From 720bbe64330f54ab15d01ea3339c4ad891cc82ce Mon Sep 17 00:00:00 2001 From: Bert Blommers Date: Sat, 16 Apr 2022 10:02:57 +0000 Subject: [PATCH] Terraform Tests - update to latest TF branch (#5031) --- .github/workflows/build.yml | 106 +-- .github/workflows/test_terraform.yml | 51 + .gitmodules | 3 + Makefile | 9 + .../contributing/development_tips/tests.rst | 27 + tests/terraform-tests.failures.txt | 10 - tests/terraform-tests.success.txt | 158 ---- tests/terraformtests/__init__.py | 1 + tests/terraformtests/bin/run_go_test | 18 + ...h-Hardcode-endpoints-to-local-server.patch | 58 ++ .../etc/0002-EC2-reduce-wait-times.patch | 875 ++++++++++++++++++ .../etc/0003-Patch-IAM-wait-times.patch | 34 + tests/terraformtests/get_tf_services.py | 5 + tests/terraformtests/get_tf_tests.py | 19 + tests/terraformtests/terraform-provider-aws | 1 + .../terraform-tests.failures.txt | 75 ++ .../terraform-tests.success.txt | 98 ++ .../test-fixtures/lambda_func.js | 9 + .../test-fixtures/lambda_func_modified.js | 9 + .../test-fixtures/lambda_invocation.js | 6 + .../test-fixtures/lambda_invocation.zip | Bin 0 -> 290 bytes .../test-fixtures/lambdapinpoint.zip | Bin 0 -> 304 bytes .../test-fixtures/lambdatest.zip | Bin 0 -> 342 bytes .../test-fixtures/lambdatest_modified.zip | Bin 0 -> 393 bytes 24 files changed, 1299 insertions(+), 273 deletions(-) create mode 100644 .github/workflows/test_terraform.yml create mode 100644 .gitmodules delete mode 100644 tests/terraform-tests.failures.txt delete mode 100644 tests/terraform-tests.success.txt create mode 100644 tests/terraformtests/__init__.py create mode 100755 tests/terraformtests/bin/run_go_test create mode 100644 tests/terraformtests/etc/0001-Patch-Hardcode-endpoints-to-local-server.patch create mode 100644 tests/terraformtests/etc/0002-EC2-reduce-wait-times.patch create mode 100644 tests/terraformtests/etc/0003-Patch-IAM-wait-times.patch create mode 100644 tests/terraformtests/get_tf_services.py create mode 100644 tests/terraformtests/get_tf_tests.py create mode 160000 tests/terraformtests/terraform-provider-aws create mode 100644 tests/terraformtests/terraform-tests.failures.txt create mode 100644 tests/terraformtests/terraform-tests.success.txt create mode 100644 tests/terraformtests/test-fixtures/lambda_func.js create mode 100644 tests/terraformtests/test-fixtures/lambda_func_modified.js create mode 100644 tests/terraformtests/test-fixtures/lambda_invocation.js create mode 100644 tests/terraformtests/test-fixtures/lambda_invocation.zip create mode 100644 tests/terraformtests/test-fixtures/lambdapinpoint.zip create mode 100644 tests/terraformtests/test-fixtures/lambdatest.zip create mode 100644 tests/terraformtests/test-fixtures/lambdatest_modified.zip diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4f2ad650b..c949ecd88 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,42 +3,6 @@ name: TestNDeploy on: [push, pull_request] jobs: - # Install and cache dependencies - terraformcache: - name: Caching Terraform dependencies - runs-on: ubuntu-latest - strategy: - matrix: - python-version: [ 3.8 ] - - steps: - - name: Checkout Terraform Tests repo - uses: actions/checkout@v2 - with: - repository: localstack/localstack-terraform-test - ref: build - path: moto-terraform-tests - submodules: 'true' - - uses: actions/setup-go@v2 - with: - go-version: '^1.16.0' - - run: go version - - name: cache - id: terraformcache - uses: actions/cache@v2 - with: - path: '~/.cache' - key: 'terraformcache_download2' - - name: Download - env: - DOWNLOAD_TEST_BIN: 1 - TEST_BIN_URL: "https://moto-terraform-test.s3.amazonaws.com/aws.test" - if: ${{ steps.terraformcache.outputs.cache-hit != 'true' }} - run: | - cd moto-terraform-tests - bin/install-aws-test - cd .. - cache: name: Caching runs-on: ubuntu-latest @@ -216,78 +180,10 @@ jobs: path: | serverlogs/* - terraform: - name: Terraform Tests - runs-on: ubuntu-latest - needs: terraformcache - strategy: - fail-fast: false - matrix: - python-version: [ 3.8 ] - part: ["aa", "ab", "ac", "ad", "ae", "af", "ag"] - - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Checkout Terraform Tests repo - uses: actions/checkout@v2 - with: - repository: localstack/localstack-terraform-test - ref: build - path: moto-terraform-tests - submodules: 'true' - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v2 - with: - python-version: ${{ matrix.python-version }} - - name: cache - uses: actions/cache@v2 - with: - path: '~/.cache' - key: 'terraformcache_download2' - - name: Start MotoServer - run: | - python setup.py sdist - docker run --rm -t --name motoserver -e TEST_SERVER_MODE=true -e MOTO_PORT=4566 -e AWS_SECRET_ACCESS_KEY=server_secret -e AWS_ACCESS_KEY_ID=server_key -v `pwd`:/moto -p 4566:4566 -v /var/run/docker.sock:/var/run/docker.sock python:3.7-buster /moto/scripts/ci_moto_server.sh & - MOTO_PORT=4566 python scripts/ci_wait_for_server.py - # Poor man's parallelization - # Running them sequentially takes too much time - # And using the build in parallel-argument does not help with reducing runtime - # So we simply split the list of tests, and ask our CI for separate VM's to run them in parallel - - name: Get list of tests - run: | - cd moto-terraform-tests - bin/list-tests -i ../tests/terraform-tests.success.txt -e ../tests/terraform-tests.failures.txt > tftestlist.txt - split -n l/7 tftestlist.txt tf-split- - cd .. - - name: Run Terraform Tests - run: | - cd moto-terraform-tests - echo "Copying random zipfile that is missing for SSM tests..." - cp terraform-provider-aws/aws/test-fixtures/lambda_elb.zip terraform-provider-aws/aws/test-fixtures/ssm-doc-acc-test.zip - AWS_DEFAULT_REGION=us-east-1 AWS_ALTERNATE_REGION=eu-west-1 bin/run-tests -t -i tf-split-${{ matrix.part }} -e ../tests/terraform-tests.failures.txt - cd .. - - name: "Create report" - run: | - ls -la - cp server_output.log moto-terraform-tests/build/server_output.log - cd moto-terraform-tests - bin/create-report - bin/create-report-cli - cd .. - - name: Archive TF logs - if: always() - uses: actions/upload-artifact@v2 - with: - name: buildfolder-${{ matrix.part }} - path: | - moto-terraform-tests/build/* - deploy: name: Deploy runs-on: ubuntu-latest - needs: [test, testserver, terraform ] + needs: [test, testserver ] if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' && github.repository == 'spulec/moto' }} strategy: matrix: diff --git a/.github/workflows/test_terraform.yml b/.github/workflows/test_terraform.yml new file mode 100644 index 000000000..ced9cb302 --- /dev/null +++ b/.github/workflows/test_terraform.yml @@ -0,0 +1,51 @@ +on: [push, pull_request] +name: TestTerraform +jobs: + prepare_list: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - id: set-matrix + run: echo "::set-output name=matrix::$(python tests/terraformtests/get_tf_services.py --names)" + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + test_service: + needs: prepare_list + strategy: + fail-fast: false + matrix: + service: ${{ fromJson(needs.prepare_list.outputs.matrix) }} + go-version: [1.18.x] + os: [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - uses: actions/setup-go@v3 + with: + go-version: ${{ matrix.go-version }} + - uses: actions/checkout@v3 + with: + submodules: 'true' + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: ${{ matrix.python-version }} + - name: Start MotoServer + run: | + python setup.py sdist + docker run --rm -t --name motoserver -e TEST_SERVER_MODE=true -e MOTO_PORT=4566 -e AWS_SECRET_ACCESS_KEY=server_secret -e AWS_ACCESS_KEY_ID=server_key -v `pwd`:/moto -p 4566:4566 -v /var/run/docker.sock:/var/run/docker.sock python:3.7-buster /moto/scripts/ci_moto_server.sh & + MOTO_PORT=4566 python scripts/ci_wait_for_server.py + - name: Download Cache + uses: actions/cache@v2 + with: + path: | + ~/go/pkg/mod + ~/.cache/go-build + key: ${{ runner.os }}-go-${{ matrix.go-version }}-2-${{ hashFiles('**/tests/terraformtests/terraform-provider-aws/go.sum') }} + restore-keys: | + ${{ runner.os }}-go-${{ matrix.go-version }}-2- + - name: Get list of tests for this service + id: get-list + run: echo "::set-output name=testlist::$(python tests/terraformtests/get_tf_tests.py ${{ matrix.service }})" + - name: Execute tests + run: | + make terraformtests SERVICE_NAME=${{ matrix.service }} TEST_NAMES=${{ steps.get-list.outputs.testlist }} diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 000000000..037925161 