Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

resource/aws_lb_target_group: Attempt to resolve catch-22 around NLB's stickiness #2954

Merged
merged 3 commits into from
Feb 24, 2018
Merged

resource/aws_lb_target_group: Attempt to resolve catch-22 around NLB's stickiness #2954

merged 3 commits into from
Feb 24, 2018

Conversation

mattgiles
Copy link
Contributor

See #2746

The catch-22 is that stickiness is not allowed for NLBs, stickiness is enabled by default for all LBs, and the check to make sure an NLB has not enabled stickiness only looks for the existence of a stickiness block -- leaving you damned if you define it damned if you don't.

There might be more principled approaches which break current defaults, but it seems natural enough to go to define the stickiness block (to disable stickiness) after being told your LB doesn't support it.

@mattgiles
Attempt to resolve aws_lb_target_group catch-22.
08d7b8c 
The catch-22 is that stickiness is not allowed for NLBs, but stickiness is enabled by default and the check to see if an NLB has enabled stickiness only looks for the existence of the stickiness block. This change, instead, evaluates whether or not that block disables stickiness (which is a reasonable thing to do when told that your NLB doesn’t support stickiness).

There may be more principled approaches that make use of breaking changes.
@Ninir Ninir added the bug Addresses a defect in current functionality. label Jan 12, 2018
@radeksimko radeksimko added the service/elbv2 Issues and PRs that pertain to the elbv2 service. label Jan 16, 2018
@radeksimko radeksimko changed the title Attempt to resolve aws_lb_target_group catch-22. resource/aws_lb_target_group: Attempt to resolve catch-22 around NLB's stickiness Jan 16, 2018
@aggallim
Copy link

Any idea when this will be merged?

@vancluever
r/lb_target_group: Allow for stickiness config on TCP groups (continued)
aa7e6c3 
This is a continuation of 08d7b8c, which modifies the diff validation
check to allow for stickiness to be defined on TCP target groups, but
requires that this setting be false. While this allows the diff to be
applied, this still fails on the AWS end because it still sets the
stickiness attributes on target group types that don't support it.

This update skips sending the stickiness attribute data to AWS when
using a TCP load balancer, in addition to skipping reading it back in
when the real-world protocol is TCP. This ensures both that the apply
will succeed in AWS, and that spurious diffs aren't caused by ensuring
that the state coming from config is not overwritten.

Also, tests have been added for both ensuring that enabling stickiness
is still blocked, and ensuring that a disabled stickiness block
succeeds with an empty post-apply plan.

Finally, documentation has been added denoting that you can still
declare a stickiness block when TCP is used, but it must be disabled.
@ghost ghost added the size/L Managed by automation to categorize the size of a PR. label Feb 10, 2018
@vancluever
Copy link
Contributor

vancluever commented Feb 10, 2018
edited
Loading

Hey all, I've updated this PR to ensure it works - before it actually was still failing on the API end because even though the diff was passing validation, the attributes were still being set, which can't happen for TCP target groups period.

I will work on getting this reviewed and merged next week.

Thanks!

@vancluever vancluever mentioned this pull request Feb 10, 2018
Closed
@bflad bflad added this to the v1.10.0 milestone Feb 14, 2018
@bflad
Copy link
Contributor

bflad commented Feb 14, 2018

@vancluever I'm seeing spurious diffs on the stickiness.# attribute for three of the tests with this updated logic (the rest of them pass) 😢 Do you have time to fix these?

=== RUN   TestAccAWSLBTargetGroup_networkLB_TargetGroup
--- FAIL: TestAccAWSLBTargetGroup_networkLB_TargetGroup (20.13s)
	testing.go:513: Step 0 error: After applying this step, the plan was not empty:

		DIFF:

		UPDATE: aws_lb_target_group.test
		  stickiness.#: "" => "<computed>"

