Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add aws_networkfirewall_tls_inspection_configuration #35168

Conversation

ddericco
Copy link
Contributor

@ddericco ddericco commented Jan 5, 2024

Description

Adds a new resource for aws_networkfirewall_tls_inspection_configuration to support TLS inspection on AWS Network Firewall.

Notes:

  • The networkfirewall package currently uses Go SDK v1 instead of v2, so I've used that here to maintain consistency
  • Currently the acceptance tests require environmental variables ACM_CERTIFICATE_ARN and ACM_CA_CERTIFICATE_ARN to be configured in order to run.
    • If there is a better or preferred way to create these certificates within the acceptance test framework without requiring email or domain validation, I'm happy to update the acceptance tests accordingly.
    • Note that ACM_CA_CERTIFICATE_ARN requires a certificate that has been imported into ACM, see CA certificate - Outbound SSL/TLS inspection in the docs.

TODO:

  • Add documentation
  • Additional acceptance tests: combined ingress/egress with CMK, egress with CMK
  • Fix schema validators

Relations

Closes #31154.
Closes #36190.

References

API reference: https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_CreateTLSInspectionConfiguration.html
Go SDK v1: https://pkg.go.dev/github.com/aws/aws-sdk-go/service/networkfirewall

Output from Acceptance Testing

$ make testacc TESTS='TestAccNetworkFirewallTLSInspectionConfiguration_*' PKG=networkfirewall                                            <aws:ddericco+dev-Admin>
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/networkfirewall/... -v -count 1 -parallel 20 -run='TestAccNetworkFirewallTLSInspectionConfiguration_*'  -timeout 360m
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_combinedIngressEgressBasic
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_combinedIngressEgressBasic
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_egressBasic
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_egressBasic
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_egressWithEncryptionConfiguration
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_egressWithEncryptionConfiguration
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_ingressBasic
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_ingressBasic
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_ingressWithEncryptionConfiguration
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_ingressWithEncryptionConfiguration
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_disappears
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_disappears
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_combinedIngressEgressBasic
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_ingressBasic
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_disappears
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_egressWithEncryptionConfiguration
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_ingressWithEncryptionConfiguration
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_egressBasic
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_egressBasic (148.74s)
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_egressWithEncryptionConfiguration (153.18s)
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_ingressBasic (153.55s)
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_ingressWithEncryptionConfiguration (154.01s)
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_disappears (164.59s)
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_combinedIngressEgressBasic (186.16s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/networkfirewall    192.598s

Copy link

github-actions bot commented Jan 5, 2024

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/networkfirewall Issues and PRs that pertain to the networkfirewall service. generators Relates to code generators. labels Jan 5, 2024
@terraform-aws-provider terraform-aws-provider bot added needs-triage Waiting for first response or review from a maintainer. partner Contribution from a partner. labels Jan 5, 2024
@justinretzolk justinretzolk added new-resource Introduces a new resource. and removed needs-triage Waiting for first response or review from a maintainer. labels Jan 17, 2024
@github-actions github-actions bot added the documentation Introduces or discusses updates to documentation. label Feb 12, 2024
Copy link

Thank you for your contribution! 🚀

Please note that typically Go dependency changes are handled in this repository by dependabot or the maintainers. This is to prevent pull request merge conflicts and further delay reviews of contributions. Remove any changes to the go.mod or go.sum files and commit them into this pull request.

Additional details:

  • Check open pull requests with the dependencies label to view other dependency updates.
  • If this pull request includes an update the AWS Go SDK (or any other dependency) version, only updates submitted via dependabot will be merged. This pull request will need to remove these changes and will need to be rebased after the existing dependency update via dependabot has been merged for this pull request to be reviewed.
  • If this pull request is for supporting a new AWS service:
    • Ensure the new AWS service changes are following the Contributing Guide section on new services, in particular that the dependency addition and initial provider support are in a separate pull request from other changes (e.g. new resources). Contributions not following this item will not be reviewed until the changes are split.
    • If this pull request is already a separate pull request from the above item, you can ignore this message.

