From 4064a4c5a75af29509cdd8ec79a4c46969e11cf8 Mon Sep 17 00:00:00 2001 From: chaaben mohamed Date: Thu, 6 Jan 2022 16:27:38 +0100 Subject: [PATCH 1/4] add call_as for stackset --- internal/service/cloudformation/stack_set.go | 14 ++++++++++++++ .../docs/r/cloudformation_stack_set.html.markdown | 1 + 2 files changed, 15 insertions(+) diff --git a/internal/service/cloudformation/stack_set.go b/internal/service/cloudformation/stack_set.go index 47e730a4c8b..b83f1ef7f95 100644 --- a/internal/service/cloudformation/stack_set.go +++ b/internal/service/cloudformation/stack_set.go @@ -107,6 +107,12 @@ func ResourceStackSet() *schema.Resource { ValidateFunc: validation.StringInSlice(cloudformation.PermissionModels_Values(), false), Default: cloudformation.PermissionModelsSelfManaged, }, + "call_as": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice(cloudformation.CallAs_Values(), false), + Default: cloudformation.CallAsSelf, + }, "stack_set_id": { Type: schema.TypeString, Computed: true, @@ -171,6 +177,10 @@ func resourceStackSetCreate(d *schema.ResourceData, meta interface{}) error { input.PermissionModel = aws.String(v.(string)) } + if v, ok := d.GetOk("call_as"); ok { + input.CallAs = aws.String(v.(string)) + } + if len(tags) > 0 { input.Tags = Tags(tags.IgnoreAWS()) } @@ -286,6 +296,10 @@ func resourceStackSetUpdate(d *schema.ResourceData, meta interface{}) error { input.PermissionModel = aws.String(v.(string)) } + if v, ok := d.GetOk("call_as"); ok { + input.CallAs = aws.String(v.(string)) + } + if len(tags) > 0 { input.Tags = Tags(tags.IgnoreAWS()) } diff --git a/website/docs/r/cloudformation_stack_set.html.markdown b/website/docs/r/cloudformation_stack_set.html.markdown index beaec1caf5b..15a92117d8b 100644 --- a/website/docs/r/cloudformation_stack_set.html.markdown +++ b/website/docs/r/cloudformation_stack_set.html.markdown @@ -95,6 +95,7 @@ The following arguments are supported: * `execution_role_name` - (Optional) Name of the IAM Role in all target accounts for StackSet operations. Defaults to `AWSCloudFormationStackSetExecutionRole` when using the `SELF_MANAGED` permission model. This should not be defined when using the `SERVICE_MANAGED` permission model. * `parameters` - (Optional) Key-value map of input parameters for the StackSet template. All template parameters, including those with a `Default`, must be configured or ignored with `lifecycle` configuration block `ignore_changes` argument. All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument. * `permission_model` - (Optional) Describes how the IAM roles required for your StackSet are created. Valid values: `SELF_MANAGED` (default), `SERVICE_MANAGED`. +* `call_as` - (Optional) Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. Valid values: `SELF` (default), `DELEGATED_ADMIN`. * `tags` - (Optional) Key-value map of tags to associate with this StackSet and the Stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the Stacks. A maximum number of 50 tags can be specified. If configured with a provider [`default_tags` configuration block](/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. * `template_body` - (Optional) String containing the CloudFormation template body. Maximum size: 51,200 bytes. Conflicts with `template_url`. * `template_url` - (Optional) String containing the location of a file containing the CloudFormation template body. The URL must point to a template that is located in an Amazon S3 bucket. Maximum location file size: 460,800 bytes. Conflicts with `template_body`. From aa362747f0a51b62b1db2cbc60e99d75dcb33ac1 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 14 Feb 2022 08:01:46 -0500 Subject: [PATCH 2/4] Add CHANGELOG entry. --- .changelog/22440.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/22440.txt diff --git a/.changelog/22440.txt b/.changelog/22440.txt new file mode 100644 index 00000000000..30d505e89f0 --- /dev/null +++ b/.changelog/22440.