		STATE:

		aws_lb_target_group.test:
		  ID = arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/test-target-group-f3jkf4yeeu/1cc69e6a10936efb
		  provider = provider.aws
		  arn = arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/test-target-group-f3jkf4yeeu/1cc69e6a10936efb
		  arn_suffix = targetgroup/test-target-group-f3jkf4yeeu/1cc69e6a10936efb
		  deregistration_delay = 200
		  health_check.# = 1
		  health_check.0.healthy_threshold = 3
		  health_check.0.interval = 10
		  health_check.0.matcher =
		  health_check.0.path =
		  health_check.0.port = traffic-port
		  health_check.0.protocol = TCP
		  health_check.0.timeout = 10
		  health_check.0.unhealthy_threshold = 3
		  name = test-target-group-f3jkf4yeeu
		  port = 8082
		  protocol = TCP
		  tags.% = 1
		  tags.Name = TestAcc_networkLB_TargetGroup
		  target_type = instance
		  vpc_id = vpc-e4c64b9d

		  Dependencies:
		    aws_vpc.test
		aws_vpc.test:
		  ...
=== RUN   TestAccAWSLBTargetGroup_TCP_HTTPHealthCheck
--- FAIL: TestAccAWSLBTargetGroup_TCP_HTTPHealthCheck (19.46s)
	testing.go:513: Step 0 error: After applying this step, the plan was not empty:

		DIFF:

		UPDATE: aws_lb_target_group.test
		  stickiness.#: "" => "<computed>"

		STATE:

		aws_lb_target_group.test:
		  ID = arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/test-tg-tcp-http-hc-0zaf7tjy/9636426fcea10af7
		  provider = provider.aws
		  arn = arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/test-tg-tcp-http-hc-0zaf7tjy/9636426fcea10af7
		  arn_suffix = targetgroup/test-tg-tcp-http-hc-0zaf7tjy/9636426fcea10af7
		  deregistration_delay = 300
		  health_check.# = 1
		  health_check.0.healthy_threshold = 2
		  health_check.0.interval = 30
		  health_check.0.matcher = 200-399
		  health_check.0.path = /healthz
		  health_check.0.port = 443
		  health_check.0.protocol = HTTPS
		  health_check.0.timeout = 10
		  health_check.0.unhealthy_threshold = 2
		  name = test-tg-tcp-http-hc-0zaf7tjy
		  port = 8082
		  protocol = TCP
		  tags.% = 1
		  tags.Name = TestAcc_networkLB_HTTPHealthCheck
		  target_type = instance
		  vpc_id = vpc-87c64bfe

		  Dependencies:
		    aws_vpc.test
		aws_vpc.test:
		  ...
=== RUN   TestAccAWSLBTargetGroup_defaults_network
--- FAIL: TestAccAWSLBTargetGroup_defaults_network (23.14s)
	testing.go:513: Step 3 error: After applying this step, the plan was not empty:

		DIFF:

		UPDATE: aws_lb_target_group.test
		  stickiness.#: "" => "<computed>"

		STATE:

		aws_lb_target_group.test:
		  ID = arn:aws:elasticloadbalancing:us-west-2:377520617041:targetgroup/test-target-group-461eooacq0/1271eef78040f14e
		  provider = provider.aws
		  arn = arn:aws:elasticloadbalancing:us-west-2:377520617041:targetgroup/test-target-group-461eooacq0/1271eef78040f14e
		  arn_suffix = targetgroup/test-target-group-461eooacq0/1271eef78040f14e
		  deregistration_delay = 200
		  health_check.# = 1
		  health_check.0.healthy_threshold = 3
		  health_check.0.interval = 10
		  health_check.0.matcher =
		  health_check.0.path =
		  health_check.0.port = 8081
		  health_check.0.protocol = TCP
		  health_check.0.timeout = 10
		  health_check.0.unhealthy_threshold = 3
		  name = test-target-group-461eooacq0
		  port = 443
		  protocol = TCP
		  tags.% = 1
		  tags.Name = TestAccAWSLBTargetGroup_application_LB_defaults
		  target_type = instance
		  vpc_id = vpc-56de532f

		  Dependencies:
		    aws_vpc.test
		aws_vpc.test:
		  ...

@vancluever
Copy link
Contributor

Argh! I should have run the rest. Will jump on this this morning @bflad!