@ewbankkit ewbankkit added the aws-sdk-go-migration Issues that are related to the providers migration to AWS SDK for Go v2. label Jun 21, 2024
@github-actions github-actions bot added sweeper Pertains to changes to or issues with the sweeper. tags Pertains to resource tagging. client-connections Pertains to the AWS Client and service connections. and removed sweeper Pertains to changes to or issues with the sweeper. tags Pertains to resource tagging. client-connections Pertains to the AWS Client and service connections. labels Jun 21, 2024
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccNetworkFirewall' PKG=networkfirewall ACCTEST_PARALLELISM=3
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.4 test ./internal/service/networkfirewall/... -v -count 1 -parallel 3  -run=TestAccNetworkFirewall -timeout 360m
=== RUN   TestAccNetworkFirewallFirewallDataSource_arn
=== PAUSE TestAccNetworkFirewallFirewallDataSource_arn
=== RUN   TestAccNetworkFirewallFirewallDataSource_name
=== PAUSE TestAccNetworkFirewallFirewallDataSource_name
=== RUN   TestAccNetworkFirewallFirewallDataSource_arnandname
=== PAUSE TestAccNetworkFirewallFirewallDataSource_arnandname
=== RUN   TestAccNetworkFirewallFirewallPolicyDataSource_arn
=== PAUSE TestAccNetworkFirewallFirewallPolicyDataSource_arn
=== RUN   TestAccNetworkFirewallFirewallPolicyDataSource_name
=== PAUSE TestAccNetworkFirewallFirewallPolicyDataSource_name
=== RUN   TestAccNetworkFirewallFirewallPolicyDataSource_nameAndARN
=== PAUSE TestAccNetworkFirewallFirewallPolicyDataSource_nameAndARN
=== RUN   TestAccNetworkFirewallFirewallPolicyDataSource_withOverriddenManagedRuleGroup
=== PAUSE TestAccNetworkFirewallFirewallPolicyDataSource_withOverriddenManagedRuleGroup
=== RUN   TestAccNetworkFirewallFirewallPolicy_basic
=== PAUSE TestAccNetworkFirewallFirewallPolicy_basic
=== RUN   TestAccNetworkFirewallFirewallPolicy_encryptionConfiguration
=== PAUSE TestAccNetworkFirewallFirewallPolicy_encryptionConfiguration
=== RUN   TestAccNetworkFirewallFirewallPolicy_policyVariables
=== PAUSE TestAccNetworkFirewallFirewallPolicy_policyVariables
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulDefaultActions
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulDefaultActions
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulEngineOption
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulEngineOption
=== RUN   TestAccNetworkFirewallFirewallPolicy_updateStatefulEngineOption
=== PAUSE TestAccNetworkFirewallFirewallPolicy_updateStatefulEngineOption
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulEngineOptionsSingle
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulEngineOptionsSingle
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReference
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReference
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceManaged
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceManaged
=== RUN   TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupReference
=== PAUSE TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupReference
=== RUN   TestAccNetworkFirewallFirewallPolicy_multipleStatefulRuleGroupReferences
=== PAUSE TestAccNetworkFirewallFirewallPolicy_multipleStatefulRuleGroupReferences
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupPriorityReference
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupPriorityReference
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupOverrideActionReference
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupOverrideActionReference
=== RUN   TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupPriorityReference
=== PAUSE TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupPriorityReference
=== RUN   TestAccNetworkFirewallFirewallPolicy_statelessRuleGroupReference
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statelessRuleGroupReference
=== RUN   TestAccNetworkFirewallFirewallPolicy_updateStatelessRuleGroupReference
=== PAUSE TestAccNetworkFirewallFirewallPolicy_updateStatelessRuleGroupReference
=== RUN   TestAccNetworkFirewallFirewallPolicy_multipleStatelessRuleGroupReferences
=== PAUSE TestAccNetworkFirewallFirewallPolicy_multipleStatelessRuleGroupReferences
=== RUN   TestAccNetworkFirewallFirewallPolicy_statelessCustomAction
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statelessCustomAction
=== RUN   TestAccNetworkFirewallFirewallPolicy_updateStatelessCustomAction
=== PAUSE TestAccNetworkFirewallFirewallPolicy_updateStatelessCustomAction
=== RUN   TestAccNetworkFirewallFirewallPolicy_multipleStatelessCustomActions
=== PAUSE TestAccNetworkFirewallFirewallPolicy_multipleStatelessCustomActions
=== RUN   TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceAndCustomAction
=== PAUSE TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceAndCustomAction
=== RUN   TestAccNetworkFirewallFirewallPolicy_tlsInspectionConfigurationARN
    firewall_policy_test.go:937: Environment variable AWS_NETWORKFIREWALL_TLS_INSPECTION_CONFIGURATION_ARN_1 is not set, skipping test
--- SKIP: TestAccNetworkFirewallFirewallPolicy_tlsInspectionConfigurationARN (0.00s)
