r/aws_s3_bucket_server_side_encryption_configuration: Fix diffs once SSE-C is disabled by default#47359
Conversation
…ocked_encryption_types` to Optional and Computed, preventings diffs once SSE-C is disabled for all new general purpose buckets.
…ply_server_side_encryption_by_default.kms_master_key_id`, `rule.blocked_encryption_types`, and `rule.bucket_key_enabled` to Optional and Computed, preventings diffs once SSE-C is disabled for all new general purpose buckets.
Community GuidelinesThis comment is added to every new Pull Request to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀 Voting for Prioritization
Pull Request Authors
|
YakDriver
left a comment
There was a problem hiding this comment.
One comment but otherwise LGTM 🎉
| apiObject.BlockedEncryptionTypes = expandBlockedEncryptionTypes(v) | ||
| } | ||
|
|
||
| if v, ok := tfMap["bucket_key_enabled"].(bool); ok { |
There was a problem hiding this comment.
Not a huge fan of this since key's existence => will set, even if it's blank. Could mess with defaults. Would be more reliable but complex using d.GetRawConfig.
|
Warning This Issue has been closed, meaning that any additional comments are much easier for the maintainers to miss. Please assume that the maintainers will not see them. Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed. |
|
This functionality has been released in v6.40.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Rollback Plan
If a change needs to be reverted, we will publish an updated version of the library.
Changes to Security Controls
Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.
Description
Mark fields as Optional and Computed to prevent diffs once SSE-C is disabled by default for all new GP buckets.
Relations
Closes #47320.
Relates #35775.
Output from Acceptance Testing
us-west-2us-east-1Failure is in a generated test with an older version of the provider and is "expected".