@vancluever
r/lb_target_group: Account for undeclared TCP target groups
b656bc0 
This fixes spurious diffs when someone actually doesn't specify the
stickiness sub-resource, which was the only way to not do false before.
@ghost ghost added the size/L Managed by automation to categorize the size of a PR. label Feb 15, 2018
@vancluever
Copy link
Contributor

I'm trying to get a clean test run, it's been tough because there are so many LB tests when running off a more general regexp (ie: -run=LB). I'm going to set up a dedicated user on my account with the appropriate permissions so that STS tokens don't expire, and do a test run tonight.

@vancluever
Copy link
Contributor

Tests largely passed, save for one timeout and also a bunch of certificate-related errors because the key I was using did not have IAM permissions. The target group tests all pass now. The spurious diff error does not seem to have the aws_lb_target_group resource in it at all.

=== RUN   TestAccDataSourceAWSELB_basic
--- PASS: TestAccDataSourceAWSELB_basic (27.54s)
=== RUN   TestAccDataSourceAWSLBListener_basic
--- PASS: TestAccDataSourceAWSLBListener_basic (222.71s)
=== RUN   TestAccDataSourceAWSLBListenerBackwardsCompatibility
--- PASS: TestAccDataSourceAWSLBListenerBackwardsCompatibility (213.05s)
=== RUN   TestAccDataSourceAWSLBListener_https
--- FAIL: TestAccDataSourceAWSLBListener_https (184.95s)
	testing.go:513: Step 0 error: Error applying: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: [WARN] Error uploading server certificate, error: AccessDenied: User: arn:aws:iam::831472610478:user/tftesttmp is not authorized to perform: iam:UploadServerCertificate on resource: arn:aws:iam::831472610478:server-certificate/terraform-test-cert-8265735009884350657
=== RUN   TestAccDataSourceAWSALBTargetGroup_basic
--- PASS: TestAccDataSourceAWSALBTargetGroup_basic (192.34s)
=== RUN   TestAccDataSourceAWSLBTargetGroupBackwardsCompatibility
--- PASS: TestAccDataSourceAWSLBTargetGroupBackwardsCompatibility (201.55s)
=== RUN   TestAccDataSourceAWSLB_basic
--- PASS: TestAccDataSourceAWSLB_basic (211.54s)
=== RUN   TestAccDataSourceAWSLBBackwardsCompatibility
--- PASS: TestAccDataSourceAWSLBBackwardsCompatibility (200.10s)
=== RUN   TestAccAWSELB_importBasic
--- PASS: TestAccAWSELB_importBasic (18.44s)
=== RUN   TestALBTargetGroupCloudwatchSuffixFromARN
--- PASS: TestALBTargetGroupCloudwatchSuffixFromARN (0.00s)
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (19.97s)
=== RUN   TestAccAWSALBTargetGroup_namePrefix
--- PASS: TestAccAWSALBTargetGroup_namePrefix (18.10s)
=== RUN   TestAccAWSALBTargetGroup_generatedName
--- PASS: TestAccAWSALBTargetGroup_generatedName (18.10s)
=== RUN   TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (33.10s)
=== RUN   TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (33.17s)
=== RUN   TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (33.02s)
=== RUN   TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (28.90s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (33.87s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (30.32s)
=== RUN   TestAccAWSALBTargetGroup_updateSticknessEnabled
--- PASS: TestAccAWSALBTargetGroup_updateSticknessEnabled (43.18s)
=== RUN   TestAccAWSAppCookieStickinessPolicy_missingLB
--- PASS: TestAccAWSAppCookieStickinessPolicy_missingLB (30.72s)
=== RUN   TestAccAWSAutoScalingGroup_ALB_TargetGroups
--- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups (87.22s)
=== RUN   TestAccAWSAutoScalingGroup_ALB_TargetGroups_ELBCapacity
--- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups_ELBCapacity (319.04s)
=== RUN   TestAccAWSELBAttachment_basic
--- PASS: TestAccAWSELBAttachment_basic (169.68s)
=== RUN   TestAccAWSELBAttachment_drift
--- PASS: TestAccAWSELBAttachment_drift (99.32s)