=== RUN   TestAccNetworkFirewallFirewallPolicy_tags
=== PAUSE TestAccNetworkFirewallFirewallPolicy_tags
=== RUN   TestAccNetworkFirewallFirewallPolicy_disappears
=== PAUSE TestAccNetworkFirewallFirewallPolicy_disappears
=== RUN   TestAccNetworkFirewallFirewall_basic
=== PAUSE TestAccNetworkFirewallFirewall_basic
=== RUN   TestAccNetworkFirewallFirewall_dualstackSubnet
=== PAUSE TestAccNetworkFirewallFirewall_dualstackSubnet
=== RUN   TestAccNetworkFirewallFirewall_description
=== PAUSE TestAccNetworkFirewallFirewall_description
=== RUN   TestAccNetworkFirewallFirewall_deleteProtection
=== PAUSE TestAccNetworkFirewallFirewall_deleteProtection
=== RUN   TestAccNetworkFirewallFirewall_encryptionConfiguration
=== PAUSE TestAccNetworkFirewallFirewall_encryptionConfiguration
=== RUN   TestAccNetworkFirewallFirewall_SubnetMappings_updateSubnet
=== PAUSE TestAccNetworkFirewallFirewall_SubnetMappings_updateSubnet
=== RUN   TestAccNetworkFirewallFirewall_SubnetMappings_updateMultipleSubnets
=== PAUSE TestAccNetworkFirewallFirewall_SubnetMappings_updateMultipleSubnets
=== RUN   TestAccNetworkFirewallFirewall_tags
=== PAUSE TestAccNetworkFirewallFirewall_tags
=== RUN   TestAccNetworkFirewallFirewall_disappears
=== PAUSE TestAccNetworkFirewallFirewall_disappears
=== RUN   TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logGroup
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logGroup
=== RUN   TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logType
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logType
=== RUN   TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_deliveryStream
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_deliveryStream
=== RUN   TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_logType
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_logType
=== RUN   TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_bucketName
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_bucketName
=== RUN   TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_logType
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_logType
=== RUN   TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_prefix
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_prefix
=== RUN   TestAccNetworkFirewallLoggingConfiguration_updateFirewallARN
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_updateFirewallARN
=== RUN   TestAccNetworkFirewallLoggingConfiguration_updateLogDestinationType
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_updateLogDestinationType
=== RUN   TestAccNetworkFirewallLoggingConfiguration_updateToMultipleLogDestinations
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_updateToMultipleLogDestinations
=== RUN   TestAccNetworkFirewallLoggingConfiguration_updateToSingleAlertTypeLogDestination
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_updateToSingleAlertTypeLogDestination
=== RUN   TestAccNetworkFirewallLoggingConfiguration_updateToSingleFlowTypeLogDestination
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_updateToSingleFlowTypeLogDestination
=== RUN   TestAccNetworkFirewallLoggingConfiguration_disappears
=== PAUSE TestAccNetworkFirewallLoggingConfiguration_disappears
=== RUN   TestAccNetworkFirewallResourcePolicyDataSource_basic
=== PAUSE TestAccNetworkFirewallResourcePolicyDataSource_basic
=== RUN   TestAccNetworkFirewallResourcePolicy_basic
=== PAUSE TestAccNetworkFirewallResourcePolicy_basic
=== RUN   TestAccNetworkFirewallResourcePolicy_ignoreEquivalent
=== PAUSE TestAccNetworkFirewallResourcePolicy_ignoreEquivalent
=== RUN   TestAccNetworkFirewallResourcePolicy_ruleGroup
=== PAUSE TestAccNetworkFirewallResourcePolicy_ruleGroup
=== RUN   TestAccNetworkFirewallResourcePolicy_disappears
=== PAUSE TestAccNetworkFirewallResourcePolicy_disappears
=== RUN   TestAccNetworkFirewallResourcePolicy_Disappears_firewallPolicy
=== PAUSE TestAccNetworkFirewallResourcePolicy_Disappears_firewallPolicy
=== RUN   TestAccNetworkFirewallResourcePolicy_Disappears_ruleGroup
=== PAUSE TestAccNetworkFirewallResourcePolicy_Disappears_ruleGroup
=== RUN   TestAccNetworkFirewallRuleGroup_Basic_rulesSourceList
=== PAUSE TestAccNetworkFirewallRuleGroup_Basic_rulesSourceList
=== RUN   TestAccNetworkFirewallRuleGroup_Basic_referenceSets
=== PAUSE TestAccNetworkFirewallRuleGroup_Basic_referenceSets
=== RUN   TestAccNetworkFirewallRuleGroup_Basic_updateReferenceSets
=== PAUSE TestAccNetworkFirewallRuleGroup_Basic_updateReferenceSets
=== RUN   TestAccNetworkFirewallRuleGroup_Basic_statefulRule
=== PAUSE TestAccNetworkFirewallRuleGroup_Basic_statefulRule
=== RUN   TestAccNetworkFirewallRuleGroup_Basic_statelessRule
=== PAUSE TestAccNetworkFirewallRuleGroup_Basic_statelessRule
=== RUN   TestAccNetworkFirewallRuleGroup_Basic_rules
=== PAUSE TestAccNetworkFirewallRuleGroup_Basic_rules
=== RUN   TestAccNetworkFirewallRuleGroup_statefulRuleOptions
=== PAUSE TestAccNetworkFirewallRuleGroup_statefulRuleOptions
=== RUN   TestAccNetworkFirewallRuleGroup_updateStatefulRuleOptions
=== PAUSE TestAccNetworkFirewallRuleGroup_updateStatefulRuleOptions
