Allow parameters to follow standard lifecycle rules #1556
Conversation
|
I created an issue (#1481) earlier with the same proposed behavior so 👍. |
|
@Ninir I was wondering if this PR would be within your domain to review? The PR is pretty straight forward and passes unit and acceptance tests. |
|
Hi @pmorton I have to admit I love the idea and your implementation :) 👍 Here is what I did:
This seems like the proper way to do it, just want to clarify everything :) Thanks! |
|
|
||
| func shouldUpdateSsmParameter(d *schema.ResourceData) bool { | ||
| // If the user has specifed a preference, return their preference | ||
| if value, ok := d.GetOkExists("overwrite"); ok == true { |
There was a problem hiding this comment.
the ok == true isn't needed here
| @@ -56,7 +56,7 @@ The following arguments are supported: | |||
| * `type` - (Required) The type of the parameter. Valid types are `String`, `StringList` and `SecureString`. | |||
| * `value` - (Required) The value of the parameter. | |||
| * `key_id` - (Optional) The KMS key id or arn for encrypting a SecureString. | |||
| * `overwrite` - (Optional) Overwrite an existing parameter. If not specified, will default to `false`. | |||
| * `overwrite` - (Optional) Overwrite an existing parameter even if it was created outside of terraform. | |||
There was a problem hiding this comment.
I think we should really detail this argument a bit more here, to provide better inputs about what is going on.
Just for the case "if specified and set to true,...". Thoughts? :)
Ninir
added
enhancement
- The type and the key_id should not force new resource (that may result in data lost especially if we add a lifecycle rule to protect the value) - Implement the exist function to check if the resource already exist - Handle a bug in AWS that avoid removing a description after it has been set - Handle the key_id properly (if it is not specified by the user, should default to alias/aws/ssm) - Implemented the logic developed by @pmorton in PR hashicorp#1556 (to better handle the overwrite parameter)
radeksimko
added
the
size/M
|
any chance of this getting merged soon? the current behavior is moderately unusable (and, frankly, having |
|
It looks like this functionality made it in via #1520, which was previously released in version 1.11.0 of the AWS provider and has been available in all releases since. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
breathingdust
removed
the
waiting-response
This pull request refines the commits that were merged in response to #1004 and #1006. When 1006 was merged it introduced a new flag which allows the user to overwrite an existing parameter. I understand that this can be helpful if the parameter already exists in your system, however the introduction of this flags has broken the update lifecycle. Specifically the way that updates interacts with overwrite is non-sensical. Under the introduced in 1006 you must have overwrite set to true if the value of that parameter needs to be updated. This creates an unsafe scenario in that a new resource will overwrite an existing value that it did not create and this should throw an error unless the user decides that it should always be overwritten.
I am proposing the following the following rules to govern update.