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_cloudformation_stack_set: Add `call_as` argument +``` \ No newline at end of file From dde9c18f337ea0634b6f0e9bc6e421b3dad07cd0 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 14 Feb 2022 08:03:41 -0500 Subject: [PATCH 3/4] r/aws_cloudformation_stack_set: Test 'call_as' value. --- internal/service/cloudformation/stack_set.go | 12 ++++++------ internal/service/cloudformation/stack_set_test.go | 1 + 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/internal/service/cloudformation/stack_set.go b/internal/service/cloudformation/stack_set.go index b83f1ef7f95..723c31e607c 100644 --- a/internal/service/cloudformation/stack_set.go +++ b/internal/service/cloudformation/stack_set.go @@ -67,6 +67,12 @@ func ResourceStackSet() *schema.Resource { }, }, }, + "call_as": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice(cloudformation.CallAs_Values(), false), + Default: cloudformation.CallAsSelf, + }, "capabilities": { Type: schema.TypeSet, Optional: true, @@ -107,12 +113,6 @@ func ResourceStackSet() *schema.Resource { ValidateFunc: validation.StringInSlice(cloudformation.PermissionModels_Values(), false), Default: cloudformation.PermissionModelsSelfManaged, }, - "call_as": { - Type: schema.TypeString, - Optional: true, - ValidateFunc: validation.StringInSlice(cloudformation.CallAs_Values(), false), - Default: cloudformation.CallAsSelf, - }, "stack_set_id": { Type: schema.TypeString, Computed: true, diff --git a/internal/service/cloudformation/stack_set_test.go b/internal/service/cloudformation/stack_set_test.go index 1cafd48cc2d..860a6fdb8a3 100644 --- a/internal/service/cloudformation/stack_set_test.go +++ b/internal/service/cloudformation/stack_set_test.go @@ -36,6 +36,7 @@ func TestAccCloudFormationStackSet_basic(t *testing.T) { resource.TestCheckResourceAttrPair(resourceName, "administration_role_arn", iamRoleResourceName, "arn"), acctest.MatchResourceAttrRegionalARN(resourceName, "arn", "cloudformation", regexp.MustCompile(`stackset/.+`)), resource.TestCheckResourceAttr(resourceName, "capabilities.#", "0"), + resource.TestCheckResourceAttr(resourceName, "call_as", "SELF"), resource.TestCheckResourceAttr(resourceName, "description", ""), resource.TestCheckResourceAttr(resourceName, "execution_role_name", "AWSCloudFormationStackSetExecutionRole"), resource.TestCheckResourceAttr(resourceName, "name", rName), From e987d1954cf4cfda34e474d6b9f27370c62f281b Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 14 Feb 2022 08:14:34 -0500 Subject: [PATCH 4/4] r/aws_cloudformation_stack_set: Add 'call_as' to ImportStateVerifyIgnore for acceptance tests. --- internal/service/cloudformation/stack_set_test.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/internal/service/cloudformation/stack_set_test.go b/internal/service/cloudformation/stack_set_test.go index 860a6fdb8a3..5a50edadfe8 100644 --- a/internal/service/cloudformation/stack_set_test.go +++ b/internal/service/cloudformation/stack_set_test.go @@ -53,6 +53,7 @@ func TestAccCloudFormationStackSet_basic(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -108,6 +109,7 @@ func TestAccCloudFormationStackSet_administrationRoleARN(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -146,6 +148,7 @@ func TestAccCloudFormationStackSet_description(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -184,6 +187,7 @@ func TestAccCloudFormationStackSet_executionRoleName(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -239,6 +243,7 @@ func TestAccCloudFormationStackSet_name(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -278,6 +283,7 @@ func TestAccCloudFormationStackSet_parameters(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -338,6 +344,7 @@ func TestAccCloudFormationStackSet_Parameters_default(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -390,6 +397,7 @@ func TestAccCloudFormationStackSet_Parameters_noEcho(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -440,6 +448,7 @@ func TestAccCloudFormationStackSet_PermissionModel_serviceManaged(t *testing.T) ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -471,6 +480,7 @@ func TestAccCloudFormationStackSet_tags(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -526,6 +536,7 @@ func TestAccCloudFormationStackSet_templateBody(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, }, @@ -565,6 +576,7 @@ func TestAccCloudFormationStackSet_templateURL(t *testing.T) { ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{ + "call_as", "template_url", }, },