=== RUN   TestAccNetworkFirewallRuleGroup_statelessRuleWithCustomAction
=== PAUSE TestAccNetworkFirewallRuleGroup_statelessRuleWithCustomAction
=== RUN   TestAccNetworkFirewallRuleGroup_updateRules
=== PAUSE TestAccNetworkFirewallRuleGroup_updateRules
=== RUN   TestAccNetworkFirewallRuleGroup_updateRulesSourceList
=== PAUSE TestAccNetworkFirewallRuleGroup_updateRulesSourceList
=== RUN   TestAccNetworkFirewallRuleGroup_rulesSourceAndRuleVariables
=== PAUSE TestAccNetworkFirewallRuleGroup_rulesSourceAndRuleVariables
=== RUN   TestAccNetworkFirewallRuleGroup_updateStatefulRule
=== PAUSE TestAccNetworkFirewallRuleGroup_updateStatefulRule
=== RUN   TestAccNetworkFirewallRuleGroup_updateMultipleStatefulRules
=== PAUSE TestAccNetworkFirewallRuleGroup_updateMultipleStatefulRules
=== RUN   TestAccNetworkFirewallRuleGroup_StatefulRule_action
=== PAUSE TestAccNetworkFirewallRuleGroup_StatefulRule_action
=== RUN   TestAccNetworkFirewallRuleGroup_StatefulRule_header
=== PAUSE TestAccNetworkFirewallRuleGroup_StatefulRule_header
=== RUN   TestAccNetworkFirewallRuleGroup_updateStatelessRule
=== PAUSE TestAccNetworkFirewallRuleGroup_updateStatelessRule
=== RUN   TestAccNetworkFirewallRuleGroup_tags
=== PAUSE TestAccNetworkFirewallRuleGroup_tags
=== RUN   TestAccNetworkFirewallRuleGroup_encryptionConfiguration
=== PAUSE TestAccNetworkFirewallRuleGroup_encryptionConfiguration
=== RUN   TestAccNetworkFirewallRuleGroup_disappears
=== PAUSE TestAccNetworkFirewallRuleGroup_disappears
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_basic
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_basic
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_disappears
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_disappears
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_tags
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_tags
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_encryptionConfiguration
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_encryptionConfiguration
=== RUN   TestAccNetworkFirewallTLSInspectionConfiguration_checkCertificateRevocationStatus
=== PAUSE TestAccNetworkFirewallTLSInspectionConfiguration_checkCertificateRevocationStatus
=== CONT  TestAccNetworkFirewallFirewallDataSource_arn
=== CONT  TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_logType
=== CONT  TestAccNetworkFirewallFirewallPolicy_statelessRuleGroupReference
--- PASS: TestAccNetworkFirewallFirewallPolicy_statelessRuleGroupReference (158.79s)
=== CONT  TestAccNetworkFirewallFirewall_description
--- PASS: TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_logType (484.16s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_deliveryStream
--- PASS: TestAccNetworkFirewallFirewallDataSource_arn (516.90s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logType
--- PASS: TestAccNetworkFirewallFirewall_description (598.69s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logGroup
--- PASS: TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logType (500.07s)
=== CONT  TestAccNetworkFirewallFirewall_disappears
--- PASS: TestAccNetworkFirewallLoggingConfiguration_KinesisLogDestination_deliveryStream (571.68s)
=== CONT  TestAccNetworkFirewallFirewall_tags
--- PASS: TestAccNetworkFirewallLoggingConfiguration_CloudWatchLogDestination_logGroup (425.29s)
=== CONT  TestAccNetworkFirewallFirewall_SubnetMappings_updateMultipleSubnets
--- PASS: TestAccNetworkFirewallFirewall_disappears (494.87s)
=== CONT  TestAccNetworkFirewallFirewall_SubnetMappings_updateSubnet
--- PASS: TestAccNetworkFirewallFirewall_tags (489.75s)
=== CONT  TestAccNetworkFirewallFirewall_encryptionConfiguration
--- PASS: TestAccNetworkFirewallFirewall_encryptionConfiguration (542.77s)
=== CONT  TestAccNetworkFirewallFirewall_deleteProtection
--- PASS: TestAccNetworkFirewallFirewall_deleteProtection (490.59s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulEngineOption
--- PASS: TestAccNetworkFirewallFirewall_SubnetMappings_updateMultipleSubnets (1428.90s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupPriorityReference
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulEngineOption (148.53s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupOverrideActionReference
--- PASS: TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupPriorityReference (150.39s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupPriorityReference
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupOverrideActionReference (139.24s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_multipleStatefulRuleGroupReferences
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupPriorityReference (139.89s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupReference
--- PASS: TestAccNetworkFirewallFirewallPolicy_multipleStatefulRuleGroupReferences (149.47s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceManaged
--- PASS: TestAccNetworkFirewallFirewallPolicy_updateStatefulRuleGroupReference (160.67s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReference
