-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(networkfirewall): fixed import for networkfirewall resources #661
fix(networkfirewall): fixed import for networkfirewall resources #661
Conversation
cannot add breaking change to this PR :/ |
/test-examples="examples/networkfirewall/firewall.yaml" |
/test-examples="examples/networkfirewall/firewallpolicy-complex.yaml" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot for the thorough testing. Left couple of comments regarding external name configuration
@ulucinar any idea for the issue for import ? the only thing which helped was to switch the identifier - great to hear your feedback ;) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @haarchri,
Thank you for addressing these issues. I'm posting some review comments to discuss.
I will also investigate why the old configuration is broken and leave a comment in the discussion.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @haarchri,
After the root cause analysis, I'm leaving some more comments for us to discuss. If we do not switch to config.IdentifierFromProvider
, then we will also need to change the extractors in the newly introduced referencer configuration. Currently, those new referencer configurations are relying on the rule group being configured with config.IdentifierFromProvider
. We may use the common.PathARNExtractor
to extract the ARN of a rule group resource.
… and rulegroup and implemented more ref/selectors in firewallpolicy for embedded rulegroup Signed-off-by: Christopher Paul Haar <christopherpaul.haar@dkb.de>
… and rulegroup and implemented more ref/selectors in firewallpolicy for embedded rulegroup Signed-off-by: Christopher Paul Haar <christopherpaul.haar@dkb.de>
91f315c
to
244a032
Compare
@ulucinar we can remove the breaking-change label then |
/test-examples="examples/networkfirewall/firewallpolicy-complex.yaml" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @haarchri, lgtm.
Description of your changes
aws_networkfirewall_firewall_policy
aws_networkfirewall_rule_group
2)implement missing ref/selector for ruleGroup in
aws_networkfirewall_firewall_policy
3)add more complex example for
aws_networkfirewall_firewall_policy
andaws_networkfirewall_rule_group
Fixes #658
Fixes #657
I have:
make reviewable test
to ensure this PR is ready for review.How has this code been tested
updated
deletionPolicy: Orphan