== RUN   TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag
=== PAUSE TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag
=== RUN   TestAccIAMOpenIDConnectProvider_basic
=== PAUSE TestAccIAMOpenIDConnectProvider_basic
=== RUN   TestAccIAMOpenIDConnectProvider_Thumbprints_none
--- PASS: TestAccIAMOpenIDConnectProvider_Thumbprints_none (9.45s)
=== RUN   TestAccIAMOpenIDConnectProvider_Thumbprints_withToWithout
--- PASS: TestAccIAMOpenIDConnectProvider_Thumbprints_withToWithout (13.89s)
=== RUN   TestAccIAMOpenIDConnectProvider_Thumbprints_withoutToWith
--- PASS: TestAccIAMOpenIDConnectProvider_Thumbprints_withoutToWith (15.39s)
=== RUN   TestAccIAMOpenIDConnectProvider_disappears
=== PAUSE TestAccIAMOpenIDConnectProvider_disappears
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDListOrder
=== RUN   TestAccIAMOpenIDConnectProvider_clientIDModification
=== PAUSE TestAccIAMOpenIDConnectProvider_clientIDModification
=== CONT  TestAccIAMOpenIDConnectProvider_tags
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyProviderOnlyTag (12.73s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_DefaultTag (24.93s)
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDModification
--- PASS: TestAccIAMOpenIDConnectProvider_tags (42.64s)
=== CONT  TestAccIAMOpenIDConnectProvider_clientIDListOrder
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_providerOnly (42.80s)
=== CONT  TestAccIAMOpenIDConnectProvider_disappears
--- PASS: TestAccIAMOpenIDConnectProvider_disappears (9.19s)
=== CONT  TestAccIAMOpenIDConnectProvider_basic
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDListOrder (11.88s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_clientIDModification (26.43s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate
--- PASS: TestAccIAMOpenIDConnectProvider_basic (17.96s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnCreate (16.03s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add
--- PASS: TestAccIAMOpenIDConnectProvider_tags_IgnoreTags_Overlap_ResourceTag (29.47s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Replace (24.16s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullNonOverlappingResourceTag (12.53s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace
--- PASS: TestAccIAMOpenIDConnectProvider_tags_ComputedTag_OnUpdate_Add (24.24s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnCreate (21.89s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_EmptyMap
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Replace (19.95s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyMap (15.04s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_null
--- PASS: TestAccIAMOpenIDConnectProvider_tags_EmptyTag_OnUpdate_Add (29.06s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly
--- PASS: TestAccIAMOpenIDConnectProvider_tags_AddOnUpdate (19.38s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_null (15.09s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_emptyResourceTag (12.44s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToProviderOnly (19.99s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nullOverlappingResourceTag (12.26s)
=== CONT  TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_updateToResourceOnly (18.85s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_overlapping (33.22s)
--- PASS: TestAccIAMOpenIDConnectProvider_tags_DefaultTags_nonOverlapping (32.87s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/iam	237.287s

@YakDriver YakDriver merged commit b4eb0a1 into hashicorp:main Dec 10, 2024
43 checks passed
@github-actions github-actions bot added this to the v5.81.0 milestone Dec 10, 2024
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Dec 12, 2024
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.81.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YakDriver YakDriver YakDriver approved these changes

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@YakDriver YakDriver

Labels
documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. service/iam Issues and PRs that pertain to the iam service. size/M Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.81.0
4 participants
@tmatilai @ewbankkit @YakDriver @justinretzolk