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceManaged (148.85s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulEngineOptionsSingle
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReference (150.46s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_updateStatefulEngineOption
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulEngineOptionsSingle (156.70s)
=== CONT  TestAccNetworkFirewallFirewallPolicyDataSource_withOverriddenManagedRuleGroup
--- PASS: TestAccNetworkFirewallFirewallPolicyDataSource_withOverriddenManagedRuleGroup (159.83s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulDefaultActions
--- PASS: TestAccNetworkFirewallFirewallPolicy_updateStatefulEngineOption (301.01s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_policyVariables
--- PASS: TestAccNetworkFirewallFirewall_SubnetMappings_updateSubnet (2059.03s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_encryptionConfiguration
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulDefaultActions (161.02s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_basic
--- PASS: TestAccNetworkFirewallFirewallPolicy_policyVariables (166.29s)
=== CONT  TestAccNetworkFirewallRuleGroup_StatefulRule_header
--- PASS: TestAccNetworkFirewallRuleGroup_StatefulRule_header (23.30s)
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_checkCertificateRevocationStatus
--- PASS: TestAccNetworkFirewallFirewallPolicy_encryptionConfiguration (177.36s)
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_encryptionConfiguration
--- PASS: TestAccNetworkFirewallFirewallPolicy_basic (137.83s)
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_tags
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_checkCertificateRevocationStatus (207.16s)
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_disappears
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_encryptionConfiguration (162.62s)
=== CONT  TestAccNetworkFirewallTLSInspectionConfiguration_basic
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_tags (169.32s)
=== CONT  TestAccNetworkFirewallRuleGroup_disappears
--- PASS: TestAccNetworkFirewallRuleGroup_disappears (12.19s)
=== CONT  TestAccNetworkFirewallRuleGroup_encryptionConfiguration
--- PASS: TestAccNetworkFirewallRuleGroup_encryptionConfiguration (44.02s)
=== CONT  TestAccNetworkFirewallRuleGroup_tags
--- PASS: TestAccNetworkFirewallRuleGroup_tags (29.83s)
=== CONT  TestAccNetworkFirewallRuleGroup_updateStatelessRule
--- PASS: TestAccNetworkFirewallRuleGroup_updateStatelessRule (21.32s)
=== CONT  TestAccNetworkFirewallRuleGroup_updateRulesSourceList
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_basic (155.41s)
=== CONT  TestAccNetworkFirewallRuleGroup_StatefulRule_action
--- PASS: TestAccNetworkFirewallTLSInspectionConfiguration_disappears (164.55s)
=== CONT  TestAccNetworkFirewallRuleGroup_updateMultipleStatefulRules
--- PASS: TestAccNetworkFirewallRuleGroup_updateRulesSourceList (22.11s)
=== CONT  TestAccNetworkFirewallRuleGroup_updateStatefulRule
--- PASS: TestAccNetworkFirewallRuleGroup_updateStatefulRule (22.19s)
=== CONT  TestAccNetworkFirewallRuleGroup_rulesSourceAndRuleVariables
--- PASS: TestAccNetworkFirewallRuleGroup_updateMultipleStatefulRules (32.77s)
=== CONT  TestAccNetworkFirewallRuleGroup_updateStatefulRuleOptions
--- PASS: TestAccNetworkFirewallRuleGroup_StatefulRule_action (45.95s)
=== CONT  TestAccNetworkFirewallRuleGroup_updateRules
--- PASS: TestAccNetworkFirewallRuleGroup_updateStatefulRuleOptions (312.68s)
=== CONT  TestAccNetworkFirewallRuleGroup_statelessRuleWithCustomAction
--- PASS: TestAccNetworkFirewallRuleGroup_rulesSourceAndRuleVariables (30.55s)
=== CONT  TestAccNetworkFirewallRuleGroup_Basic_statelessRule
--- PASS: TestAccNetworkFirewallRuleGroup_statelessRuleWithCustomAction (13.36s)
=== CONT  TestAccNetworkFirewallRuleGroup_Basic_rules
--- PASS: TestAccNetworkFirewallRuleGroup_updateRules (22.05s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceAndCustomAction
--- PASS: TestAccNetworkFirewallRuleGroup_Basic_statelessRule (13.29s)
=== CONT  TestAccNetworkFirewallFirewall_dualstackSubnet
--- PASS: TestAccNetworkFirewallRuleGroup_Basic_rules (13.34s)
=== CONT  TestAccNetworkFirewallFirewall_basic
--- PASS: TestAccNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceAndCustomAction (295.84s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_disappears
--- PASS: TestAccNetworkFirewallFirewallPolicy_disappears (157.04s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_tags
--- PASS: TestAccNetworkFirewallFirewall_dualstackSubnet (496.63s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_statelessCustomAction
--- PASS: TestAccNetworkFirewallFirewall_basic (536.67s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_multipleStatelessCustomActions
--- PASS: TestAccNetworkFirewallFirewallPolicy_tags (144.91s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_updateStatelessCustomAction
--- PASS: TestAccNetworkFirewallFirewallPolicy_statelessCustomAction (132.78s)
=== CONT  TestAccNetworkFirewallResourcePolicy_basic
    acctest.go:1578: skipping test for aws/us-west-2: Error running apply: exit status 1
        