=== RUN   TestAccAWSELB_basic
--- PASS: TestAccAWSELB_basic (16.88s)
=== RUN   TestAccAWSELB_fullCharacterRange
--- PASS: TestAccAWSELB_fullCharacterRange (16.58s)
=== RUN   TestAccAWSELB_AccessLogs_enabled
--- PASS: TestAccAWSELB_AccessLogs_enabled (44.40s)
=== RUN   TestAccAWSELB_AccessLogs_disabled
--- PASS: TestAccAWSELB_AccessLogs_disabled (45.29s)
=== RUN   TestAccAWSELB_namePrefix
--- PASS: TestAccAWSELB_namePrefix (15.93s)
=== RUN   TestAccAWSELB_generatedName
--- PASS: TestAccAWSELB_generatedName (16.40s)
=== RUN   TestAccAWSELB_generatesNameForZeroValue
--- PASS: TestAccAWSELB_generatesNameForZeroValue (15.40s)
=== RUN   TestAccAWSELB_availabilityZones
--- PASS: TestAccAWSELB_availabilityZones (27.21s)
=== RUN   TestAccAWSELB_tags
--- PASS: TestAccAWSELB_tags (27.54s)
=== RUN   TestAccAWSELB_iam_server_cert
--- FAIL: TestAccAWSELB_iam_server_cert (6.80s)
	testing.go:513: Step 0 error: Error applying: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: [WARN] Error uploading server certificate, error: AccessDenied: User: arn:aws:iam::831472610478:user/tftesttmp is not authorized to perform: iam:UploadServerCertificate on resource: arn:aws:iam::831472610478:server-certificate/tf-acctest-snt0d6lgk4
=== RUN   TestAccAWSELB_swap_subnets
--- PASS: TestAccAWSELB_swap_subnets (45.57s)
=== RUN   TestAccAWSELB_InstanceAttaching
--- PASS: TestAccAWSELB_InstanceAttaching (203.06s)
=== RUN   TestAccAWSELBUpdate_Listener
--- PASS: TestAccAWSELBUpdate_Listener (27.91s)
=== RUN   TestAccAWSELB_HealthCheck
--- PASS: TestAccAWSELB_HealthCheck (16.96s)
=== RUN   TestAccAWSELBUpdate_HealthCheck
--- PASS: TestAccAWSELBUpdate_HealthCheck (28.35s)
=== RUN   TestAccAWSELB_Timeout
--- PASS: TestAccAWSELB_Timeout (16.07s)
=== RUN   TestAccAWSELBUpdate_Timeout
--- PASS: TestAccAWSELBUpdate_Timeout (27.12s)
=== RUN   TestAccAWSELB_ConnectionDraining
--- PASS: TestAccAWSELB_ConnectionDraining (16.43s)
=== RUN   TestAccAWSELBUpdate_ConnectionDraining
--- PASS: TestAccAWSELBUpdate_ConnectionDraining (39.97s)
=== RUN   TestAccAWSELB_SecurityGroups
--- PASS: TestAccAWSELB_SecurityGroups (31.82s)
=== RUN   TestResourceAWSELB_validateElbNameCannotBeginWithHyphen
--- PASS: TestResourceAWSELB_validateElbNameCannotBeginWithHyphen (0.00s)
=== RUN   TestResourceAWSELB_validateElbNameCanBeAnEmptyString
--- PASS: TestResourceAWSELB_validateElbNameCanBeAnEmptyString (0.00s)
=== RUN   TestResourceAWSELB_validateElbNameCannotBeLongerThan32Characters
--- PASS: TestResourceAWSELB_validateElbNameCannotBeLongerThan32Characters (0.00s)
=== RUN   TestResourceAWSELB_validateElbNameCannotHaveSpecialCharacters
--- PASS: TestResourceAWSELB_validateElbNameCannotHaveSpecialCharacters (0.00s)
=== RUN   TestResourceAWSELB_validateElbNameCannotEndWithHyphen
--- PASS: TestResourceAWSELB_validateElbNameCannotEndWithHyphen (0.00s)
=== RUN   TestResourceAWSELB_validateAccessLogsInterval
--- PASS: TestResourceAWSELB_validateAccessLogsInterval (0.00s)
=== RUN   TestResourceAWSELB_validateListenerProtocol
--- PASS: TestResourceAWSELB_validateListenerProtocol (0.00s)
=== RUN   TestResourceAWSELB_validateHealthCheckTarget
--- PASS: TestResourceAWSELB_validateHealthCheckTarget (0.00s)
=== RUN   TestAccAWSLBCookieStickinessPolicy_basic
--- PASS: TestAccAWSLBCookieStickinessPolicy_basic (28.29s)
=== RUN   TestAccCheckLBCookieStickinessPolicy_drift
--- PASS: TestAccCheckLBCookieStickinessPolicy_drift (28.75s)
=== RUN   TestAccAWSLBCookieStickinessPolicy_missingLB
--- PASS: TestAccAWSLBCookieStickinessPolicy_missingLB (29.91s)
=== RUN   TestLBListenerARNFromRuleARN
--- PASS: TestLBListenerARNFromRuleARN (0.00s)
=== RUN   TestAccAWSLBListenerRule_basic
--- FAIL: TestAccAWSLBListenerRule_basic (621.17s)
	testing.go:513: Step 0 error: Error applying: 1 error(s) occurred:
		