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "tests/terraformtests/terraform-provider-aws"] + path = tests/terraformtests/terraform-provider-aws + url = https://github.com/hashicorp/terraform-provider-aws/ diff --git a/Makefile b/Makefile index 46361c45e..e16ece955 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,8 @@ SHELL := /bin/bash +SERVICE_NAME = "default" +TEST_NAMES = "*" + ifeq ($(TEST_SERVER_MODE), true) # exclude test_kinesisvideoarchivedmedia # because testing with moto_server is difficult with data-endpoint @@ -35,6 +38,12 @@ test-only: test: lint test-only +terraformtests: + @echo "Make sure that the MotoServer is already running on port 4566 (moto_server -p 4566)" + @echo "USAGE: make terraformtests SERVICE_NAME=acm TEST_NAMES=TestAccACMCertificate" + @echo "" + cd tests/terraformtests && bin/run_go_test $(SERVICE_NAME) "$(TEST_NAMES)" + test_server: @TEST_SERVER_MODE=true pytest -sv --cov=moto --cov-report xml ./tests/ diff --git a/docs/docs/contributing/development_tips/tests.rst b/docs/docs/contributing/development_tips/tests.rst index 1d484c5a6..63b0a566b 100644 --- a/docs/docs/contributing/development_tips/tests.rst +++ b/docs/docs/contributing/development_tips/tests.rst @@ -46,3 +46,30 @@ This means the following: - Make sure you use unique names for functions/queues/etc - Calls to `describe_reservations()`/`list_queues()`/etc might return resources from other tests + +Terraform tests +^^^^^^^^^^^^^^^^^^^^^^ + +To verify that Moto behaves correctly, we run a subset of Terraform's tests against the MotoServer to ensure it behaves the same as AWS does. + +These tests will be run automatically for every PR, so you should not need to make any changes here. + +A list of which tests currently pass against Moto can be found in `tests/terraformtests/terraform-tests.success.txt`. + +Use the following commands to see the full list of available tests: + +.. sourcecode:: bash + + cd tests/terraformtests/terraform-provider-aws + # Choose the correct service in the next command - this example will list all tests for the ELB-service + go test ./internal/service/elb/ -v -list TestAcc + +In order to check whether MotoServer behaves correctly against a specific test, you can use the following commands: + +.. sourcecode:: bash + + # Ensure you are back in the root-directory + # Start the MotoServer on port 4566 + moto_server -p 4566 + # Run the new tests + make terraformtests SERVICE_NAME=elb TEST_NAMES=NewTestName diff --git a/tests/terraform-tests.failures.txt b/tests/terraform-tests.failures.txt deleted file mode 100644 index 91ec5992a..000000000 --- a/tests/terraform-tests.failures.txt +++ /dev/null @@ -1,10 +0,0 @@ -TestAccAWSEc2TransitGatewayDxGatewayAttachmentDataSource -TestAccAWSEc2TransitGatewayPeeringAttachmentAccepter -TestAccAWSEc2TransitGatewayRouteTableAssociation -TestAccAWSEc2TransitGatewayVpcAttachment -TestAccAWSSecurityGroup_forceRevokeRules_ -TestAccAWSDefaultSecurityGroup_Classic_ -TestAccDataSourceAwsNetworkInterface_CarrierIPAssociation -TestAccAWSRouteTable_IPv4_To_LocalGateway -TestAccAWSRouteTable_IPv4_To_VpcEndpoint -TestAccAWSRouteTable_VpcClassicLink \ No newline at end of file diff --git a/tests/terraform-tests.success.txt b/tests/terraform-tests.success.txt deleted file mode 100644 index dd24331e6..000000000 --- a/tests/terraform-tests.success.txt +++ /dev/null @@ -1,158 +0,0 @@ -TestAccAWSAccessKey -TestAccAWSAcmCertificateDataSource -TestAccAWSAPIGatewayGatewayResponse -TestAccAWSAPIGatewayStage -TestAccAWSAPIGatewayV2Authorizer -TestAccAWSAPIGatewayV2IntegrationResponse -TestAccAWSAPIGatewayV2Model -TestAccAWSAPIGatewayV2Route -TestAccAWSAPIGatewayV2RouteResponse -TestAccAWSAPIGatewayV2VpcLink -TestAccAWSAppsyncApiKey -TestAccAWSAppsyncGraphqlApi -TestAccAWSAutoscalingAttachment -TestAccAwsAutoScalingGroupDataSource -TestAccAWSAutoscalingPolicy -TestAccAWSAvailabilityZones -TestAccAWSBatchJobDefinition -TestAccAWSBatchJobQueue -TestAccAWSBillingServiceAccount -TestAccAWSCallerIdentity -TestAccAWSCloudTrail -TestAccAWSCloudTrailServiceAccount -TestAccAWSCloudWatchDashboard -TestAccAWSCloudWatchEventApiDestination -TestAccAWSCloudWatchEventArchive -TestAccAWSCloudWatchEventBus -TestAccAWSCloudwatchEventBusPolicy -TestAccAWSCloudWatchEventConnection -TestAccAWSCloudWatchEventPermission -TestAccAWSCloudWatchEventRule -TestAccAWSCloudWatchEventTarget_ssmDocument -TestAccAWSCloudwatchLogGroupDataSource -TestAccAWSCloudWatchMetricAlarm -TestAccAWSDataSourceCloudwatch -TestAccAWSDataSourceElasticBeanstalkHostedZone -TestAccAWSDataSourceIAMGroup -TestAccAWSDataSourceIAMInstanceProfile -TestAccAWSDataSourceIAMPolicy -TestAccAWSDataSourceIAMPolicyDocument -TestAccAWSDataSourceIAMRole -TestAccAWSDataSourceIAMSessionContext -TestAccAWSDataSourceIAMUser -TestAccAWSDAX -TestAccAWSDefaultSecurityGroup_ -TestAccAWSDefaultSubnet -TestAccAWSDefaultTagsDataSource -TestAccAWSDynamoDbTableItem -TestAccAWSEc2CarrierGateway -TestAccAWSEc2InstanceTypeOfferingDataSource -TestAccAWSEc2InstanceTypeOfferingsDataSource -TestAccAwsEc2ManagedPrefixList -TestAccAWSEc2Tag -TestAccAWSEc2TransitGateway -TestAccAWSEc2TransitGatewayDataSource -TestAccAWSEc2TransitGatewayPeeringAttachment -TestAccAWSEc2TransitGatewayPeeringAttachmentDataSource -TestAccAWSEc2TransitGatewayRoute -TestAccAWSEc2TransitGatewayRouteTable -TestAccAWSEc2TransitGatewayRouteTableDataSource -TestAccAWSEc2TransitGatewayRouteTablePropagation -TestAccAWSEc2TransitGatewayVpcAttachmentAccepter -TestAccAWSEc2TransitGatewayVpcAttachment_ApplianceModeSupport -TestAccAWSEc2TransitGatewayVpcAttachment_basic -TestAccAWSEc2TransitGatewayVpcAttachmentDataSource -TestAccAWSEc2TransitGatewayVpcAttachment_disappears -TestAccAWSEc2TransitGatewayVpcAttachment_DnsSupport -TestAccAWSEc2TransitGatewayVpcAttachment_SharedTransitGateway -TestAccAWSEc2TransitGatewayVpnAttachmentDataSource -TestAccAWSEcrLifecyclePolicy -TestAccAWSEcrRegistryPolicy -TestAccAWSEcrReplicationConfiguration -TestAccAWSEcrRepository -TestAccAWSEcrRepositoryDataSource -TestAccAWSEcrRepositoryPolicy -TestAccAWSEFSAccessPoint -TestAccAWSEFSMountTarget -TestAccAWSEgressOnlyInternetGateway -TestAccAWSEksClusterDataSource -TestAccAWSElasticBeanstalkSolutionStackDataSource -TestAccAWSELBAttachment -TestAccAWSElbHostedZoneId -TestAccAWSElbServiceAccount -TestAccAWSENI_basic -TestAccAWSENI_disappears -TestAccAWSENI_IPv6 -TestAccAWSENI_PrivateIpsCount -TestAccAWSENI_SourceDestCheck -TestAccAWSENI_Tags -TestAccAWSGroupMembership -TestAccAWSIAMAccountAlias -TestAccAWSIAMGroup_ -TestAccAWSIAMGroupPolicy -TestAccAWSIAMGroupPolicyAttachment -TestAccAWSIAMOpenIDConnectProvider -TestAccAWSIAMPolicy_ -TestAccAWSIAMRole -TestAccAWSIAMRolePolicy -TestAccAWSIAMUserPolicy -TestAccAWSInternetGateway -TestAccAWSIotEndpointDataSource -TestAccAWSIotThing -TestAccAWSIPRanges -TestAccAWSKinesisStream -TestAccAWSKmsAlias -TestAccAWSKmsSecretDataSource -TestAccAwsLbListenerCertificate -TestAccAWSLBSSLNegotiationPolicy -TestAccAWSLBTargetGroupAttachment -TestAccAWSLoadBalancerBackendServerPolicy -TestAccAWSLoadBalancerListenerPolicy -TestAccAWSLoadBalancerPolicy -TestAccAWSLambdaAlias -TestAccAWSLambdaLayerVersion -TestAccAWSMq -TestAccAWSNatGateway -TestAccAWSPartition -TestAccAWSPinpointApp -TestAccAWSPinpointEventStream -TestAccAWSProvider -TestAccAWSQuickSightGroup -TestAccAWSQuickSightUser -TestAccAWSRedshiftServiceAccount -TestAccAWSRolePolicyAttachment -TestAccAWSRouteTable_ -TestAccAWSRouteTableAssociation_ -TestAccAWSS3Bucket_forceDestroyWithObjectLockEnabled -TestAccAWSS3BucketPolicy -TestAccAWSS3BucketPublicAccessBlock -TestAccAWSS3ObjectCopy -TestAccAWSSageMakerPrebuiltECRImage -TestAccAWSSecurityGroup_ -TestAccAWSSecurityGroupRule_ -TestAccAWSServiceDiscovery -TestAccAWSSNSSMSPreferences -TestAccAWSSNSTopicPolicy -TestAccAWSSQSQueuePolicy -TestAccAWSSSMDocument -TestAccAWSSsmDocumentDataSource -TestAccAWSSsmParameterDataSource -TestAccAWSTimestreamWriteDatabase -TestAccAWSTimestreamWriteTable -TestAccAWSUserGroupMembership -TestAccAWSUserPolicyAttachment -TestAccAWSUserSSHKey -TestAccAWSVpc_ -TestAccAWSVpcEndpointService -TestAccAWSVpnGateway -TestAccAWSVpnGatewayAttachment -TestAccDataSourceAWSEFSAccessPoint -TestAccDataSourceAWSEFSAccessPoints -TestAccDataSourceAwsEfsFileSystem -TestAccDataSourceAwsEfsMountTarget -TestAccDataSourceAWSLambdaLayerVersion -TestAccDataSourceAwsLambdaInvocation -TestAccDataSourceAwsNetworkInterface_ -TestAccDataSourceAwsSqsQueue -TestAccDataSourceAWSELB -TestValidateSSMDocumentPermissions diff --git a/tests/terraformtests/__init__.py b/tests/terraformtests/__init__.py new file mode 100644 index 000000000..54b6b0db1 --- /dev/null +++ b/tests/terraformtests/__init__.py @@ -0,0 +1 @@ +name = "terraformtests" diff --git a/tests/terraformtests/bin/run_go_test b/tests/terraformtests/bin/run_go_test new file mode 100755 index 000000000..76f2f0e6c --- /dev/null +++ b/tests/terraformtests/bin/run_go_test @@ -0,0 +1,18 @@ +#!