Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Policy not Applied for Private API Gateway Resource Policy #14660

Closed
ghost opened this issue Aug 14, 2020 · 3 comments · Fixed by #17099
Closed

Policy not Applied for Private API Gateway Resource Policy #14660

ghost opened this issue Aug 14, 2020 · 3 comments · Fixed by #17099
Assignees
@bflad
Labels
bug Addresses a defect in current functionality. service/apigateway Issues and PRs that pertain to the apigateway service. service/ec2 Issues and PRs that pertain to the ec2 service. service/sts Issues and PRs that pertain to the sts service.
Milestone
v3.25.0

Comments

@ghost
Copy link

ghost commented Aug 14, 2020

This issue was originally opened by @jkdll as hashicorp/terraform#25850. It was migrated here as a result of the provider split. The original body of the issue is below.

Hi,
Given an aws_api_gateway_rest_api resource for an API Gateway set to private:

data "aws_caller_identity" "current" {}
data "aws_region" "current" {}
data "aws_vpc" "vpc_sample" {
  filter {
      name = "tag:Name" 
      values = ["sample-vpc-name"]
  }
}

data "aws_vpc_endpoint" "api_vpc_endpoint" {
  vpc_id       = data.aws_vpc.vpc_sample.id
  service_name = "com.amazonaws.${data.aws_region.current.name}.execute-api"
}

resource "aws_api_gateway_rest_api" "res_rest_api" {
  name           = "sample-rest-api"
  api_key_source = "HEADER"
  endpoint_configuration {
    types = ["PRIVATE"]
    vpc_endpoint_ids = ["${data.aws_vpc_endpoint.api_vpc_endpoint.id}"]
  }
  body = var.service_spec
  policy = <<EOF
  {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "execute-api:Invoke",
            "Resource": "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:*"
        },
        {
            "Effect": "Deny",
            "Principal": "*",
            "Action": "execute-api:Invoke",
            "Resource": "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:*",
            "Condition": {
                "NotIpAddress": {
                    "aws:VpcSourceIp": "10.0.0.0/8"
                }
            }
        }
    ]
}
  EOF

}

Upon Apply I get the following error:

Error: Error creating API Gateway Deployment: BadRequestException: Private REST API doesn't have a resource policy attached to it

The code requires a second Apply command to successfully apply the resource policy.

This looks like a bug, can someone please confirm that it is a bug? If not how can it be remedied to ensure that the policy is applied at the first apply?

Terraform Version: 0.12.6
AWS Provider Plugin Version: 3.2.0
Template Provider Plugin Version: 2.1.2
@ghost ghost added service/apigateway Issues and PRs that pertain to the apigateway service. service/ec2 Issues and PRs that pertain to the ec2 service. service/sts Issues and PRs that pertain to the sts service. labels Aug 14, 2020
@ghost ghost mentioned this issue Aug 14, 2020
Closed
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Aug 14, 2020
@bflad bflad added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Jan 14, 2021
@bflad bflad self-assigned this Jan 14, 2021
bflad added a commit that referenced this issue Jan 14, 2021
@bflad
resource/aws_api_gateway_rest_api: Additional OpenAPI specification a…
0bcd73e 
…cceptance testing and fix various attributes after import

Reference: #5364
Reference: #7161
Reference: #9722
Reference: #10766
Reference: #12432
Reference: #13841
Reference: #14290
Reference: #14660

Changes:

```
* resource/aws_api_gateway_rest_api: Ensure `api_key_source`, `binary_media_types`, `description`, `minimum_compression_size`, `name`, and `policy` configuration values are correctly applied as an override after OpenAPI specification import (`body` argument)
* resource/aws_api_gateway_rest_api: Allow `api_key_source`, `binary_media_types`, and `description` arguments to be omitted from configuration with OpenAPI specification import (`body` argument)
```

The overall testing changes are:

* Ensuring the basic test covers all attributes
* Refactoring the basic test into per-attribute testing
* Adding per-attribute tests to cover OpenAPI specificiations (`body` argument) being set without Terraform configurations -- these should be allowed with Terraform showing a planned difference
* Adding per-attribute tests to cover OpenAPI specificiations (`body` argument) being set with Terraform configurations -- these should be allowed with the Terraform configuration value overriding the OpenAPI specification
* Removing extraneous API object `TestCheckFunc` (covered by `ImportStateVerify` testing)

It is worth mentioning that this does not cover the `disable_execute_api_endpoint` or `tags` attributes that can also be specified by OpenAPI since this change set is already very large. The `minimum_compression_size` attribute also needs an additional update to support OpenAPI-only configuration. Further updates can improve on this effort.