		* aws_lb.alb_test: 1 error(s) occurred:
		
		* aws_lb.alb_test: timeout while waiting for state to become 'active' (last state: 'provisioning', timeout: 10m0s)
=== RUN   TestAccAWSLBListenerRuleBackwardsCompatibility
--- PASS: TestAccAWSLBListenerRuleBackwardsCompatibility (200.69s)
=== RUN   TestAccAWSLBListenerRule_updateRulePriority
--- PASS: TestAccAWSLBListenerRule_updateRulePriority (230.52s)
=== RUN   TestAccAWSLBListenerRule_changeListenerRuleArnForcesNew
--- PASS: TestAccAWSLBListenerRule_changeListenerRuleArnForcesNew (204.23s)
=== RUN   TestAccAWSLBListenerRule_multipleConditionThrowsError
--- PASS: TestAccAWSLBListenerRule_multipleConditionThrowsError (1.65s)
=== RUN   TestAccAWSLBListener_basic
--- PASS: TestAccAWSLBListener_basic (191.37s)
=== RUN   TestAccAWSLBListenerBackwardsCompatibility
--- PASS: TestAccAWSLBListenerBackwardsCompatibility (190.66s)
=== RUN   TestAccAWSLBListener_https
--- FAIL: TestAccAWSLBListener_https (173.63s)
	testing.go:513: Step 0 error: Error applying: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: [WARN] Error uploading server certificate, error: AccessDenied: User: arn:aws:iam::831472610478:user/tftesttmp is not authorized to perform: iam:UploadServerCertificate on resource: arn:aws:iam::831472610478:server-certificate/terraform-test-cert-3277930772239362850
=== RUN   TestAccAWSLBSSLNegotiationPolicy_basic
--- FAIL: TestAccAWSLBSSLNegotiationPolicy_basic (6.72s)
	testing.go:513: Step 0 error: Error applying: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: [WARN] Error uploading server certificate, error: AccessDenied: User: arn:aws:iam::831472610478:user/tftesttmp is not authorized to perform: iam:UploadServerCertificate on resource: arn:aws:iam::831472610478:server-certificate/tf-acctest-4t79xx4pvo
=== RUN   TestAccAWSLBSSLNegotiationPolicy_missingLB
--- FAIL: TestAccAWSLBSSLNegotiationPolicy_missingLB (6.82s)
	testing.go:513: Step 0 error: Error applying: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: 1 error(s) occurred:
		