        Error: putting NetworkFirewall Resource Policy (arn:aws:network-firewall:us-west-2:187416307283:firewall-policy/tf-acc-test-6286427268648575561): operation error Network Firewall: PutResourcePolicy, https response error StatusCode: 400, RequestID: e4c4f6d3-199f-441f-8e0e-8019b3a31b8d, InvalidResourcePolicyException: The supplied policy does not match RAM managed permissions.
        
          with aws_networkfirewall_resource_policy.test,
          on terraform_plugin_test.tf line 25, in resource "aws_networkfirewall_resource_policy" "test":
          25: resource "aws_networkfirewall_resource_policy" "test" {
        
--- SKIP: TestAccNetworkFirewallResourcePolicy_basic (142.08s)
=== CONT  TestAccNetworkFirewallRuleGroup_Basic_statefulRule
--- PASS: TestAccNetworkFirewallRuleGroup_Basic_statefulRule (13.22s)
=== CONT  TestAccNetworkFirewallRuleGroup_Basic_updateReferenceSets
--- PASS: TestAccNetworkFirewallRuleGroup_Basic_updateReferenceSets (160.44s)
=== CONT  TestAccNetworkFirewallRuleGroup_Basic_referenceSets
--- PASS: TestAccNetworkFirewallRuleGroup_Basic_referenceSets (162.36s)
=== CONT  TestAccNetworkFirewallRuleGroup_Basic_rulesSourceList
--- PASS: TestAccNetworkFirewallFirewallPolicy_multipleStatelessCustomActions (313.00s)
=== CONT  TestAccNetworkFirewallResourcePolicy_Disappears_ruleGroup
--- PASS: TestAccNetworkFirewallRuleGroup_Basic_rulesSourceList (13.51s)
=== CONT  TestAccNetworkFirewallResourcePolicy_Disappears_firewallPolicy
    acctest.go:1578: skipping test for aws/us-west-2: Error running apply: exit status 1
        
