Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

r/aws_lakeformation_permissions: Fix bug where SELECT permissions are not properly read in from AWS #18203

Conversation

jackbatzner
Copy link
Contributor

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #17299

Output from acceptance testing:

=== RUN TestAccAWSLakeFormation_serial
=== RUN TestAccAWSLakeFormation_serial/Permissions
=== RUN TestAccAWSLakeFormation_serial/Permissions/selectPermissions
--- PASS: TestAccAWSLakeFormation_serial (38.65s)
--- PASS: TestAccAWSLakeFormation_serial/Permissions (38.65s)
--- PASS: TestAccAWSLakeFormation_serial/Permissions/selectPermissions (38.65s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 43.488s

$ make testacc TESTARGS='-run= TestAccAWSLakeFormation_serial'

...

@jackbatzner jackbatzner requested a review from a team as a code owner March 18, 2021 19:42
@ghost ghost added size/L Managed by automation to categorize the size of a PR. service/lakeformation Issues and PRs that pertain to the lakeformation service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Mar 18, 2021
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Mar 18, 2021
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @Brunhil 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTING guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@YakDriver YakDriver removed the needs-triage Waiting for first response or review from a maintainer. label Mar 18, 2021
@YakDriver YakDriver self-assigned this Mar 18, 2021
@YakDriver
Copy link
Member

YakDriver commented Mar 18, 2021

@Brunhil Thanks for this contribution! I'll look at this in the near future. Let me know when this is complete. To save time, if we need minor changes, I will make them directly so make sure to check the box to allow edits by maintainers.

@jackbatzner
Copy link
Contributor Author

Thanks for checking in @YakDriver , this should be ready for your review. I believe I covered most of the steps as defined in the CONTRIBUTING readme. Let me know if I missed anything!

I added a test for this case that should fail on current the current main branch to confirm the referenced issue.

@YakDriver
Copy link
Member

YakDriver commented Mar 18, 2021

@Brunhil If you have further interest in this resource, we could use some help! Lake Formation, and permissions in particular, seem to have especially bad eventual consistency problems (for example, errors that will eventually go away like "AccessDeniedException: Resource does not exist" or "error reading Lake Formation permissions: no permissions found" type errors). If you're interested in tackling asynchronous challenges, this documentation will get you started: https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/contributing/retries-and-waiters.md. Because of these AWS challenges, the AWS provider Lake Formation resources are only marginally stable.

@YakDriver YakDriver force-pushed the b-aws_lakeformation_permissions-select-bugfix branch from 10d8bbd to e266ce0 Compare March 18, 2021 21:35
Copy link
Member

@YakDriver YakDriver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! 🎉

Acceptance tests in GovCloud:

--- PASS: TestAccAWSLakeFormation_serial (323.30s)
    --- PASS: TestAccAWSLakeFormation_serial/Permissions (99.47s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/database (23.88s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/selectPermissions (23.27s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/basic (26.50s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/dataLocation (25.82s)
    --- PASS: TestAccAWSLakeFormation_serial/TablePermissions (92.36s)
        --- PASS: TestAccAWSLakeFormation_serial/TablePermissions/tableName (23.11s)
        --- PASS: TestAccAWSLakeFormation_serial/TablePermissions/tableWildcard (22.38s)
        --- PASS: TestAccAWSLakeFormation_serial/TablePermissions/tableWithColumns (23.29s)
        --- PASS: TestAccAWSLakeFormation_serial/TablePermissions/tableWithColumnsAndTable (23.59s)
    --- PASS: TestAccAWSLakeFormation_serial/DataSourcePermissions (131.47s)
        --- PASS: TestAccAWSLakeFormation_serial/DataSourcePermissions/basicDataSource (22.70s)
        --- PASS: TestAccAWSLakeFormation_serial/DataSourcePermissions/dataLocationDataSource (27.81s)
        --- PASS: TestAccAWSLakeFormation_serial/DataSourcePermissions/databaseDataSource (30.64s)
        --- PASS: TestAccAWSLakeFormation_serial/DataSourcePermissions/tableDataSource (26.47s)
        --- PASS: TestAccAWSLakeFormation_serial/DataSourcePermissions/tableWithColumnsDataSource (23.85s)

Acceptance tests on Commercial:

    --- PASS: TestAccAWSLakeFormation_serial/Permissions (102.99s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/dataLocation (27.37s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/database (21.15s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/selectPermissions (25.43s)
        --- PASS: TestAccAWSLakeFormation_serial/Permissions/basic (29.04s)

@YakDriver YakDriver added this to the v3.33.0 milestone Mar 18, 2021
@YakDriver YakDriver merged commit 476ec32 into hashicorp:main Mar 18, 2021
@ghost
Copy link

ghost commented Mar 18, 2021

This has been released in version 3.33.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@jackbatzner
Copy link
Contributor Author

Because of these AWS challenges, the AWS provider Lake Formation resources are only marginally stable.

This sounds interesting and fun @YakDriver ! Looking at the existing resource it already has retry logic in place. Is there something different we wanted to do here?

@ghost
Copy link

ghost commented Apr 18, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked as resolved and limited conversation to collaborators Apr 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
service/lakeformation Issues and PRs that pertain to the lakeformation service. size/L Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Lakeformation SELECT table permission always shows as a change
3 participants