r/aws_ssoadmin_account_assignments - new resource #23292
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…icorp/terraform-provider-aws/blob/main/docs/contributing ---> <!--- Please keep this note for the community ---> * Please vote on this pull request by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original pull request comment to help the community and maintainers prioritize this request * Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request <!--- Thank you for keeping this note for the community ---> <!--- If your PR fully resolves and should automatically close the linked issue, use Closes. Otherwise, use Relates ---> Closes hashicorp#18739 Output from acceptance testing: <!-- Replace TestAccXXX with a pattern that matches the tests affected by this PR. Replace ec2 with the service package corresponding to your tests. For more information on the `-run` flag, see the `go test` documentation at https://tip.golang.org/cmd/go/#hdr-Testing_flags. --> ``` $ make testacc PKG=ssoadmin ==> Checking that code complies with gofmt requirements... TF_ACC=1 go test ./internal/service/ssoadmin/... -v -count 1 -parallel 20 -timeout 180m === RUN TestAccSSOAdminAccountAssignment_Basic_group === PAUSE TestAccSSOAdminAccountAssignment_Basic_group === RUN TestAccSSOAdminAccountAssignment_Basic_user === PAUSE TestAccSSOAdminAccountAssignment_Basic_user === RUN TestAccSSOAdminAccountAssignment_disappears === PAUSE TestAccSSOAdminAccountAssignment_disappears === RUN TestAccSSOAdminAccountAssignments_Basic_group === PAUSE TestAccSSOAdminAccountAssignments_Basic_group === RUN TestAccSSOAdminAccountAssignments_Basic_user === PAUSE TestAccSSOAdminAccountAssignments_Basic_user === RUN TestAccSSOAdminInstancesDataSource_basic === PAUSE TestAccSSOAdminInstancesDataSource_basic === RUN TestAccSSOAdminManagedPolicyAttachment_basic === PAUSE TestAccSSOAdminManagedPolicyAttachment_basic === RUN TestAccSSOAdminManagedPolicyAttachment_forceNew === PAUSE TestAccSSOAdminManagedPolicyAttachment_forceNew === RUN TestAccSSOAdminManagedPolicyAttachment_disappears --- PASS: TestAccSSOAdminManagedPolicyAttachment_disappears (27.91s) === RUN TestAccSSOAdminManagedPolicyAttachment_Disappears_permissionSet --- PASS: TestAccSSOAdminManagedPolicyAttachment_Disappears_permissionSet (18.53s) === RUN TestAccSSOAdminManagedPolicyAttachment_multipleManagedPolicies === PAUSE TestAccSSOAdminManagedPolicyAttachment_multipleManagedPolicies === RUN TestAccSSOAdminPermissionSetDataSource_arn === PAUSE TestAccSSOAdminPermissionSetDataSource_arn === RUN TestAccSSOAdminPermissionSetDataSource_name === PAUSE TestAccSSOAdminPermissionSetDataSource_name === RUN TestAccSSOAdminPermissionSetDataSource_nonExistent === PAUSE TestAccSSOAdminPermissionSetDataSource_nonExistent === RUN TestAccSSOAdminPermissionSetInlinePolicy_basic === PAUSE TestAccSSOAdminPermissionSetInlinePolicy_basic === RUN TestAccSSOAdminPermissionSetInlinePolicy_update === PAUSE TestAccSSOAdminPermissionSetInlinePolicy_update === RUN TestAccSSOAdminPermissionSetInlinePolicy_disappears --- PASS: TestAccSSOAdminPermissionSetInlinePolicy_disappears (20.30s) === RUN TestAccSSOAdminPermissionSetInlinePolicy_Disappears_permissionSet --- PASS: TestAccSSOAdminPermissionSetInlinePolicy_Disappears_permissionSet (20.05s) === RUN TestAccSSOAdminPermissionSet_basic === PAUSE TestAccSSOAdminPermissionSet_basic === RUN TestAccSSOAdminPermissionSet_tags --- PASS: TestAccSSOAdminPermissionSet_tags (55.21s) === RUN TestAccSSOAdminPermissionSet_updateDescription === PAUSE TestAccSSOAdminPermissionSet_updateDescription === RUN TestAccSSOAdminPermissionSet_updateRelayState === PAUSE TestAccSSOAdminPermissionSet_updateRelayState === RUN TestAccSSOAdminPermissionSet_updateSessionDuration === PAUSE TestAccSSOAdminPermissionSet_updateSessionDuration === RUN TestAccSSOAdminPermissionSet_RelayState_updateSessionDuration === PAUSE TestAccSSOAdminPermissionSet_RelayState_updateSessionDuration === RUN TestAccSSOAdminPermissionSet_mixedPolicyAttachments === PAUSE TestAccSSOAdminPermissionSet_mixedPolicyAttachments === CONT TestAccSSOAdminAccountAssignment_Basic_group === CONT TestAccSSOAdminPermissionSetDataSource_nonExistent === CONT TestAccSSOAdminPermissionSet_updateRelayState === CONT TestAccSSOAdminPermissionSet_basic === CONT TestAccSSOAdminPermissionSet_updateDescription === CONT TestAccSSOAdminManagedPolicyAttachment_basic === CONT TestAccSSOAdminPermissionSetDataSource_arn === CONT TestAccSSOAdminAccountAssignment_disappears === CONT TestAccSSOAdminAccountAssignments_Basic_group === CONT TestAccSSOAdminPermissionSetInlinePolicy_update === CONT TestAccSSOAdminManagedPolicyAttachment_multipleManagedPolicies === CONT TestAccSSOAdminAccountAssignment_Basic_user === CONT TestAccSSOAdminPermissionSetDataSource_name === CONT TestAccSSOAdminPermissionSetInlinePolicy_basic === CONT TestAccSSOAdminPermissionSet_mixedPolicyAttachments === CONT TestAccSSOAdminManagedPolicyAttachment_forceNew === CONT TestAccSSOAdminPermissionSet_updateSessionDuration === CONT TestAccSSOAdminAccountAssignments_Basic_user === CONT TestAccSSOAdminPermissionSet_RelayState_updateSessionDuration === CONT TestAccSSOAdminInstancesDataSource_basic --- PASS: TestAccSSOAdminPermissionSetDataSource_nonExistent (10.53s) --- PASS: TestAccSSOAdminInstancesDataSource_basic (22.39s) --- PASS: TestAccSSOAdminPermissionSetDataSource_arn (30.25s) --- PASS: TestAccSSOAdminPermissionSet_basic (33.43s) --- PASS: TestAccSSOAdminAccountAssignment_disappears (41.19s) --- PASS: TestAccSSOAdminPermissionSetDataSource_name (43.32s) --- PASS: TestAccSSOAdminPermissionSetInlinePolicy_basic (43.53s) --- PASS: TestAccSSOAdminAccountAssignments_Basic_group (46.83s) --- PASS: TestAccSSOAdminAccountAssignment_Basic_user (47.01s) --- PASS: TestAccSSOAdminManagedPolicyAttachment_basic (50.46s) --- PASS: TestAccSSOAdminPermissionSet_updateSessionDuration (54.33s) --- PASS: TestAccSSOAdminPermissionSet_updateDescription (54.34s) --- PASS: TestAccSSOAdminPermissionSet_updateRelayState (54.41s) --- PASS: TestAccSSOAdminPermissionSet_RelayState_updateSessionDuration (54.94s) --- PASS: TestAccSSOAdminPermissionSetInlinePolicy_update (60.59s) --- PASS: TestAccSSOAdminPermissionSet_mixedPolicyAttachments (61.51s) --- PASS: TestAccSSOAdminManagedPolicyAttachment_forceNew (70.69s) --- PASS: TestAccSSOAdminAccountAssignment_Basic_group (76.75s) --- PASS: TestAccSSOAdminAccountAssignments_Basic_user (76.81s) --- PASS: TestAccSSOAdminManagedPolicyAttachment_multipleManagedPolicies (91.68s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin 237.127s ```
github-actions
bot
added
size/XL
mattrobinsonsre
changed the title
mattrobinsonsre
changed the title
justinretzolk
removed
the
needs-triage
|
Any news on this PR? We'd love to see this implemented! |
|
Could this be merged? seems very useful |
|
This would be great. AWS SSO needs a bit update and new resources to fully manage sso in large enterprise scale environments. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #18739
Replaces #22543 - rebuilt against v4.
The purpose of this resource is to address the scalability of
aws_ssoadmin_account_assignmentwith large numbers of assignments. The AWS SSO API rate limit is very low and defining a resource for each principal assignment doesn't scale.Implementation of this resource in place of multiple
aws_ssoadmin_account_assignmentincantations reduces the plan time for our infra from ~20 minutes to ~2 minutes.Output from acceptance testing: