Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for additional deployment_targets config for aws_cloudformation_stack_set_instance #26935

Closed
wants to merge 4 commits into from
Closed

Add support for additional deployment_targets config for aws_cloudformation_stack_set_instance #26935

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6f77eb4
adding additional deploymentargets config for stacksetinstance
Sep 22, 2022
026de83
remove incorrect default and add changelog
Sep 22, 2022
4dea464
update tests
Sep 22, 2022
10ea98d
updated and fixed AC tests
Sep 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/26935.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_cloudformation_stack_set_instance: Extend `deployment_targets` argument
```
42 changes: 38 additions & 4 deletions internal/service/cloudformation/stack_set_instance.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,17 +57,39 @@ func ResourceStackSetInstance() *schema.Resource {
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"organizational_unit_ids": {
Type: schema.TypeSet,
Optional: true,
MinItems: 1,
Type: schema.TypeSet,
Optional: true,
MinItems: 1,
ConflictsWith: []string{"account_id"},
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: validation.StringMatch(regexp.MustCompile(`^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`), ""),
},
},
"account_filter_type": {
Type: schema.TypeString,
Optional: true,
ConflictsWith: []string{"account_id"},
ValidateFunc: validation.StringInSlice(cloudformation.AccountFilterType_Values(), false),
},
"accounts": {
Type: schema.TypeSet,
Optional: true,
ConflictsWith: []string{"account_id"},
MinItems: 1,
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[0-9]{12}$`), ""),
},
},
"accounts_url": {
Type: schema.TypeString,
Optional: true,
ConflictsWith: []string{"account_id"},
ValidateFunc: validation.StringMatch(regexp.MustCompile(`(s3://|http(s?)://).+`), ""),
},
},
},
ConflictsWith: []string{"account_id"},
},
"operation_preferences": {
Type: schema.TypeList,
Expand Down Expand Up @@ -422,5 +444,17 @@ func expandDeploymentTargets(l []interface{}) *cloudformation.DeploymentTargets
dt.OrganizationalUnitIds = flex.ExpandStringSet(v)
}

if v, ok := tfMap["account_filter_type"].(string); ok && v != "" {
dt.AccountFilterType = aws.String(v)
}

if v, ok := tfMap["accounts"].(*schema.Set); ok && v.Len() > 0 {
dt.Accounts = flex.ExpandStringSet(v)
}

if v, ok := tfMap["accounts_url"].(string); ok && v != "" {
dt.AccountsUrl = aws.String(v)
}

return dt
}
19 changes: 7 additions & 12 deletions internal/service/cloudformation/stack_set_instance_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -247,18 +247,11 @@ func TestAccCloudFormationStackSetInstance_deploymentTargets(t *testing.T) {
testAccCheckStackSetInstanceExists(resourceName, &stackInstance),
resource.TestCheckResourceAttr(resourceName, "deployment_targets.#", "1"),
resource.TestCheckResourceAttr(resourceName, "deployment_targets.0.organizational_unit_ids.#", "1"),
resource.TestCheckResourceAttr(resourceName, "deployment_targets.0.account_filter_type", "INTERSECTION"),
resource.TestCheckResourceAttr(resourceName, "deployment_targets.0.accounts.#", "1"),
resource.TestCheckResourceAttr(resourceName, "deployment_targets.0.accounts_url", ""),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{
"retain_stack",
"deployment_targets",
"call_as",
},
},
{
Config: testAccStackSetInstanceConfig_serviceManaged(rName),
Check: resource.ComposeTestCheckFunc(
Expand Down Expand Up @@ -697,7 +690,9 @@ resource "aws_cloudformation_stack_set_instance" "test" {
depends_on = [aws_iam_role_policy.Administration, aws_iam_role_policy.Execution]

deployment_targets {
organizational_unit_ids = [data.aws_organizations_organization.test.roots[0].id]
organizational_unit_ids = [data.aws_organizations_organization.test.roots[0].id]
account_filter_type = "INTERSECTION"
accounts = [data.aws_organizations_organization.test.non_master_accounts[0].id]
}

stack_set_name = aws_cloudformation_stack_set.test.name
Expand Down Expand Up @@ -726,7 +721,7 @@ resource "aws_cloudformation_stack_set_instance" "test" {
}

deployment_targets {
organizational_unit_ids = [data.aws_organizations_organization.test.roots[0].id]
organizational_unit_ids = [data.aws_organizations_organization.test.roots[0].id]
}

stack_set_name = aws_cloudformation_stack_set.test.name
Expand Down
7 changes: 5 additions & 2 deletions website/docs/r/cloudformation_stack_set_instance.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ The following arguments are supported:

* `stack_set_name` - (Required) Name of the StackSet.
* `account_id` - (Optional) Target AWS Account ID to create a Stack based on the StackSet. Defaults to current account.
* `deployment_targets` - (Optional) The AWS Organizations accounts to which StackSets deploys. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See [deployment_targets](#deployment_targets-argument-reference) below.
* `deployment_targets` - (Optional) Key-value map of input parameters to specify deployment targets across AWS Organizational Units and Accounts with filters where required. StackSets doesn't deploy stack instances to the organization management account, even if the organization management account is in your organization or in an OU in your organization. Drift detection is not possible for this argument. See [deployment_targets](#deployment_targets-argument-reference) below.
* `parameter_overrides` - (Optional) Key-value map of input parameters to override from the StackSet for this Instance.
* `region` - (Optional) Target AWS Region to create a Stack based on the StackSet. Defaults to current region.
* `retain_stack` - (Optional) During Terraform resource destroy, remove Instance from StackSet while keeping the Stack and its associated resources. Must be enabled in Terraform state _before_ destroy operation to take effect. You cannot reassociate a retained Stack or add an existing, saved Stack to a new StackSet. Defaults to `false`.
Expand All @@ -96,7 +96,10 @@ The following arguments are supported:

The `deployment_targets` configuration block supports the following arguments:

*`organizational_unit_ids` - (Optional) The organization root ID or organizational unit (OU) IDs to which StackSets deploys.
*`organizational_unit_ids` - (Optional) The organization root ID or organizational unit (OU) IDs to which StackSets deploys. Providing only this parameter will deploy the stackset to all accounts specified in this Organizational Unit.
*`account_filter_type` - (Optional) The filter type to be used to filter accounts within the specified organizational unit (OU). Valid values: `INTERSECTION`, `DIFFERENCE`, `UNION`, `NONE`.
*`accounts` - (Optional) The list of accounts to deploy the StackSet in.
*`accounts_url` - (Optional) Returns the value of the AccountsUrl property..

### `operation_preferences` Argument Reference

Expand Down