Before code updates, these new acceptance tests show how the Terraform configuration value would not be applied if an OpenAPI specification was imported:

```
=== CONT  TestAccAWSAPIGatewayRestApi_ApiKeySource_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:428: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'api_key_source' expected "AUTHORIZER", got "HEADER"

--- FAIL: TestAccAWSAPIGatewayRestApi_ApiKeySource_OverrideBody (8.82s)

=== CONT  TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:464: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 3/3 error: aws_api_gateway_rest_api.test: Attribute 'binary_media_types.0' expected "application/octet-stream", got "image/jpeg"

=== CONT  TestAccAWSAPIGatewayRestApi_Description_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:527: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'description' expected "tfdescription1", got "oasdescription1"

--- FAIL: TestAccAWSAPIGatewayRestApi_Description_OverrideBody (9.60s)

=== CONT  TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:688: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'minimum_compression_size' expected "1", got "5242880"

--- FAIL: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_OverrideBody (8.41s)

=== CONT  TestAccAWSAPIGatewayRestApi_Name_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:528: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'name' expected "tf-acc-test-4252368909257291928", got "title1"

--- FAIL: TestAccAWSAPIGatewayRestApi_Name_OverrideBody (8.57s)

=== CONT  TestAccAWSAPIGatewayRestApi_Policy_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:593: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 4/4 error: aws_api_gateway_rest_api.test: Attribute 'policy' didn't match "\"Allow\"", got ""

--- FAIL: TestAccAWSAPIGatewayRestApi_Policy_OverrideBody (9.37s)
```

Before code updates, these acceptance tests show how the Terraform resource would report an unexpected difference for missing configurations that were imported by the OpenAPI specification:

```
=== CONT  TestAccAWSAPIGatewayRestApi_ApiKeySource_SetByBody
    resource_aws_api_gateway_rest_api_test.go:471: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
              ~ api_key_source               = "AUTHORIZER" -> "HEADER"
                id                           = "5ja4mnzxta"
                name                         = "tf-acc-test-4415455482847955650"
                # (8 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.
--- FAIL: TestAccAWSAPIGatewayRestApi_ApiKeySource_SetByBody (20.65s)

=== CONT  TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_SetByBody
    resource_aws_api_gateway_rest_api_test.go:510: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
              ~ binary_media_types           = [
                  - "application/octet-stream",
                ]
                id                           = "7we4bv4s8b"
                name                         = "tf-acc-test-2053199682951305540"
                # (8 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.

=== CONT  TestAccAWSAPIGatewayRestApi_Description_SetByBody
    resource_aws_api_gateway_rest_api_test.go:570: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
              - description                  = "oasdescription1" -> null
                id                           = "3k0fykhp76"
                name                         = "tf-acc-test-2107985362088533117"
                # (8 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.
--- FAIL: TestAccAWSAPIGatewayRestApi_Description_SetByBody (10.02s)

=== CONT  TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_SetByBody
    resource_aws_api_gateway_rest_api_test.go:731: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
                id                           = "bcmvzz0jfi"
              ~ minimum_compression_size     = 1048576 -> -1
                name                         = "tf-acc-test-2006611344091675720"
                # (7 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.
--- FAIL: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_SetByBody (10.99s)
```

Additionally these new acceptance tests show how the Terraform resource already respected missing configurations that were imported by the OpenAPI specification:

```
--- PASS: TestAccAWSAPIGatewayRestApi_Policy_SetByBody (15.03s)
```