		* aws_iam_server_certificate.test_cert: [WARN] Error uploading server certificate, error: AccessDenied: User: arn:aws:iam::831472610478:user/tftesttmp is not authorized to perform: iam:UploadServerCertificate on resource: arn:aws:iam::831472610478:server-certificate/tf-acctest-2slcllvpu1
=== RUN   TestAccAWSLBTargetGroupAttachment_basic
--- PASS: TestAccAWSLBTargetGroupAttachment_basic (197.87s)
=== RUN   TestAccAWSLBTargetGroupAttachmentBackwardsCompatibility
--- PASS: TestAccAWSLBTargetGroupAttachmentBackwardsCompatibility (66.44s)
=== RUN   TestAccAWSLBTargetGroupAttachment_withoutPort
--- PASS: TestAccAWSLBTargetGroupAttachment_withoutPort (92.07s)
=== RUN   TestAccAWSALBTargetGroupAttachment_ipAddress
--- PASS: TestAccAWSALBTargetGroupAttachment_ipAddress (101.59s)
=== RUN   TestLBTargetGroupCloudwatchSuffixFromARN
--- PASS: TestLBTargetGroupCloudwatchSuffixFromARN (0.00s)
=== RUN   TestAccAWSLBTargetGroup_basic
--- PASS: TestAccAWSLBTargetGroup_basic (18.09s)
=== RUN   TestAccAWSLBTargetGroup_networkLB_TargetGroup
--- PASS: TestAccAWSLBTargetGroup_networkLB_TargetGroup (34.88s)
=== RUN   TestAccAWSLBTargetGroup_TCP_HTTPHealthCheck
--- PASS: TestAccAWSLBTargetGroup_TCP_HTTPHealthCheck (30.49s)
=== RUN   TestAccAWSLBTargetGroupBackwardsCompatibility
--- PASS: TestAccAWSLBTargetGroupBackwardsCompatibility (18.43s)
=== RUN   TestAccAWSLBTargetGroup_namePrefix
--- PASS: TestAccAWSLBTargetGroup_namePrefix (17.76s)
=== RUN   TestAccAWSLBTargetGroup_generatedName
--- PASS: TestAccAWSLBTargetGroup_generatedName (18.52s)
=== RUN   TestAccAWSLBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSLBTargetGroup_changeNameForceNew (31.20s)
=== RUN   TestAccAWSLBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSLBTargetGroup_changeProtocolForceNew (32.81s)
=== RUN   TestAccAWSLBTargetGroup_changePortForceNew
--- PASS: TestAccAWSLBTargetGroup_changePortForceNew (31.70s)
=== RUN   TestAccAWSLBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSLBTargetGroup_changeVpcForceNew (29.30s)
=== RUN   TestAccAWSLBTargetGroup_tags
--- PASS: TestAccAWSLBTargetGroup_tags (30.51s)
=== RUN   TestAccAWSLBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSLBTargetGroup_updateHealthCheck (30.33s)
=== RUN   TestAccAWSLBTargetGroup_updateSticknessEnabled
--- PASS: TestAccAWSLBTargetGroup_updateSticknessEnabled (43.98s)
=== RUN   TestAccAWSLBTargetGroup_defaults_application
--- PASS: TestAccAWSLBTargetGroup_defaults_application (18.11s)
=== RUN   TestAccAWSLBTargetGroup_defaults_network
--- PASS: TestAccAWSLBTargetGroup_defaults_network (23.34s)
=== RUN   TestAccAWSLBTargetGroup_stickinessWithTCPDisabled
--- PASS: TestAccAWSLBTargetGroup_stickinessWithTCPDisabled (17.94s)
=== RUN   TestAccAWSLBTargetGroup_stickinessWithTCPEnabledShouldError
--- PASS: TestAccAWSLBTargetGroup_stickinessWithTCPEnabledShouldError (3.42s)
=== RUN   TestLBCloudwatchSuffixFromARN
--- PASS: TestLBCloudwatchSuffixFromARN (0.00s)
=== RUN   TestAccAWSLB_basic
--- PASS: TestAccAWSLB_basic (200.68s)
=== RUN   TestAccAWSLB_networkLoadbalancer
--- PASS: TestAccAWSLB_networkLoadbalancer (176.47s)
=== RUN   TestAccAWSLB_networkLoadbalancerEIP
--- PASS: TestAccAWSLB_networkLoadbalancerEIP (221.83s)
=== RUN   TestAccAWSLBBackwardsCompatibility
--- PASS: TestAccAWSLBBackwardsCompatibility (190.72s)
=== RUN   TestAccAWSLB_generatedName
--- PASS: TestAccAWSLB_generatedName (199.84s)
=== RUN   TestAccAWSLB_generatesNameForZeroValue
--- PASS: TestAccAWSLB_generatesNameForZeroValue (190.87s)
=== RUN   TestAccAWSLB_namePrefix
--- PASS: TestAccAWSLB_namePrefix (189.78s)
=== RUN   TestAccAWSLB_tags
--- PASS: TestAccAWSLB_tags (252.42s)
=== RUN   TestAccAWSLB_updatedSecurityGroups
--- PASS: TestAccAWSLB_updatedSecurityGroups (234.85s)
=== RUN   TestAccAWSLB_updatedSubnets
--- FAIL: TestAccAWSLB_updatedSubnets (197.56s)
	testing.go:513: Step 0 error: After applying this step, the plan was not empty:
		