/bin/bash + +pwd=$PWD + +( +cd terraform-provider-aws || exit +echo "Patching the terraform-provider-aws directory..." +PATCH="etc/0001-Patch-Hardcode-endpoints-to-local-server.patch" +git apply $pwd/etc/0001-Patch-Hardcode-endpoints-to-local-server.patch || echo "Not patching endpoints - Directory was probably already patched." +git apply $pwd/etc/0002-EC2-reduce-wait-times.patch || echo "Not patching EC2 - Directory was probably already patched." +git apply $pwd/etc/0003-Patch-IAM-wait-times.patch || echo "Not patching IAM - Directory was probably already patched." +) + +( +cd terraform-provider-aws || exit +echo "Running tests $2 for service $1..." +AWS_ACCESS_KEY_ID=test AWS_SECRET_ACCESS_KEY=test TF_ACC=true go test ./internal/service/$1/ -v -timeout 60m -run $2 +) diff --git a/tests/terraformtests/etc/0001-Patch-Hardcode-endpoints-to-local-server.patch b/tests/terraformtests/etc/0001-Patch-Hardcode-endpoints-to-local-server.patch new file mode 100644 index 000000000..4abff23e9 --- /dev/null +++ b/tests/terraformtests/etc/0001-Patch-Hardcode-endpoints-to-local-server.patch @@ -0,0 +1,58 @@ +From ca8880871b241df7bdc9ea3cf0d13f816e815f16 Mon Sep 17 00:00:00 2001 +From: Bert Blommers +Date: Wed, 13 Apr 2022 12:33:25 +0000 +Subject: [PATCH] Patch: Hardcode endpoints to local server + +--- + internal/conns/conns.go | 14 ++++++++++++++ + internal/provider/provider.go | 2 +- + 2 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/internal/conns/conns.go b/internal/conns/conns.go +index 1feb0be2f1..9ed8a64776 100644 +--- a/internal/conns/conns.go ++++ b/internal/conns/conns.go +@@ -628,6 +628,16 @@ func (client *AWSClient) RegionalHostname(prefix string) string { + return fmt.Sprintf("%s.%s.%s", prefix, client.Region, client.DNSSuffix) + } + ++// XXX: added by bblommers ++func GetLocalEndpoints() map[string]string { ++ const localEndpoint = "http://localhost:4566" ++ var localEndpoints = map[string]string{} ++ for _, name := range names.HCLKeys() { ++ localEndpoints[name] = localEndpoint ++ } ++ return localEndpoints ++} ++ + // Client configures and returns a fully initialized AWSClient + func (c *Config) Client(ctx context.Context) (interface{}, diag.Diagnostics) { + awsbaseConfig := awsbase.Config{ +@@ -727,6 +737,10 @@ func (c *Config) Client(ctx context.Context) (interface{}, diag.Diagnostics) { + DNSSuffix = p.DNSSuffix() + } + ++ // XXX: added by bblommers ++ // insert custom endpoints ++ c.Endpoints = GetLocalEndpoints() ++ + client := &AWSClient{ + AccessAnalyzerConn: accessanalyzer.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints[names.AccessAnalyzer])})), + AccountConn: account.New(sess.Copy(&aws.Config{Endpoint: aws.String(c.Endpoints[names.Account])})), +diff --git a/internal/provider/provider.go b/internal/provider/provider.go +index df93e4b5c5..da009a9e4c 100644 +--- a/internal/provider/provider.go ++++ b/internal/provider/provider.go +@@ -2011,7 +2011,7 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData, terraformVer + CustomCABundle: d.Get("custom_ca_bundle").(string), + EC2MetadataServiceEndpoint: d.Get("ec2_metadata_service_endpoint").(string), + EC2MetadataServiceEndpointMode: d.Get("ec2_metadata_service_endpoint_mode").(string), +- Endpoints: make(map[string]string), ++ Endpoints: conns.GetLocalEndpoints(), // XXX: added by bblommers + HTTPProxy: d.Get("http_proxy").(string), + IgnoreTagsConfig: expandProviderIgnoreTags(d.Get("ignore_tags").([]interface{})), + Insecure: d.Get("insecure").(bool), +-- +2.25.1 + diff --git a/tests/terraformtests/etc/0002-EC2-reduce-wait-times.patch b/tests/terraformtests/etc/0002-EC2-reduce-wait-times.patch new file mode 100644 index 000000000..4b53a9cd2 --- /dev/null +++ b/tests/terraformtests/etc/0002-EC2-reduce-wait-times.patch @@ -0,0 +1,875 @@ +From 23e30bd79328ae023a0a7c68cddaa891abf4c38e Mon Sep 17 00:00:00 2001 +From: Bert Blommers +Date: Fri, 15 Apr 2022 19:04:54 +0000 +Subject: [PATCH] EC2 - reduce wait times + +--- + internal/service/ec2/ami.go | 4 +-- + internal/service/ec2/create_tags_gen.go | 2 +- + internal/service/ec2/default_route_table.go | 4 +-- + internal/service/ec2/default_subnet.go | 4 +-- + internal/service/ec2/ebs_snapshot_import.go | 4 +-- + internal/service/ec2/ebs_volume.go | 4 +-- + internal/service/ec2/eip.go | 8 +++--- + internal/service/ec2/eip_test.go | 2 +- + internal/service/ec2/fleet.go | 6 ++-- + .../service/ec2/generate/createtags/main.go | 2 +- + internal/service/ec2/instance.go | 2 +- + internal/service/ec2/local_gateway_route.go | 2 +- + internal/service/ec2/route.go | 4 +-- + internal/service/ec2/route_table.go | 6 ++-- + internal/service/ec2/route_table_test.go | 2 +- + internal/service/ec2/security_group.go | 4 +-- + internal/service/ec2/security_group_rule.go | 2 +- + .../ec2/snapshot_create_volume_permission.go | 4 +-- + internal/service/ec2/spot_fleet_request.go | 6 ++-- + internal/service/ec2/spot_instance_request.go | 4 +-- + internal/service/ec2/subnet.go | 4 +-- + internal/service/ec2/transit_gateway.go | 28 +++++++++---------- + .../service/ec2/transit_gateway_connect.go | 6 ++-- + .../ec2/transit_gateway_connect_peer.go | 4 +-- + .../ec2/transit_gateway_multicast_domain.go | 4 +-- + ...it_gateway_multicast_domain_association.go | 4 +-- + internal/service/ec2/volume_attachment.go | 6 ++-- + .../service/ec2/volume_attachment_test.go | 2 +- + internal/service/ec2/vpc_endpoint.go | 6 ++-- + internal/service/ec2/vpc_endpoint_policy.go | 4 +-- + internal/service/ec2/vpc_endpoint_service.go | 4 +-- + internal/service/ec2/vpc_ipam.go | 4 +-- + internal/service/ec2/vpc_ipam_pool.go | 6 ++-- + internal/service/ec2/vpc_ipam_pool_cidr.go | 4 +-- + internal/service/ec2/vpc_ipam_scope.go | 4 +-- + .../ec2/vpc_ipv4_cidr_block_association.go | 4 +-- + .../ec2/vpc_ipv6_cidr_block_association.go | 4 +-- + .../service/ec2/vpc_peering_connection.go | 6 ++-- + .../ec2/vpc_peering_connection_accepter.go | 4 +-- + .../ec2/vpn_gateway_route_propagation.go | 4 +-- + internal/service/ec2/wait.go | 20 ++++++------- + 41 files changed, 104 insertions(+), 104 deletions(-) + +diff --git a/internal/service/ec2/ami.go b/internal/service/ec2/ami.go +index 1a6fb3a67f..19d022732d 100644 +--- a/internal/service/ec2/ami.go ++++ b/internal/service/ec2/ami.go +@@ -23,8 +23,8 @@ import ( + ) + + const ( +- AWSAMIRetryTimeout = 40 * time.Minute +- AMIDeleteRetryTimeout = 90 * time.Minute ++ AWSAMIRetryTimeout = 40 * time.Second ++ AMIDeleteRetryTimeout = 90 * time.Second + AWSAMIRetryDelay = 5 * time.Second + AMIRetryMinTimeout = 3 * time.Second + ) +diff --git a/internal/service/ec2/create_tags_gen.go b/internal/service/ec2/create_tags_gen.go +index dede4649b4..c6d8d8db4e 100644 +--- a/internal/service/ec2/create_tags_gen.go ++++ b/internal/service/ec2/create_tags_gen.go +@@ -14,7 +14,7 @@ import ( + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + ) + +-const EventualConsistencyTimeout = 5 * time.Minute ++const EventualConsistencyTimeout = 5 * time.Second + + // CreateTags creates ec2 service tags for new resources. + // The identifier is typically the Amazon Resource Name (ARN), although +diff --git a/internal/service/ec2/default_route_table.go b/internal/service/ec2/default_route_table.go +index 8fde169f64..bdc4104d07 100644 +--- a/internal/service/ec2/default_route_table.go ++++ b/internal/service/ec2/default_route_table.go +@@ -27,8 +27,8 @@ func ResourceDefaultRouteTable() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(2 * time.Minute), +- Update: schema.DefaultTimeout(2 * time.Minute), ++ Create: schema.DefaultTimeout(2 * time.Second), ++ Update: schema.DefaultTimeout(2 * time.Second), + }, + + // +diff --git a/internal/service/ec2/default_subnet.go b/internal/service/ec2/default_subnet.go +index d3026f0cb9..954e64cda3 100644 +--- a/internal/service/ec2/default_subnet.go ++++ b/internal/service/ec2/default_subnet.go +@@ -30,8 +30,8 @@ func ResourceDefaultSubnet() *schema.Resource { + CustomizeDiff: