feat: add ResolverQueryLogConfigAssociation resource#68
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: michaelhtm The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/test all |
|
/label release/minor |
ack-prow
Bot
added
the
release/minor
| terminal_codes: | ||
| - InvalidParameterException | ||
| - InvalidRequestException | ||
| - AccessDeniedException |
There was a problem hiding this comment.
Should AccessDenied be a terminal error?
| references: | ||
| resource: ResolverQueryLogConfig | ||
| path: Status.ID | ||
| ResourceId: |
There was a problem hiding this comment.
From the API reference it sounds like this always a VPC. Can we add a resource reference here?
The ID of an Amazon VPC that you want this query logging configuration to log queries for.
| name: ID | ||
| ResolverQueryLogConfigId: | ||
| is_immutable: true | ||
| is_required: true |
There was a problem hiding this comment.
nit: From the API Reference both this field and ResourceId are marked as required. Are these is_required configs needed?
| def get_account_id() -> str: | ||
| return boto3.client("sts").get_caller_identity()["Account"] | ||
|
|
||
|
|
||
| def get_region() -> str: | ||
| session = boto3.session.Session() | ||
| return session.region_name |
There was a problem hiding this comment.
nit: We already have helper functions for this is acktest.
https://github.com/aws-controllers-k8s/test-infra/blob/main/src/acktest/aws/identity.py
| region = get_region() | ||
| account_id = get_account_id() | ||
|
|
||
| config_id, bucket_name = create_query_log_config( |
There was a problem hiding this comment.
nit: an error between this and yielding to the test function will result in this resource being leaked.
michaelhtm
force-pushed
the
feat/add-resolver-query-log-config-association
branch
from
8008420 to
f254e83
Compare
Adds support for managing Route 53 Resolver Query Log Configs. Includes tag support via ListTagsForResource/TagResource/UntagResource hooks and custom update method (only tags are mutable). Resolves aws-controllers-k8s/community#2908
Adds support for associating a Resolver Query Log Config with a VPC. Uses AssociateResolverQueryLogConfig/DisassociateResolverQueryLogConfig operations with operation_type overrides. All Spec fields are immutable (no update API). Includes cross-resource reference to ResolverQueryLogConfig. Resolves aws-controllers-k8s/community#2908
michaelhtm
force-pushed
the
feat/add-resolver-query-log-config-association
branch
from
f254e83 to
8545703
Compare
|
@michaelhtm: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
2 participants
Description of changes:
Adds support for associating a Resolver Query Log Config with a VPC.
Uses AssociateResolverQueryLogConfig/DisassociateResolverQueryLogConfig
operations with operation_type overrides. All Spec fields are immutable
(no update API). Includes cross-resource reference to ResolverQueryLogConfig.
Resolves aws-controllers-k8s/community#2908
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.