		DIFF:
		
		UPDATE: aws_security_group.alb_test
		  egress.#:                             "0" => "1"
		  egress.482069346.cidr_blocks.#:       "0" => "1"
		  egress.482069346.cidr_blocks.0:       "" => "0.0.0.0/0"
		  egress.482069346.description:         "" => ""
		  egress.482069346.from_port:           "" => "0"
		  egress.482069346.ipv6_cidr_blocks.#:  "0" => "0"
		  egress.482069346.prefix_list_ids.#:   "0" => "0"
		  egress.482069346.protocol:            "" => "-1"
		  egress.482069346.security_groups.#:   "0" => "0"
		  egress.482069346.self:                "" => "false"
		  egress.482069346.to_port:             "" => "0"
		  ingress.#:                            "0" => "1"
		  ingress.482069346.cidr_blocks.#:      "0" => "1"
		  ingress.482069346.cidr_blocks.0:      "" => "0.0.0.0/0"
		  ingress.482069346.description:        "" => ""
		  ingress.482069346.from_port:          "" => "0"
		  ingress.482069346.ipv6_cidr_blocks.#: "0" => "0"
		  ingress.482069346.protocol:           "" => "-1"
		  ingress.482069346.security_groups.#:  "0" => "0"
		  ingress.482069346.self:               "" => "false"
		  ingress.482069346.to_port:            "" => "0"
		UPDATE: aws_subnet.alb_test.0
		  map_public_ip_on_launch: "false" => "true"
		
		STATE:
		
		aws_lb.lb_test:
		  ID = arn:aws:elasticloadbalancing:us-west-2:831472610478:loadbalancer/app/testaccawslb-basic-319pvadvff/56a4ca9d0f8f69be
		  provider = provider.aws
		  access_logs.# = 0
		  arn = arn:aws:elasticloadbalancing:us-west-2:831472610478:loadbalancer/app/testaccawslb-basic-319pvadvff/56a4ca9d0f8f69be
		  arn_suffix = app/testaccawslb-basic-319pvadvff/56a4ca9d0f8f69be
		  dns_name = internal-testaccawslb-basic-319pvadvff-1856342911.us-west-2.elb.amazonaws.com
		  enable_deletion_protection = false
		  idle_timeout = 30
		  internal = true
		  ip_address_type = ipv4
		  load_balancer_type = application
		  name = testaccawslb-basic-319pvadvff
		  security_groups.# = 1
		  security_groups.722476780 = sg-f95ed186
		  subnets.# = 2
		  subnets.1842528609 = subnet-78915401
		  subnets.3086748916 = subnet-38c42073
		  tags.% = 1
		  tags.Name = TestAccAWSALB_basic
		  vpc_id = vpc-3f75f946
		  zone_id = Z1H1FL5HABSF5
		