Output from acceptance testing:

```
--- PASS: TestAccAWSAPIGatewayRestApi_ApiKeySource (28.57s)
--- PASS: TestAccAWSAPIGatewayRestApi_ApiKeySource_OverrideBody (52.53s)
--- PASS: TestAccAWSAPIGatewayRestApi_ApiKeySource_SetByBody (25.48s)
--- PASS: TestAccAWSAPIGatewayRestApi_basic (23.16s)
--- PASS: TestAccAWSAPIGatewayRestApi_BinaryMediaTypes (80.33s)
--- PASS: TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_OverrideBody (34.45s)
--- PASS: TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_SetByBody (24.16s)
--- PASS: TestAccAWSAPIGatewayRestApi_Body (26.69s)
--- PASS: TestAccAWSAPIGatewayRestApi_Description (765.29s)
--- PASS: TestAccAWSAPIGatewayRestApi_Description_OverrideBody (32.87s)
--- PASS: TestAccAWSAPIGatewayRestApi_Description_SetByBody (51.31s)
--- PASS: TestAccAWSAPIGatewayRestApi_DisableExecuteApiEndpoint (30.21s)
--- PASS: TestAccAWSAPIGatewayRestApi_disappears (38.64s)
--- PASS: TestAccAWSAPIGatewayRestApi_EndpointConfiguration (58.23s)
--- PASS: TestAccAWSAPIGatewayRestApi_EndpointConfiguration_Private (15.02s)
--- PASS: TestAccAWSAPIGatewayRestApi_EndpointConfiguration_VPCEndpoint (305.78s)
--- PASS: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize (42.89s)
--- PASS: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_OverrideBody (35.97s)
--- PASS: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_SetByBody (106.39s)
--- PASS: TestAccAWSAPIGatewayRestApi_Name_OverrideBody (86.16s)
--- PASS: TestAccAWSAPIGatewayRestApi_Parameters (39.90s)
--- PASS: TestAccAWSAPIGatewayRestApi_Policy (683.47s)
--- PASS: TestAccAWSAPIGatewayRestApi_Policy_OverrideBody (905.68s)
--- PASS: TestAccAWSAPIGatewayRestApi_Policy_SetByBody (28.12s)
--- PASS: TestAccAWSAPIGatewayRestApi_tags (32.94s)
```
@bflad bflad mentioned this issue Jan 14, 2021
Merged
bflad added a commit that referenced this issue Jan 20, 2021
@bflad @jamesrwarren @YakDriver
resource/aws_api_gateway_rest_api: Additional OpenAPI specification a…
61dfaa9 
…cceptance testing and fix various attributes after import (#17099)

* fix bug with rest api openapi removing policy

* resource/aws_api_gateway_rest_api: Additional OpenAPI specification acceptance testing and fix various attributes after import

Reference: #5364
Reference: #7161
Reference: #9722
Reference: #10766
Reference: #12432
Reference: #13841
Reference: #14290
Reference: #14660

Changes:

```
* resource/aws_api_gateway_rest_api: Ensure `api_key_source`, `binary_media_types`, `description`, `minimum_compression_size`, `name`, and `policy` configuration values are correctly applied as an override after OpenAPI specification import (`body` argument)
* resource/aws_api_gateway_rest_api: Allow `api_key_source`, `binary_media_types`, and `description` arguments to be omitted from configuration with OpenAPI specification import (`body` argument)
```

The overall testing changes are:

* Ensuring the basic test covers all attributes
* Refactoring the basic test into per-attribute testing
* Adding per-attribute tests to cover OpenAPI specificiations (`body` argument) being set without Terraform configurations -- these should be allowed with Terraform showing a planned difference
* Adding per-attribute tests to cover OpenAPI specificiations (`body` argument) being set with Terraform configurations -- these should be allowed with the Terraform configuration value overriding the OpenAPI specification
* Removing extraneous API object `TestCheckFunc` (covered by `ImportStateVerify` testing)

It is worth mentioning that this does not cover the `disable_execute_api_endpoint` or `tags` attributes that can also be specified by OpenAPI since this change set is already very large. The `minimum_compression_size` attribute also needs an additional update to support OpenAPI-only configuration. Further updates can improve on this effort.