        Error: putting NetworkFirewall Resource Policy (arn:aws:network-firewall:us-west-2:187416307283:firewall-policy/tf-acc-test-2026754388355501172): operation error Network Firewall: PutResourcePolicy, https response error StatusCode: 400, RequestID: 7ee892d1-1bbc-4439-920b-67e03f49c0a6, InvalidResourcePolicyException: The supplied policy does not match RAM managed permissions.
        
          with aws_networkfirewall_resource_policy.test,
          on terraform_plugin_test.tf line 25, in resource "aws_networkfirewall_resource_policy" "test":
          25: resource "aws_networkfirewall_resource_policy" "test" {
        
--- PASS: TestAccNetworkFirewallResourcePolicy_Disappears_ruleGroup (12.42s)
=== CONT  TestAccNetworkFirewallResourcePolicy_disappears
    acctest.go:1578: skipping test for aws/us-west-2: Error running apply: exit status 1
        
        Error: putting NetworkFirewall Resource Policy (arn:aws:network-firewall:us-west-2:187416307283:firewall-policy/tf-acc-test-777770323940251148): operation error Network Firewall: PutResourcePolicy, https response error StatusCode: 400, RequestID: 78df7d02-e222-47b3-951f-c15cb6ffc02e, InvalidResourcePolicyException: The supplied policy does not match RAM managed permissions.
        
          with aws_networkfirewall_resource_policy.test,
          on terraform_plugin_test.tf line 25, in resource "aws_networkfirewall_resource_policy" "test":
          25: resource "aws_networkfirewall_resource_policy" "test" {
        
--- SKIP: TestAccNetworkFirewallResourcePolicy_disappears (142.13s)
=== CONT  TestAccNetworkFirewallResourcePolicy_ruleGroup
--- SKIP: TestAccNetworkFirewallResourcePolicy_Disappears_firewallPolicy (151.60s)
=== CONT  TestAccNetworkFirewallResourcePolicy_ignoreEquivalent
    acctest.go:1578: skipping test for aws/us-west-2: Error running apply: exit status 1
        
        Error: putting NetworkFirewall Resource Policy (arn:aws:network-firewall:us-west-2:187416307283:firewall-policy/tf-acc-test-2372971168121545843): operation error Network Firewall: PutResourcePolicy, https response error StatusCode: 400, RequestID: b212a05b-31b8-4512-9108-2c5cdd20e84a, InvalidResourcePolicyException: The supplied policy does not match RAM managed permissions.
        