verify.SetTagsDiff, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(20 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(20 * time.Second), + }, + + SchemaVersion: 1, +diff --git a/internal/service/ec2/ebs_snapshot_import.go b/internal/service/ec2/ebs_snapshot_import.go +index cb53fe95dc..513110e656 100644 +--- a/internal/service/ec2/ebs_snapshot_import.go ++++ b/internal/service/ec2/ebs_snapshot_import.go +@@ -27,8 +27,8 @@ func ResourceEBSSnapshotImport() *schema.Resource { + CustomizeDiff: verify.SetTagsDiff, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(60 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(60 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + + Schema: map[string]*schema.Schema{ +diff --git a/internal/service/ec2/ebs_volume.go b/internal/service/ec2/ebs_volume.go +index 6c2547cf06..eb01f1cedc 100644 +--- a/internal/service/ec2/ebs_volume.go ++++ b/internal/service/ec2/ebs_volume.go +@@ -154,7 +154,7 @@ func resourceEBSVolumeCreate(d *schema.ResourceData, meta interface{}) error { + Pending: []string{ec2.VolumeStateCreating}, + Target: []string{ec2.VolumeStateAvailable}, + Refresh: volumeStateRefreshFunc(conn, *result.VolumeId), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 3 * time.Second, + } +@@ -207,7 +207,7 @@ func resourceEBSVolumeUpdate(d *schema.ResourceData, meta interface{}) error { + Pending: []string{ec2.VolumeStateCreating, ec2.VolumeModificationStateModifying}, + Target: []string{ec2.VolumeStateAvailable, ec2.VolumeStateInUse}, + Refresh: volumeStateRefreshFunc(conn, *result.VolumeModification.VolumeId), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 3 * time.Second, + } +diff --git a/internal/service/ec2/eip.go b/internal/service/ec2/eip.go +index 31dec43d63..e9c1d8bd43 100644 +--- a/internal/service/ec2/eip.go ++++ b/internal/service/ec2/eip.go +@@ -21,7 +21,7 @@ import ( + + const ( + // Maximum amount of time to wait for EIP association with EC2-Classic instances +- ec2AddressAssociationClassicTimeout = 2 * time.Minute ++ ec2AddressAssociationClassicTimeout = 2 * time.Second + ) + + func ResourceEIP() *schema.Resource { +@@ -37,9 +37,9 @@ func ResourceEIP() *schema.Resource { + CustomizeDiff: verify.SetTagsDiff, + + Timeouts: &schema.ResourceTimeout{ +- Read: schema.DefaultTimeout(15 * time.Minute), +- Update: schema.DefaultTimeout(5 * time.Minute), +- Delete: schema.DefaultTimeout(3 * time.Minute), ++ Read: schema.DefaultTimeout(15 * time.Second), ++ Update: schema.DefaultTimeout(5 * time.Second), ++ Delete: schema.DefaultTimeout(3 * time.Second), + }, + + Schema: map[string]*schema.Schema{ +diff --git a/internal/service/ec2/eip_test.go b/internal/service/ec2/eip_test.go +index f65dc47d20..2e939e2286 100644 +--- a/internal/service/ec2/eip_test.go ++++ b/internal/service/ec2/eip_test.go +@@ -771,7 +771,7 @@ func testAccCheckEIPExists(n string, ec2classic bool, res *ec2.Address) resource + + var output *ec2.DescribeAddressesOutput + +- err := resource.Retry(15*time.Minute, func() *resource.RetryError { ++ err := resource.Retry(15*time.Second, func() *resource.RetryError { + var err error + + output, err = conn.DescribeAddresses(input) +diff --git a/internal/service/ec2/fleet.go b/internal/service/ec2/fleet.go +index 7f9133b4ff..48789a97e8 100644 +--- a/internal/service/ec2/fleet.go ++++ b/internal/service/ec2/fleet.go +@@ -29,9 +29,9 @@ func ResourceFleet() *schema.Resource { + + CustomizeDiff: verify.SetTagsDiff, + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), +- Update: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), ++ Update: schema.DefaultTimeout(10 * time.Second), + }, + + Schema: map[string]*schema.Schema{ +diff --git a/internal/service/ec2/generate/createtags/main.go b/internal/service/ec2/generate/createtags/main.go +index d42232fc09..8f7f983957 100644 +--- a/internal/service/ec2/generate/createtags/main.go ++++ b/internal/service/ec2/generate/createtags/main.go +@@ -133,7 +133,7 @@ import ( + tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" + ) + +-const EventualConsistencyTimeout = 5 * time.Minute ++const EventualConsistencyTimeout = 5 * time.Second + + // CreateTags creates {{ .ServicePackage }} service tags for new resources. + // The identifier is typically the Amazon Resource Name (ARN), although +diff --git a/internal/service/ec2/instance.go b/internal/service/ec2/instance.go +index d8fcdd5048..c22c80edc2 100644 +--- a/internal/service/ec2/instance.go ++++ b/internal/service/ec2/instance.go +@@ -2582,7 +2582,7 @@ func getInstancePasswordData(instanceID string, conn *ec2.EC2) (string, error) { + input := &ec2.GetPasswordDataInput{ + InstanceId: aws.String(instanceID), + } +- err := resource.Retry(15*time.Minute, func() *resource.RetryError { ++ err := resource.Retry(15*time.Second, func() *resource.RetryError { + var err error + resp, err = conn.GetPasswordData(input) + +diff --git a/internal/service/ec2/local_gateway_route.go b/internal/service/ec2/local_gateway_route.go +index 3035d7ecde..12c71aeec7 100644 +--- a/internal/service/ec2/local_gateway_route.go ++++ b/internal/service/ec2/local_gateway_route.go +@@ -17,7 +17,7 @@ import ( + ) + + const ( +- ec2LocalGatewayRouteEventualConsistencyTimeout = 1 * time.Minute ++ ec2LocalGatewayRouteEventualConsistencyTimeout = 1 * time.Second + ) + + func ResourceLocalGatewayRoute() *schema.Resource { +diff --git a/internal/service/ec2/route.go b/internal/service/ec2/route.go +index e6e7c24f45..99adeb2661 100644 +--- a/internal/service/ec2/route.go ++++ b/internal/service/ec2/route.go +@@ -46,8 +46,8 @@ func ResourceRoute() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(5 * time.Minute), +- Update: schema.DefaultTimeout(2 * time.Minute), ++ Create: schema.DefaultTimeout(5 * time.Second), ++ Update: schema.DefaultTimeout(2 * time.Second), + Delete: schema.DefaultTimeout(5 * time.Minute), + }, + +diff --git a/internal/service/ec2/route_table.go b/internal/service/ec2/route_table.go +index ce0e981153..886f78063a 100644 +--- a/internal/service/ec2/route_table.go ++++ b/internal/service/ec2/route_table.go +@@ -50,9 +50,9 @@ func ResourceRouteTable() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(5 * time.Minute), +- Update: schema.DefaultTimeout(2 * time.Minute), +- Delete: schema.DefaultTimeout(5 * time.Minute), ++ Create: schema.DefaultTimeout(5 * time.Second), ++ Update: schema.DefaultTimeout(2 * time.Second), ++ Delete: schema.DefaultTimeout(5 * time.Second), + }, + + Schema: map[string]*schema.Schema{ +diff --git a/internal/service/ec2/route_table_test.go b/internal/service/ec2/route_table_test.go +index 267322dd4c..93e27437f4 100644 +--- a/internal/service/ec2/route_table_test.go ++++ b/internal/service/ec2/route_table_test.go +@@ -1165,7 +1165,7 @@ func testAccCheckRouteTableWaitForVPCEndpointRoute(routeTable *ec2.RouteTable, v + + plId := aws.StringValue(resp.PrefixLists[0].PrefixListId) + +- err = resource.Retry(3*time.Minute, func() *resource.RetryError { ++ err = resource.Retry(3*time.Second, func() *resource.RetryError { + resp, err := conn.DescribeRouteTables(&ec2.DescribeRouteTablesInput{ + RouteTableIds: []*string{routeTable.RouteTableId}, + }) +diff --git a/internal/service/ec2/security_group.go b/internal/service/ec2/security_group.go +index 7c94bf3b2e..ba4bdf1979 100644 +--- a/internal/service/ec2/security_group.go ++++ b/internal/service/ec2/security_group.go +@@ -36,8 +36,8 @@ func ResourceSecurityGroup() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(15 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(15 * time.Second), + }, + + SchemaVersion: 1, +diff --git a/internal/service/ec2/security_group_rule.go b/internal/service/ec2/security_group_rule.go +index ec5f80f79f..bc7eb79453 100644 +--- a/internal/service/ec2/security_group_rule.go ++++ b/internal/service/ec2/security_group_rule.go +@@ -227,7 +227,7 @@ information and instructions for recovery. Error: %w`, sg_id, autherr) + id := IPPermissionIDHash(sg_id, ruleType, perm) + log.Printf("[DEBUG] Computed group rule ID %s", id) + +- err = resource.Retry(5*time.Minute, func() *resource.RetryError { ++ err = resource.Retry(5*time.Second, func() *resource.RetryError { + sg, err := FindSecurityGroupByID(conn, sg_id) + + if err != nil { +diff --git a/internal/service/ec2/snapshot_create_volume_permission.go b/internal/service/ec2/snapshot_create_volume_permission.go +index 5cfe5b8ef8..6d7c4b226a 100644 +--- a/internal/service/ec2/snapshot_create_volume_permission.go ++++ b/internal/service/ec2/snapshot_create_volume_permission.go +@@ -60,7 +60,7 @@ func resourceSnapshotCreateVolumePermissionCreate(d *schema.ResourceData, meta i + Pending: []string{"denied"}, + Target: []string{"granted"}, + Refresh: resourceSnapshotCreateVolumePermissionStateRefreshFunc(conn, snapshot_id, account_id), +- Timeout: 20 * time.Minute, ++ Timeout: 20 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 10 * time.Second, + } +@@ -120,7 +120,7 @@ func resourceSnapshotCreateVolumePermissionDelete(d *schema.ResourceData, meta i + Pending: []string{"granted"}, + Target: []string{"denied"}, + Refresh: resourceSnapshotCreateVolumePermissionStateRefreshFunc(conn, snapshotID, accountID), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 10 * time.Second, + } +diff --git a/internal/service/ec2/spot_fleet_request.go b/internal/service/ec2/spot_fleet_request.go +index 49e4909b3a..731a37f253 100644 +--- a/internal/service/ec2/spot_fleet_request.go ++++ b/internal/service/ec2/spot_fleet_request.go +@@ -36,8 +36,8 @@ func ResourceSpotFleetRequest() *schema.Resource { + }, + }, + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(15 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(15 * time.Second), + }, + + SchemaVersion: 1, +@@ -1089,7 +1089,7 @@ func resourceSpotFleetRequestCreate(d *schema.ResourceData, meta interface{}) er + Pending: []string{ec2.BatchStateSubmitted}, + Target: []string{ec2.BatchStateActive}, + Refresh: resourceSpotFleetRequestStateRefreshFunc(d, meta), +- Timeout: d.Timeout(schema.TimeoutCreate), //10 * time.Minute, ++ Timeout: d.Timeout(schema.TimeoutCreate), //10 * time.Second, + MinTimeout: 10 * time.Second, + Delay: 30 * time.Second, + } +diff --git a/internal/service/ec2/spot_instance_request.go b/internal/service/ec2/spot_instance_request.go +index e054f82987..08aeb6cf70 100644 +--- a/internal/service/ec2/spot_instance_request.go ++++ b/internal/service/ec2/spot_instance_request.go +@@ -32,8 +32,8 @@ func ResourceSpotInstanceRequest() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(20 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(20 * time.Second), + }, + + Schema: func() map[string]*schema.Schema { +diff --git a/internal/service/ec2/subnet.go b/internal/service/ec2/subnet.go +index e551ea615a..ffd26e0c2d 100644 +--- a/internal/service/ec2/subnet.go ++++ b/internal/service/ec2/subnet.go +@@ -30,8 +30,8 @@ func ResourceSubnet() *schema.Resource { + CustomizeDiff: verify.SetTagsDiff, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(20 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(20 * time.Second), + }, + + SchemaVersion: 1, +diff --git a/internal/service/ec2/transit_gateway.go b/internal/service/ec2/transit_gateway.go +index 0c4113ac8d..0a243da1f7 100644 +--- a/internal/service/ec2/transit_gateway.go ++++ b/internal/service/ec2/transit_gateway.go +@@ -33,9 +33,9 @@ func ResourceTransitGateway() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Update: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Update: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + + CustomizeDiff: customdiff.Sequence( +@@ -753,7 +753,7 @@ func waitForTransitGatewayPeeringAttachmentAcceptance(conn *ec2.EC2, transitGate + }, + Target: []string{ec2.TransitGatewayAttachmentStateAvailable}, + Refresh: transitGatewayPeeringAttachmentRefreshFunc(conn, transitGatewayAttachmentID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway Peering Attachment (%s) availability", transitGatewayAttachmentID) +@@ -774,7 +774,7 @@ func waitForTransitGatewayPeeringAttachmentCreation(conn *ec2.EC2, transitGatewa + ec2.TransitGatewayAttachmentStatePendingAcceptance, + }, + Refresh: transitGatewayPeeringAttachmentRefreshFunc(conn, transitGatewayAttachmentID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway Peering Attachment (%s) availability", transitGatewayAttachmentID) +@@ -793,7 +793,7 @@ func WaitForTransitGatewayPeeringAttachmentDeletion(conn *ec2.EC2, transitGatewa + }, + Target: []string{ec2.TransitGatewayAttachmentStateDeleted}, + Refresh: transitGatewayPeeringAttachmentRefreshFunc(conn, transitGatewayAttachmentID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway Peering Attachment (%s) deletion", transitGatewayAttachmentID) +@@ -811,7 +811,7 @@ func waitForTransitGatewayRouteTableAssociationCreation(conn *ec2.EC2, transitGa + Pending: []string{ec2.TransitGatewayAssociationStateAssociating}, + Target: []string{ec2.TransitGatewayAssociationStateAssociated}, + Refresh: transitGatewayRouteTableAssociationRefreshFunc(conn, transitGatewayRouteTableID, transitGatewayAttachmentID), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway Route Table (%s) association: %s", transitGatewayRouteTableID, transitGatewayAttachmentID) +@@ -828,7 +828,7 @@ func waitForTransitGatewayRouteTableAssociationDeletion(conn *ec2.EC2, transitGa + }, + Target: []string{""}, + Refresh: transitGatewayRouteTableAssociationRefreshFunc(conn, transitGatewayRouteTableID, transitGatewayAttachmentID), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + NotFoundChecks: 1, + } + +@@ -847,7 +847,7 @@ func waitForTransitGatewayRouteTableCreation(conn *ec2.EC2, transitGatewayRouteT + Pending: []string{ec2.TransitGatewayRouteTableStatePending}, + Target: []string{ec2.TransitGatewayRouteTableStateAvailable}, + Refresh: transitGatewayRouteTableRefreshFunc(conn, transitGatewayRouteTableID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway Route Table (%s) availability", transitGatewayRouteTableID) +@@ -864,7 +864,7 @@ func waitForTransitGatewayRouteTableDeletion(conn *ec2.EC2, transitGatewayRouteT + }, + Target: []string{ec2.TransitGatewayRouteTableStateDeleted}, + Refresh: transitGatewayRouteTableRefreshFunc(conn, transitGatewayRouteTableID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + NotFoundChecks: 1, + } + +@@ -886,7 +886,7 @@ func waitForTransitGatewayVPCAttachmentAcceptance(conn *ec2.EC2, transitGatewayA + }, + Target: []string{ec2.TransitGatewayAttachmentStateAvailable}, + Refresh: transitGatewayAttachmentRefreshFunc(conn, transitGatewayAttachmentID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway VPC Attachment (%s) availability", transitGatewayAttachmentID) +@@ -903,7 +903,7 @@ func waitForTransitGatewayAttachmentCreation(conn *ec2.EC2, transitGatewayAttach + ec2.TransitGatewayAttachmentStateAvailable, + }, + Refresh: transitGatewayAttachmentRefreshFunc(conn, transitGatewayAttachmentID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway Attachment (%s) availability", transitGatewayAttachmentID) +@@ -920,7 +920,7 @@ func WaitForTransitGatewayAttachmentDeletion(conn *ec2.EC2, transitGatewayAttach + }, + Target: []string{ec2.TransitGatewayAttachmentStateDeleted}, + Refresh: transitGatewayAttachmentRefreshFunc(conn, transitGatewayAttachmentID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + NotFoundChecks: 1, + } + +@@ -939,7 +939,7 @@ func waitForTransitGatewayAttachmentUpdate(conn *ec2.EC2, transitGatewayAttachme + Pending: []string{ec2.TransitGatewayAttachmentStateModifying}, + Target: []string{ec2.TransitGatewayAttachmentStateAvailable}, + Refresh: transitGatewayAttachmentRefreshFunc(conn, transitGatewayAttachmentID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + } + + log.Printf("[DEBUG] Waiting for EC2 Transit Gateway Attachment (%s) availability", transitGatewayAttachmentID) +diff --git a/internal/service/ec2/transit_gateway_connect.go b/internal/service/ec2/transit_gateway_connect.go +index 94fcf294fd..511809d291 100644 +--- a/internal/service/ec2/transit_gateway_connect.go ++++ b/internal/service/ec2/transit_gateway_connect.go +@@ -29,9 +29,9 @@ func ResourceTransitGatewayConnect() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Update: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Update: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + + CustomizeDiff: verify.SetTagsDiff, +diff --git a/internal/service/ec2/transit_gateway_connect_peer.go b/internal/service/ec2/transit_gateway_connect_peer.go +index f99d6fba34..abe9360e1a 100644 +--- a/internal/service/ec2/transit_gateway_connect_peer.go ++++ b/internal/service/ec2/transit_gateway_connect_peer.go +@@ -34,8 +34,8 @@ func ResourceTransitGatewayConnectPeer() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + + CustomizeDiff: verify.SetTagsDiff, +diff --git a/internal/service/ec2/transit_gateway_multicast_domain.go b/internal/service/ec2/transit_gateway_multicast_domain.go +index 268b596f7e..cb332107ec 100644 +--- a/internal/service/ec2/transit_gateway_multicast_domain.go ++++ b/internal/service/ec2/transit_gateway_multicast_domain.go +@@ -31,8 +31,8 @@ func ResourceTransitGatewayMulticastDomain() *schema.Resource { + CustomizeDiff: verify.SetTagsDiff, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + + Schema: map[string]*schema.Schema{ +diff --git a/internal/service/ec2/transit_gateway_multicast_domain_association.go b/internal/service/ec2/transit_gateway_multicast_domain_association.go +index 7dbb72c75a..0f8782b75b 100644 +--- a/internal/service/ec2/transit_gateway_multicast_domain_association.go ++++ b/internal/service/ec2/transit_gateway_multicast_domain_association.go +@@ -23,8 +23,8 @@ func ResourceTransitGatewayMulticastDomainAssociation() *schema.Resource { + DeleteWithoutTimeout: resourceTransitGatewayMulticastDomainAssociationDelete, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + + Schema: map[string]*schema.Schema{ +diff --git a/internal/service/ec2/volume_attachment.go b/internal/service/ec2/volume_attachment.go +index ba481eabc1..672b93e7ce 100644 +--- a/internal/service/ec2/volume_attachment.go ++++ b/internal/service/ec2/volume_attachment.go +@@ -106,7 +106,7 @@ func resourceVolumeAttachmentCreate(d *schema.ResourceData, meta interface{}) er + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameStopping}, + Target: []string{ec2.InstanceStateNameRunning, ec2.InstanceStateNameStopped}, + Refresh: InstanceStateRefreshFunc(conn, iID, []string{ec2.InstanceStateNameTerminated}), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 3 * time.Second, + } +@@ -139,7 +139,7 @@ func resourceVolumeAttachmentCreate(d *schema.ResourceData, meta interface{}) er + Pending: []string{ec2.VolumeAttachmentStateAttaching}, + Target: []string{ec2.VolumeAttachmentStateAttached}, + Refresh: volumeAttachmentStateRefreshFunc(conn, name, vID, iID), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 3 * time.Second, + } +@@ -234,7 +234,7 @@ func resourceVolumeAttachmentDelete(d *schema.ResourceData, meta interface{}) er + Pending: []string{ec2.VolumeAttachmentStateDetaching}, + Target: []string{ec2.VolumeAttachmentStateDetached}, + Refresh: volumeAttachmentStateRefreshFunc(conn, name, vID, iID), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 3 * time.Second, + } +diff --git a/internal/service/ec2/volume_attachment_test.go b/internal/service/ec2/volume_attachment_test.go +index d680b5de40..33e4990293 100644 +--- a/internal/service/ec2/volume_attachment_test.go ++++ b/internal/service/ec2/volume_attachment_test.go +@@ -101,7 +101,7 @@ func TestAccEC2VolumeAttachment_attachStopped(t *testing.T) { + Pending: []string{ec2.InstanceStateNamePending, ec2.InstanceStateNameRunning, ec2.InstanceStateNameStopping}, + Target: []string{ec2.InstanceStateNameStopped}, + Refresh: tfec2.InstanceStateRefreshFunc(conn, *i.InstanceId, []string{}), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + Delay: 10 * time.Second, + MinTimeout: 3 * time.Second, + } +diff --git a/internal/service/ec2/vpc_endpoint.go b/internal/service/ec2/vpc_endpoint.go +index e63ff49e44..117845e8ee 100644 +--- a/internal/service/ec2/vpc_endpoint.go ++++ b/internal/service/ec2/vpc_endpoint.go +@@ -22,7 +22,7 @@ import ( + + const ( + // Maximum amount of time to wait for VPC Endpoint creation +- VPCEndpointCreationTimeout = 10 * time.Minute ++ VPCEndpointCreationTimeout = 10 * time.Second + ) + + func ResourceVPCEndpoint() *schema.Resource { +@@ -147,8 +147,8 @@ func ResourceVPCEndpoint() *schema.Resource { + + Timeouts: &schema.ResourceTimeout{ + Create: schema.DefaultTimeout(VPCEndpointCreationTimeout), +- Update: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Update: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + + CustomizeDiff: verify.SetTagsDiff, +diff --git a/internal/service/ec2/vpc_endpoint_policy.go b/internal/service/ec2/vpc_endpoint_policy.go +index 98ba994861..f653423ae1 100644 +--- a/internal/service/ec2/vpc_endpoint_policy.go ++++ b/internal/service/ec2/vpc_endpoint_policy.go +@@ -45,8 +45,8 @@ func ResourceVPCEndpointPolicy() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + } + } +diff --git a/internal/service/ec2/vpc_endpoint_service.go b/internal/service/ec2/vpc_endpoint_service.go +index e25ddc0f7b..2782e413f9 100644 +--- a/internal/service/ec2/vpc_endpoint_service.go ++++ b/internal/service/ec2/vpc_endpoint_service.go +@@ -415,7 +415,7 @@ func vpcEndpointServiceWaitUntilAvailable(d *schema.ResourceData, conn *ec2.EC2) + Pending: []string{ec2.ServiceStatePending}, + Target: []string{ec2.ServiceStateAvailable}, + Refresh: vpcEndpointServiceStateRefresh(conn, d.Id()), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + Delay: 5 * time.Second, + MinTimeout: 5 * time.Second, + } +@@ -431,7 +431,7 @@ func waitForVpcEndpointServiceDeletion(conn *ec2.EC2, serviceID string) error { + Pending: []string{ec2.ServiceStateAvailable, ec2.ServiceStateDeleting}, + Target: []string{ec2.ServiceStateDeleted}, + Refresh: vpcEndpointServiceStateRefresh(conn, serviceID), +- Timeout: 10 * time.Minute, ++ Timeout: 10 * time.Second, + Delay: 5 * time.Second, + MinTimeout: 5 * time.Second, + } +diff --git a/internal/service/ec2/vpc_ipam.go b/internal/service/ec2/vpc_ipam.go +index e679302031..67eeccfd00 100644 +--- a/internal/service/ec2/vpc_ipam.go ++++ b/internal/service/ec2/vpc_ipam.go +@@ -73,9 +73,9 @@ func ResourceVPCIpam() *schema.Resource { + const ( + IpamStatusAvailable = "Available" + InvalidIpamIdNotFound = "InvalidIpamId.NotFound" +- IpamCreateTimeout = 3 * time.Minute ++ IpamCreateTimeout = 3 * time.Second + IpamCreateDeley = 5 * time.Second +- IpamDeleteTimeout = 3 * time.Minute ++ IpamDeleteTimeout = 3 * time.Second + IpamDeleteDelay = 5 * time.Second + ) + +diff --git a/internal/service/ec2/vpc_ipam_pool.go b/internal/service/ec2/vpc_ipam_pool.go +index 096d4d2e03..e6825eaed2 100644 +--- a/internal/service/ec2/vpc_ipam_pool.go ++++ b/internal/service/ec2/vpc_ipam_pool.go +@@ -114,10 +114,10 @@ func ResourceVPCIpamPool() *schema.Resource { + } + + const ( +- IpamPoolCreateTimeout = 3 * time.Minute ++ IpamPoolCreateTimeout = 3 * time.Second + InvalidIpamPoolIdNotFound = "InvalidIpamPoolId.NotFound" +- IpamPoolUpdateTimeout = 3 * time.Minute +- IpamPoolDeleteTimeout = 3 * time.Minute ++ IpamPoolUpdateTimeout = 3 * time.Second ++ IpamPoolDeleteTimeout = 3 * time.Second + IpamPoolAvailableDelay = 5 * time.Second + IpamPoolDeleteDelay = 5 * time.Second + ) +diff --git a/internal/service/ec2/vpc_ipam_pool_cidr.go b/internal/service/ec2/vpc_ipam_pool_cidr.go +index e7be2f477c..09898c1fc7 100644 +--- a/internal/service/ec2/vpc_ipam_pool_cidr.go ++++ b/internal/service/ec2/vpc_ipam_pool_cidr.go +@@ -65,9 +65,9 @@ func ResourceVPCIpamPoolCidr() *schema.Resource { + } + + const ( +- IpamPoolCidrCreateTimeout = 10 * time.Minute ++ IpamPoolCidrCreateTimeout = 10 * time.Second + // allocations releases are eventually consistent with a max time of 20m +- IpamPoolCidrDeleteTimeout = 32 * time.Minute ++ IpamPoolCidrDeleteTimeout = 32 * time.Second + IpamPoolCidrAvailableDelay = 5 * time.Second + IpamPoolCidrDeleteDelay = 5 * time.Second + ) +diff --git a/internal/service/ec2/vpc_ipam_scope.go b/internal/service/ec2/vpc_ipam_scope.go +index 52f02ca2b7..39c28b6a6c 100644 +--- a/internal/service/ec2/vpc_ipam_scope.go ++++ b/internal/service/ec2/vpc_ipam_scope.go +@@ -64,9 +64,9 @@ func ResourceVPCIpamScope() *schema.Resource { + } + + const ( +- IpamScopeCreateTimeout = 3 * time.Minute ++ IpamScopeCreateTimeout = 3 * time.Second + IpamScopeCreateDeley = 5 * time.Second +- IpamScopeDeleteTimeout = 3 * time.Minute ++ IpamScopeDeleteTimeout = 3 * time.Second + IpamScopeDeleteDelay = 5 * time.Second + + IpamScopeStatusAvailable = "Available" +diff --git a/internal/service/ec2/vpc_ipv4_cidr_block_association.go b/internal/service/ec2/vpc_ipv4_cidr_block_association.go +index 85bf50557e..7f1960a91e 100644 +--- a/internal/service/ec2/vpc_ipv4_cidr_block_association.go ++++ b/internal/service/ec2/vpc_ipv4_cidr_block_association.go +@@ -64,8 +64,8 @@ func ResourceVPCIPv4CIDRBlockAssociation() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + } + } +diff --git a/internal/service/ec2/vpc_ipv6_cidr_block_association.go b/internal/service/ec2/vpc_ipv6_cidr_block_association.go +index bbbfaee555..f0627c67df 100644 +--- a/internal/service/ec2/vpc_ipv6_cidr_block_association.go ++++ b/internal/service/ec2/vpc_ipv6_cidr_block_association.go +@@ -71,8 +71,8 @@ func ResourceVPCIPv6CIDRBlockAssociation() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(10 * time.Minute), +- Delete: schema.DefaultTimeout(10 * time.Minute), ++ Create: schema.DefaultTimeout(10 * time.Second), ++ Delete: schema.DefaultTimeout(10 * time.Second), + }, + } + } +diff --git a/internal/service/ec2/vpc_peering_connection.go b/internal/service/ec2/vpc_peering_connection.go +index 6fae3fc9e7..6b6f1abd11 100644 +--- a/internal/service/ec2/vpc_peering_connection.go ++++ b/internal/service/ec2/vpc_peering_connection.go +@@ -28,9 +28,9 @@ func ResourceVPCPeeringConnection() *schema.Resource { + }, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(1 * time.Minute), +- Update: schema.DefaultTimeout(1 * time.Minute), +- Delete: schema.DefaultTimeout(1 * time.Minute), ++ Create: schema.DefaultTimeout(1 * time.Second), ++ Update: schema.DefaultTimeout(1 * time.Second), ++ Delete: schema.DefaultTimeout(1 * time.Second), + }, + + // Keep in sync with aws_vpc_peering_connection_accepter's schema. +diff --git a/internal/service/ec2/vpc_peering_connection_accepter.go b/internal/service/ec2/vpc_peering_connection_accepter.go +index 5fb1bcb194..2b00ab82d0 100644 +--- a/internal/service/ec2/vpc_peering_connection_accepter.go ++++ b/internal/service/ec2/vpc_peering_connection_accepter.go +@@ -21,8 +21,8 @@ func ResourceVPCPeeringConnectionAccepter() *schema.Resource { + Delete: resourceVPCPeeringAccepterDelete, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(1 * time.Minute), +- Update: schema.DefaultTimeout(1 * time.Minute), ++ Create: schema.DefaultTimeout(1 * time.Second), ++ Update: schema.DefaultTimeout(1 * time.Second), + }, + + Importer: &schema.ResourceImporter{ +diff --git a/internal/service/ec2/vpn_gateway_route_propagation.go b/internal/service/ec2/vpn_gateway_route_propagation.go +index d4d5df3961..9217d9d672 100644 +--- a/internal/service/ec2/vpn_gateway_route_propagation.go ++++ b/internal/service/ec2/vpn_gateway_route_propagation.go +@@ -18,8 +18,8 @@ func ResourceVPNGatewayRoutePropagation() *schema.Resource { + Delete: resourceVPNGatewayRoutePropagationDisable, + + Timeouts: &schema.ResourceTimeout{ +- Create: schema.DefaultTimeout(2 * time.Minute), +- Delete: schema.DefaultTimeout(2 * time.Minute), ++ Create: schema.DefaultTimeout(2 * time.Second), ++ Delete: schema.DefaultTimeout(2 * time.Second), + }, + + Schema: map[string]*schema.Schema{ +diff --git a/internal/service/ec2/wait.go b/internal/service/ec2/wait.go +index 1674393925..73fe8e1161 100644 +--- a/internal/service/ec2/wait.go ++++ b/internal/service/ec2/wait.go +@@ -15,13 +15,13 @@ import ( + + const ( + // Maximum amount of time to wait for EC2 Instance attribute modifications to propagate +- InstanceAttributePropagationTimeout = 2 * time.Minute ++ InstanceAttributePropagationTimeout = 2 * time.Second + +- InstanceStartTimeout = 10 * time.Minute +- InstanceStopTimeout = 10 * time.Minute ++ InstanceStartTimeout = 10 * time.Second ++ InstanceStopTimeout = 10 * time.Second + + // General timeout for EC2 resource creations to propagate +- PropagationTimeout = 2 * time.Minute ++ PropagationTimeout = 2 * time.Second + + RouteNotFoundChecks = 1000 // Should exceed any reasonable custom timeout value. + RouteTableNotFoundChecks = 1000 // Should exceed any reasonable custom timeout value. +@@ -31,8 +31,8 @@ const ( + ) + + const ( +- CapacityReservationActiveTimeout = 2 * time.Minute +- CapacityReservationDeletedTimeout = 2 * time.Minute ++ CapacityReservationActiveTimeout = 2 * time.Second ++ CapacityReservationDeletedTimeout = 2 * time.Second + ) + + func WaitCapacityReservationActive(conn *ec2.EC2, id string) (*ec2.CapacityReservation, error) { +@@ -70,9 +70,9 @@ func WaitCapacityReservationDeleted(conn *ec2.EC2, id string) (*ec2.CapacityRese + } + + const ( +- CarrierGatewayAvailableTimeout = 5 * time.Minute ++ CarrierGatewayAvailableTimeout = 5 * time.Second + +- CarrierGatewayDeletedTimeout = 5 * time.Minute ++ CarrierGatewayDeletedTimeout = 5 * time.Second + ) + + func WaitCarrierGatewayAvailable(conn *ec2.EC2, carrierGatewayID string) (*ec2.CarrierGateway, error) { +@@ -111,10 +111,10 @@ func WaitCarrierGatewayDeleted(conn *ec2.EC2, carrierGatewayID string) (*ec2.Car + + const ( + // Maximum amount of time to wait for a LocalGatewayRouteTableVpcAssociation to return Associated +- LocalGatewayRouteTableVPCAssociationAssociatedTimeout = 5 * time.Minute ++ LocalGatewayRouteTableVPCAssociationAssociatedTimeout = 5 * time.Second + + // Maximum amount of time to wait for a LocalGatewayRouteTableVpcAssociation to return Disassociated +- LocalGatewayRouteTableVPCAssociationDisassociatedTimeout = 5 * time.Minute ++ LocalGatewayRouteTableVPCAssociationDisassociatedTimeout = 5 * time.Second + ) + + // WaitLocalGatewayRouteTableVPCAssociationAssociated waits for a LocalGatewayRouteTableVpcAssociation to return Associated +-- +2.25.1 + diff --git a/tests/terraformtests/etc/0003-Patch-IAM-wait-times.patch b/tests/terraformtests/etc/0003-Patch-IAM-wait-times.patch new file mode 100644 index 000000000..41f8f096c --- /dev/null +++ b/tests/terraformtests/etc/0003-Patch-IAM-wait-times.patch @@ -0,0 +1,34 @@ +From 211ea82c418b51a35b94b1e3ded0d689b4434863 Mon Sep 17 00:00:00 2001 +From: Bert Blommers +Date: Fri, 15 Apr 2022 19:22:04 +0000 +Subject: [PATCH] Patch IAM wait times + +--- + internal/service/iam/wait.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/internal/service/iam/wait.go b/internal/service/iam/wait.go +index 51e5d1c9c7..057446ae1d 100644 +--- a/internal/service/iam/wait.go ++++ b/internal/service/iam/wait.go +@@ -17,7 +17,7 @@ const ( + // as this will negatively impact user experience when configurations + // have incorrect references or permissions. + // Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency +- PropagationTimeout = 2 * time.Minute ++ PropagationTimeout = 2 * time.Second + + RoleStatusARNIsUniqueID = "uniqueid" + RoleStatusARNIsARN = "arn" +@@ -72,7 +72,7 @@ func waitDeleteServiceLinkedRole(conn *iam.IAM, deletionTaskID string) error { + Pending: []string{iam.DeletionTaskStatusTypeInProgress, iam.DeletionTaskStatusTypeNotStarted}, + Target: []string{iam.DeletionTaskStatusTypeSucceeded}, + Refresh: statusDeleteServiceLinkedRole(conn, deletionTaskID), +- Timeout: 5 * time.Minute, ++ Timeout: 5 * time.Second, + Delay: 10 * time.Second, + } + +-- +2.25.1 + diff --git a/tests/terraformtests/get_tf_services.py b/tests/terraformtests/get_tf_services.py new file mode 100644 index 000000000..6e2df048a --- /dev/null +++ b/tests/terraformtests/get_tf_services.py @@ -0,0 +1,5 @@ +import yaml + +with open("tests/terraformtests/terraform-tests.success.txt") as f: + dct = yaml.load(f, Loader=yaml.FullLoader) + print(list(dct.keys())) diff --git a/tests/terraformtests/get_tf_tests.py b/tests/terraformtests/get_tf_tests.py new file mode 100644 index 000000000..1acfaea59 --- /dev/null +++ b/tests/terraformtests/get_tf_tests.py @@ -0,0 +1,19 @@ +import yaml +import sys + + +def print_test_names(service): + with open("tests/terraformtests/terraform-tests.success.txt") as f: + dct = yaml.load(f, Loader=yaml.FullLoader) + tests = dct.get(service) + if len(tests) == 1: + print(tests[0]) + else: + print('"(' + "|".join(tests) + ')"') + + +if __name__ == "__main__": + if len(sys.argv) != 2: + print("") + else: + print_test_names(service=sys.argv[1]) diff --git a/tests/terraformtests/terraform-provider-aws b/tests/terraformtests/terraform-provider-aws new file mode 160000 index 000000000..f34a786a6 --- /dev/null +++ b/tests/terraformtests/terraform-provider-aws @@ -0,0 +1 @@ +Subproject commit f34a786a6672e5629456a523e2b74cc4d368db45 diff --git a/tests/terraformtests/terraform-tests.failures.txt b/tests/terraformtests/terraform-tests.failures.txt new file mode 100644 index 000000000..60d016225 --- /dev/null +++ b/tests/terraformtests/terraform-tests.failures.txt @@ -0,0 +1,75 @@ +# The Tests in this file worked against an older version of Terraform +# Either they do not work anymore, or have not been verified to work yet + +TestAccAPIGatewayStage +TestAccAPIGatewayV2Authorizer +TestAccAPIGatewayV2Route +TestAccAppsyncApiKey +TestAccAppsyncGraphqlApi +TestAccAutoscalingAttachment +TestAccAutoscalingPolicy +TestAccBatchJobQueue +TestAccCloudTrail +TestAccEventsRule +TestAccCloudWatchEventTarget_ssmDocument +TestAccCloudWatchMetricAlarm +TestAccDAX +TestAccEC2DefaultSecurityGroup +TestAccEC2DefaultVPCAndSubnet +TestAccMetaDefaultTagsDataSource +TestAccEc2ManagedPrefixList +TestAccEC2Tag +TestAccEc2TransitGateway +TestAccEC2TransitGatewayDataSource +TestAccEc2TransitGatewayPeeringAttachment +TestAccEc2TransitGatewayPeeringAttachmentDataSource +TestAccEc2TransitGatewayRoute +TestAccEc2TransitGatewayRouteTable +TestAccEc2TransitGatewayRouteTableDataSource +TestAccEc2TransitGatewayRouteTablePropagation +TestAccEc2TransitGatewayVpcAttachmentAccepter +TestAccEc2TransitGatewayVpcAttachment_ApplianceModeSupport +TestAccEc2TransitGatewayVpcAttachment_basic +TestAccEc2TransitGatewayVpcAttachmentDataSource +TestAccEc2TransitGatewayVpcAttachment_disappears +TestAccEc2TransitGatewayVpcAttachment_DnsSupport +TestAccEc2TransitGatewayVpcAttachment_SharedTransitGateway +TestAccEc2TransitGatewayVpnAttachmentDataSource +TestAccEc2TransitGatewayDxGatewayAttachmentDataSource +TestAccEc2TransitGatewayPeeringAttachmentAccepter +TestAccEc2TransitGatewayRouteTableAssociation +TestAccEc2TransitGatewayVpcAttachment +TestAccEcrRegistryPolicy +TestAccEcrReplicationConfiguration +TestAccEC2EgressOnlyInternetGateway +TestAccEFSMountTarget +TestAccEksClusterDataSource +TestAccIAMRole +TestAccIotThing +TestAccIPRanges +TestAccKinesisStream +TestAccLbListenerCertificate +TestAccLBTargetGroupAttachment +TestAccELBPolicy +TestAccLambdaAlias +TestAccLambdaLayerVersion +TestAccMQBroker +TestAccMQBrokerDataSource +TestAccPartition +TestAccPinpointApp +TestAccPinpointEventStream +TestAccProvider +TestAccQuickSightGroup +TestAccQuickSightUser +TestAccSNSSMSPreferences +TestAccSNSTopicPolicy +TestAccSQSQueuePolicy +TestAccSSMDocument +TestAccSsmDocumentDataSource +TestAccSsmParameterDataSource +TestAccTimestreamWriteDatabase +TestAccTimestreamWriteTable +TestAccDataSourceLambdaLayerVersion +TestAccDataSourceLambdaInvocation +TestAccDataSourceNetworkInterface_ +TestAccSQSQueueDataSource \ No newline at end of file diff --git a/tests/terraformtests/terraform-tests.success.txt b/tests/terraformtests/terraform-tests.success.txt new file mode 100644 index 000000000..7d7cfaa56 --- /dev/null +++ b/tests/terraformtests/terraform-tests.success.txt @@ -0,0 +1,98 @@ +acm: + - TestAccACMCertificateDataSource +apigateway: + - TestAccAPIGatewayGatewayResponse +apigatewayv2: + - TestAccAPIGatewayV2IntegrationResponse + - TestAccAPIGatewayV2Model + - TestAccAPIGatewayV2RouteResponse + - TestAccAPIGatewayV2VPCLink +autoscaling: + - TestAccAutoScalingGroupDataSource +batch: + - TestAccBatchJobDefinition +cloudtrail: + - TestAccCloudTrailServiceAccount +cloudwatch: + - TestAccCloudWatchDashboard + - TestAccCloudWatchLogsDestination + - TestAccCloudWatchLogsDestinationPolicy + - TestAccCloudWatchLogsGroupDataSource +dynamodb: + - TestAccDynamoDBTableItem +ec2: + - TestAccEC2AvailabilityZonesDataSource_ + - TestAccEC2CarrierGateway_ + - TestAccEC2InstanceTypeOfferingDataSource_ + - TestAccEC2InstanceTypeOfferingsDataSource_ + - TestAccEC2InternetGateway_ + - TestAccEC2NATGateway_ + - TestAccEC2RouteTableAssociation_ + - TestAccEC2VPCEndpointService_ + - TestAccEC2VPNGateway_ + - TestAccEC2VPNGatewayAttachment_ +ecr: + - TestAccECRLifecyclePolicy + - TestAccECRRepository + - TestAccECRRepositoryDataSource + - TestAccECRRepositoryPolicy +efs: + - TestAccEFSAccessPoint_ + - TestAccEFSAccessPointDataSource + - TestAccEFSFileSystemDataSource +elasticbeanstalk: + - TestAccElasticBeanstalkHostedZoneDataSource + - TestAccElasticBeanstalkSolutionStackDataSource +elb: + - TestAccELBAttachment + - TestAccELBBackendServerPolicy + - TestAccELBHostedZoneIDDataSource + - TestAccELBListenerPolicy + - TestAccELBServiceAccountDataSource + - TestAccELBSSLNegotiationPolicy +events: + - TestAccEventsAPIDestination + - TestAccEventsArchive + - TestAccEventsBus + - TestAccEventsBusPolicy + - TestAccEventsConnection + - TestAccEventsConnectionDataSource + - TestAccEventsPermission +iam: + - TestAccIAMAccessKey_ + - TestAccIAMAccountAlias_ + - TestAccIAMGroup_ + - TestAccIAMInstanceProfileDataSource_ + - TestAccIAMGroupPolicy_ + - TestAccIAMOpenIDConnectProvider_ + - TestAccIAMOpenidConnectProviderDataSource_ + - TestAccIAMPolicy_ + - TestAccIAMPolicyDataSource_ + - TestAccIAMPolicyDocumentDataSource_ + - TestAccIAMRoleDataSource_ + - TestAccIAMRolePolicy_ + - TestAccIAMRolePolicyAttachment_ + - TestAccIAMSessionContextDataSource_ + - TestAccIAMUserDataSource_ + - TestAccIAMUserPolicy_ + - TestAccIAMUserPolicyAttachment_ + - TestAccIAMUserSSHKey_ + - TestAccIAMUserSSHKeyDataSource_ +iot: + - TestAccIoTEndpointDataSource +kms: + - TestAccKMSAlias + - TestAccKMSSecretDataSource + - TestAccKMSSecretsDataSource +meta: + - TestAccMetaBillingServiceAccountDataSource +redshift: + - TestAccRedshiftServiceAccountDataSource +s3: + - TestAccS3BucketPolicy + - TestAccS3BucketPublicAccessBlock + - TestAccS3ObjectCopy +sagemaker: + - TestAccSageMakerPrebuiltECRImageDataSource +sts: + - TestAccSTSCallerIdentityDataSource diff --git a/tests/terraformtests/test-fixtures/lambda_func.js b/tests/terraformtests/test-fixtures/lambda_func.js new file mode 100644 index 000000000..556182a5c --- /dev/null +++ b/tests/terraformtests/test-fixtures/lambda_func.js @@ -0,0 +1,9 @@ +var http = require('http') + +exports.handler = function(event, context) { + http.get("http://requestb.in/10m32wg1", function(res) { + console.log("success", res.statusCode, res.body) + }).on('error', function(e) { + console.log("error", e) + }) +} diff --git a/tests/terraformtests/test-fixtures/lambda_func_modified.js b/tests/terraformtests/test-fixtures/lambda_func_modified.js new file mode 100644 index 000000000..9842040bb --- /dev/null +++ b/tests/terraformtests/test-fixtures/lambda_func_modified.js @@ -0,0 +1,9 @@ +var http = require('http') + +exports.handler = function(event, context) { + http.get("http://requestb.in/MODIFIED", function(res) { + console.log("success", res.statusCode, res.body) + }).on('error', function(e) { + console.log("error", e) + }) +} diff --git a/tests/terraformtests/test-fixtures/lambda_invocation.js b/tests/terraformtests/test-fixtures/lambda_invocation.js new file mode 100644 index 000000000..abc0191f9 --- /dev/null +++ b/tests/terraformtests/test-fixtures/lambda_invocation.js @@ -0,0 +1,6 @@ +exports.handler = async (event) => { + if (process.env.TEST_DATA) { + event.key3 = process.env.TEST_DATA; + } + return event; +} diff --git a/tests/terraformtests/test-fixtures/lambda_invocation.zip b/tests/terraformtests/test-fixtures/lambda_invocation.zip new file mode 100644 index 0000000000000000000000000000000000000000..b2bc4cde4e15ef724383dd542a3d92674c92b89d GIT binary patch literal 290 zcmWIWW@Zs#U|`^2SXVH|M}Gbu?Gzxd2Z%)&WEgT1bCXgM<1_Qh@{9*0WckX-zyLPId#%O^eJ#yvr#;SipY+rX+7RlYv+j&{*aZ(= z@3Yz$LpE#;Uhyo5q3MhXYj4w{KTobaO4@s6kI`O%>klSWh#wbl_g%pxz>t0EwBK42 zHmR1-t)>yVx-)dVbTxHPHD_#kw(2PpLx49UlN>WHH%kCr&cFb455tm15DU8xSRp<@ VbA5m}D;r1;BM?Rb=}jOG0{|OZS0MlZ literal 0 HcmV?d00001 diff --git a/tests/terraformtests/test-fixtures/lambdapinpoint.zip b/tests/terraformtests/test-fixtures/lambdapinpoint.zip new file mode 100644 index 0000000000000000000000000000000000000000..259ef4e544341d835c2c69f3a1bf73d443cfaa3c GIT binary patch literal 304 zcmWIWW@Zs#U|`^2P%k$1RbJ(-*a7720b)TQ&PmKoN=Yop%qz&x%q!8$Dz@!8$klAX z)Aqi$>wzn)>iqG9BQ}$_CQU2!zQ%dOO%K0LQRung9R* literal 0 HcmV?d00001 diff --git a/tests/terraformtests/test-fixtures/lambdatest.zip b/tests/terraformtests/test-fixtures/lambdatest.zip new file mode 100644 index 0000000000000000000000000000000000000000..5c636e955b2cccd992ac213993798acfdc39d6aa GIT binary patch literal 342 zcmWIWW@Zs#U|`^2_)xpcjj3pP&N2{>k%57iL53kGF*hkCu_U#)L@%p2G=!6ZndL`H zXdn=mR&X;gvU~-q18Xlm&k&i8#+QN6XCT<*-b`*@ggZ%;WfQT_nWzO%+$*O&s=9G|AR z&f>yR^AA6>@7sK}irLaRiOHq^)$z9dpQ3v8avCCzNC$W`GRZOH@~#BX;|vTyA2BRx d1hLRO&kFH8n#TjYS=m5}8G$euNWTSf7yyUqbSVG; literal 0 HcmV?d00001 diff --git a/tests/terraformtests/test-fixtures/lambdatest_modified.zip b/tests/terraformtests/test-fixtures/lambdatest_modified.zip new file mode 100644 index 0000000000000000000000000000000000000000..336bdd72eb8390b2f712df1c67578c4f44aa5636 GIT binary patch literal 393 zcmWIWW@Zs#U|`^2aNpzUBlKjB!AcO1k%2*#L586uwYWq#EwiGev?#S$KPNFaDJ3yJ ztu!w=J~uxlGc7YUMK7y3G=!6Z`Kx|iRGdRyRA~h_10%~fpnkBirDuG(nhgY4AJqB@ z-Z|26q;}!zTTR`UjDHx1Itp1E3wnQi=c{um?^l@dhkNGX8r9D{OJa?gvY~ve$s@rcjZ{i^GYGG=J_P3HE-I{;5w)*eo4bN>_!f