		  Dependencies:
		    aws_security_group.alb_test
		    aws_subnet.alb_test.*
		aws_security_group.alb_test:
		  ID = sg-f95ed186
		  provider = provider.aws
		  description = Used for ALB Testing
		  egress.# = 0
		  ingress.# = 0
		  name = allow_all_alb_test
		  owner_id = 831472610478
		  revoke_rules_on_delete = false
		  tags.% = 1
		  tags.Name = TestAccAWSALB_basic
		  vpc_id = vpc-3f75f946
		
		  Dependencies:
		    aws_vpc.alb_test
		aws_subnet.alb_test.0:
		  ID = subnet-78915401
		  provider = provider.aws
		  assign_ipv6_address_on_creation = false
		  availability_zone = us-west-2a
		  cidr_block = 10.0.1.0/24
		  map_public_ip_on_launch = false
		  tags.% = 1
		  tags.Name = TestAccAWSALB_basic
		  vpc_id = vpc-3f75f946
		
		  Dependencies:
		    aws_vpc.alb_test
		    data.aws_availability_zones.available
		aws_subnet.alb_test.1:
		  ID = subnet-38c42073
		  provider = provider.aws
		  assign_ipv6_address_on_creation = false
		  availability_zone = us-west-2b
		  cidr_block = 10.0.2.0/24
		  map_public_ip_on_launch = true
		  tags.% = 1
		  tags.Name = TestAccAWSALB_basic
		  vpc_id = vpc-3f75f946
		
		  Dependencies:
		    aws_vpc.alb_test
		    data.aws_availability_zones.available
		aws_vpc.alb_test:
		  ID = vpc-3f75f946
		  provider = provider.aws
		  assign_generated_ipv6_cidr_block = false
		  cidr_block = 10.0.0.0/16
		  default_network_acl_id = acl-e6d5d69f
		  default_route_table_id = rtb-2be34953
		  default_security_group_id = sg-115fd06e
		  dhcp_options_id = dopt-130ee876
		  enable_classiclink = false
		  enable_classiclink_dns_support = false
		  enable_dns_hostnames = false
		  enable_dns_support = true
		  instance_tenancy = default
		  main_route_table_id = rtb-2be34953
		  tags.% = 1
		  tags.Name = TestAccAWSALB_basic
		data.aws_availability_zones.available:
		  ID = 2018-02-15 07:50:59.406955609 +0000 UTC
		  provider = provider.aws
		  names.# = 3
		  names.0 = us-west-2a
		  names.1 = us-west-2b
		  names.2 = us-west-2c
=== RUN   TestAccAWSLB_updatedIpAddressType
--- PASS: TestAccAWSLB_updatedIpAddressType (251.12s)
=== RUN   TestAccAWSLB_noSecurityGroup
--- PASS: TestAccAWSLB_noSecurityGroup (200.26s)
=== RUN   TestAccAWSLB_accesslogs
--- PASS: TestAccAWSLB_accesslogs (293.74s)
=== RUN   TestAccAWSLB_networkLoadbalancer_subnet_change
--- PASS: TestAccAWSLB_networkLoadbalancer_subnet_change (219.21s)
=== RUN   TestDiffELBTags
--- PASS: TestDiffELBTags (0.00s)
=== RUN   TestIgnoringTagsELB
--- PASS: TestIgnoringTagsELB (0.00s)

bflad
bflad approved these changes Feb 24, 2018
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much for this @mattgiles and @vancluever! Let's get this in 👍

@bflad bflad merged commit ed45a21 into hashicorp:master Feb 24, 2018
bflad added a commit that referenced this pull request Feb 24, 2018
@bflad
Update CHANGELOG for #2954
59b9673
@bflad
Copy link
Contributor

bflad commented Feb 27, 2018

This has been released in version 1.10.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@ghost
Copy link

ghost commented Apr 7, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 7, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bflad bflad bflad approved these changes

@radeksimko radeksimko Awaiting requested review from radeksimko

Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/elbv2 Issues and PRs that pertain to the elbv2 service. size/L Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v1.10.0
Development

Successfully merging this pull request may close these issues.
6 participants
@mattgiles @aggallim @vancluever @bflad @radeksimko @Ninir