          with aws_networkfirewall_resource_policy.test,
          on terraform_plugin_test.tf line 25, in resource "aws_networkfirewall_resource_policy" "test":
          25: resource "aws_networkfirewall_resource_policy" "test" {
        
--- PASS: TestAccNetworkFirewallResourcePolicy_ruleGroup (21.18s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_multipleStatelessRuleGroupReferences
--- SKIP: TestAccNetworkFirewallResourcePolicy_ignoreEquivalent (151.69s)
=== CONT  TestAccNetworkFirewallFirewallPolicyDataSource_arn
--- PASS: TestAccNetworkFirewallFirewallPolicy_updateStatelessCustomAction (600.43s)
=== CONT  TestAccNetworkFirewallFirewallPolicyDataSource_nameAndARN
--- PASS: TestAccNetworkFirewallFirewallPolicy_multipleStatelessRuleGroupReferences (169.32s)
=== CONT  TestAccNetworkFirewallFirewallPolicyDataSource_name
--- PASS: TestAccNetworkFirewallFirewallPolicyDataSource_arn (136.32s)
=== CONT  TestAccNetworkFirewallFirewallDataSource_arnandname
--- PASS: TestAccNetworkFirewallFirewallPolicyDataSource_nameAndARN (136.38s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_updateToMultipleLogDestinations
--- PASS: TestAccNetworkFirewallFirewallPolicyDataSource_name (156.18s)
=== CONT  TestAccNetworkFirewallResourcePolicyDataSource_basic
--- PASS: TestAccNetworkFirewallResourcePolicyDataSource_basic (126.73s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_disappears
--- PASS: TestAccNetworkFirewallFirewallDataSource_arnandname (534.29s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_updateToSingleFlowTypeLogDestination
--- PASS: TestAccNetworkFirewallLoggingConfiguration_updateToMultipleLogDestinations (506.44s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_updateToSingleAlertTypeLogDestination
--- PASS: TestAccNetworkFirewallLoggingConfiguration_disappears (586.66s)
=== CONT  TestAccNetworkFirewallFirewallPolicy_updateStatelessRuleGroupReference
--- PASS: TestAccNetworkFirewallFirewallPolicy_updateStatelessRuleGroupReference (171.39s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_prefix
--- PASS: TestAccNetworkFirewallLoggingConfiguration_updateToSingleAlertTypeLogDestination (500.85s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_updateLogDestinationType
--- PASS: TestAccNetworkFirewallLoggingConfiguration_updateToSingleFlowTypeLogDestination (506.61s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_updateFirewallARN
--- PASS: TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_prefix (467.07s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_logType
--- PASS: TestAccNetworkFirewallLoggingConfiguration_updateLogDestinationType (585.95s)
=== CONT  TestAccNetworkFirewallFirewallDataSource_name
--- PASS: TestAccNetworkFirewallLoggingConfiguration_updateFirewallARN (898.62s)
=== CONT  TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_bucketName
--- PASS: TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_logType (714.86s)
=== CONT  TestAccNetworkFirewallRuleGroup_statefulRuleOptions
--- PASS: TestAccNetworkFirewallFirewallDataSource_name (504.13s)
--- PASS: TestAccNetworkFirewallRuleGroup_statefulRuleOptions (13.19s)
--- PASS: TestAccNetworkFirewallLoggingConfiguration_S3LogDestination_bucketName (517.15s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/networkfirewall	7902.134s

@ewbankkit
Copy link
Contributor

@ddericco Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit b3e6927 into hashicorp:main Jun 21, 2024
51 checks passed
@github-actions github-actions bot added this to the v5.56.0 milestone Jun 21, 2024
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Jun 27, 2024
Copy link

This functionality has been released in v5.56.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Copy link

github-actions bot commented Aug 1, 2024

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
aws-sdk-go-migration Issues that are related to the providers migration to AWS SDK for Go v2. documentation Introduces or discusses updates to documentation. generators Relates to code generators. new-resource Introduces a new resource. partner Contribution from a partner. service/networkfirewall Issues and PRs that pertain to the networkfirewall service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
3 participants