Before code updates, these new acceptance tests show how the Terraform configuration value would not be applied if an OpenAPI specification was imported:

```
=== CONT  TestAccAWSAPIGatewayRestApi_ApiKeySource_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:428: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'api_key_source' expected "AUTHORIZER", got "HEADER"

--- FAIL: TestAccAWSAPIGatewayRestApi_ApiKeySource_OverrideBody (8.82s)

=== CONT  TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:464: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 3/3 error: aws_api_gateway_rest_api.test: Attribute 'binary_media_types.0' expected "application/octet-stream", got "image/jpeg"

=== CONT  TestAccAWSAPIGatewayRestApi_Description_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:527: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'description' expected "tfdescription1", got "oasdescription1"

--- FAIL: TestAccAWSAPIGatewayRestApi_Description_OverrideBody (9.60s)

=== CONT  TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:688: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'minimum_compression_size' expected "1", got "5242880"

--- FAIL: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_OverrideBody (8.41s)

=== CONT  TestAccAWSAPIGatewayRestApi_Name_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:528: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 2/2 error: aws_api_gateway_rest_api.test: Attribute 'name' expected "tf-acc-test-4252368909257291928", got "title1"

--- FAIL: TestAccAWSAPIGatewayRestApi_Name_OverrideBody (8.57s)

=== CONT  TestAccAWSAPIGatewayRestApi_Policy_OverrideBody
    resource_aws_api_gateway_rest_api_test.go:593: Step 1/4 error: Check failed: 1 error occurred:
        	* Check 4/4 error: aws_api_gateway_rest_api.test: Attribute 'policy' didn't match "\"Allow\"", got ""

--- FAIL: TestAccAWSAPIGatewayRestApi_Policy_OverrideBody (9.37s)
```

Before code updates, these acceptance tests show how the Terraform resource would report an unexpected difference for missing configurations that were imported by the OpenAPI specification:

```
=== CONT  TestAccAWSAPIGatewayRestApi_ApiKeySource_SetByBody
    resource_aws_api_gateway_rest_api_test.go:471: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
              ~ api_key_source               = "AUTHORIZER" -> "HEADER"
                id                           = "5ja4mnzxta"
                name                         = "tf-acc-test-4415455482847955650"
                # (8 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.
--- FAIL: TestAccAWSAPIGatewayRestApi_ApiKeySource_SetByBody (20.65s)

=== CONT  TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_SetByBody
    resource_aws_api_gateway_rest_api_test.go:510: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
              ~ binary_media_types           = [
                  - "application/octet-stream",
                ]
                id                           = "7we4bv4s8b"
                name                         = "tf-acc-test-2053199682951305540"
                # (8 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.

=== CONT  TestAccAWSAPIGatewayRestApi_Description_SetByBody
    resource_aws_api_gateway_rest_api_test.go:570: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
              - description                  = "oasdescription1" -> null
                id                           = "3k0fykhp76"
                name                         = "tf-acc-test-2107985362088533117"
                # (8 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.
--- FAIL: TestAccAWSAPIGatewayRestApi_Description_SetByBody (10.02s)

=== CONT  TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_SetByBody
    resource_aws_api_gateway_rest_api_test.go:731: Step 1/2 error: After applying this test step, the plan was not empty.
        stdout:

        An execution plan has been generated and is shown below.
        Resource actions are indicated with the following symbols:
          ~ update in-place

        Terraform will perform the following actions:

          # aws_api_gateway_rest_api.test will be updated in-place
          ~ resource "aws_api_gateway_rest_api" "test" {
                id                           = "bcmvzz0jfi"
              ~ minimum_compression_size     = 1048576 -> -1
                name                         = "tf-acc-test-2006611344091675720"
                # (7 unchanged attributes hidden)

                # (1 unchanged block hidden)
            }

        Plan: 0 to add, 1 to change, 0 to destroy.
--- FAIL: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_SetByBody (10.99s)
```

Additionally these new acceptance tests show how the Terraform resource already respected missing configurations that were imported by the OpenAPI specification:

```
--- PASS: TestAccAWSAPIGatewayRestApi_Policy_SetByBody (15.03s)
```

Output from acceptance testing:

```
--- PASS: TestAccAWSAPIGatewayRestApi_ApiKeySource (28.57s)
--- PASS: TestAccAWSAPIGatewayRestApi_ApiKeySource_OverrideBody (52.53s)
--- PASS: TestAccAWSAPIGatewayRestApi_ApiKeySource_SetByBody (25.48s)
--- PASS: TestAccAWSAPIGatewayRestApi_basic (23.16s)
--- PASS: TestAccAWSAPIGatewayRestApi_BinaryMediaTypes (80.33s)
--- PASS: TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_OverrideBody (34.45s)
--- PASS: TestAccAWSAPIGatewayRestApi_BinaryMediaTypes_SetByBody (24.16s)
--- PASS: TestAccAWSAPIGatewayRestApi_Body (26.69s)
--- PASS: TestAccAWSAPIGatewayRestApi_Description (765.29s)
--- PASS: TestAccAWSAPIGatewayRestApi_Description_OverrideBody (32.87s)
--- PASS: TestAccAWSAPIGatewayRestApi_Description_SetByBody (51.31s)
--- PASS: TestAccAWSAPIGatewayRestApi_DisableExecuteApiEndpoint (30.21s)
--- PASS: TestAccAWSAPIGatewayRestApi_disappears (38.64s)
--- PASS: TestAccAWSAPIGatewayRestApi_EndpointConfiguration (58.23s)
--- PASS: TestAccAWSAPIGatewayRestApi_EndpointConfiguration_Private (15.02s)
--- PASS: TestAccAWSAPIGatewayRestApi_EndpointConfiguration_VPCEndpoint (305.78s)
--- PASS: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize (42.89s)
--- PASS: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_OverrideBody (35.97s)
--- PASS: TestAccAWSAPIGatewayRestApi_MinimumCompressionSize_SetByBody (106.39s)
--- PASS: TestAccAWSAPIGatewayRestApi_Name_OverrideBody (86.16s)
--- PASS: TestAccAWSAPIGatewayRestApi_Parameters (39.90s)
--- PASS: TestAccAWSAPIGatewayRestApi_Policy (683.47s)
--- PASS: TestAccAWSAPIGatewayRestApi_Policy_OverrideBody (905.68s)
--- PASS: TestAccAWSAPIGatewayRestApi_Policy_SetByBody (28.12s)
--- PASS: TestAccAWSAPIGatewayRestApi_tags (32.94s)
```

* tests/resource/aws_api_gateway_rest_api: terrafmt fixes

* tests/resource/aws_api_gateway_rest_api: Remove extraneous minimum_compression_size testing from basic test

* docs/resource/aws_api_gateway_rest_api: Fix misspell

* Apply suggestions from code review

Co-authored-by: Dirk Avery <[email protected]>

Co-authored-by: james.warren <[email protected]>
Co-authored-by: Dirk Avery <[email protected]>
@bflad
Copy link
Contributor

bflad commented Jan 21, 2021

Fixes for the aws_api_gateway_rest_api resource handling of api_key_source, binary_media_types, description, minimum_compression_size, name, and policy configuration values will now be correctly applied as an override after OpenAPI specification import (body argument) on resource creation and update. This will release with version 3.25.0 of the Terraform AWS Provider, likely tomorrow.

For further feature requests, documentation updates, or bug reports with this functionality after it is released and upgrading the provider, please create a new GitHub issue following the template for triage. Thanks!

@bflad bflad added this to the v3.25.0 milestone Jan 21, 2021
@ghost
Copy link
Author

ghost commented Jan 22, 2021

This has been released in version 3.25.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@ghost
Copy link
Author

ghost commented Feb 20, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked as resolved and limited conversation to collaborators Feb 20, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@bflad bflad

Labels
bug Addresses a defect in current functionality. service/apigateway Issues and PRs that pertain to the apigateway service. service/ec2 Issues and PRs that pertain to the ec2 service. service/sts Issues and PRs that pertain to the sts service.
Projects
None yet
Milestone
v3.25.0
1 participant
@bflad