Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement]: Add resource_tag_logical_operator argument to aws_fms_policy #41273

Open
komal-SkyNET opened this issue Feb 6, 2025 · 2 comments
Open

[Enhancement]: Add resource_tag_logical_operator argument to aws_fms_policy #41273

komal-SkyNET opened this issue Feb 6, 2025 · 2 comments
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/fms Issues and PRs that pertain to the fms service.

Comments

@komal-SkyNET
Copy link

Terraform Core Version

1.7.4

AWS Provider Version

5.52.0

Affected Resource(s)

  • aws_fms_policy

Expected Behavior

aws_fms_policy resource display changes to ResourceTagLogicalOperator attribute of the resource in the plan/apply output.

Actual Behavior

aws_fms_policy resource changes the state of ResourceTagLogicalOperator - but this change does not appear in the plan/apply output. As a consequence, the default value for this attribute is assumed and the value is set to AND by AWS. This changes the state of the underlying object. In my case, the operator was set to OR via the AWS console but aws terraform provider modified this but did not show up in the plan output.

Relevant Error/Panic Output Snippet

No error. The plan simply doesn't show this diff/change in the plan output.

Terraform Configuration Files

N/A

Steps to Reproduce

  1. Create any policy using aws_fms_policy with resource target scope set to target resource tags
  2. Modify the policy tag scope via console and set it the logical operator to OR
Image 3. Re-run terraform with some other changes - the plan will show no drift/output related to [ResourceTagLogicalOperator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html#cfn-fms-policy-resourcetaglogicaloperator) attribute of the resource in the plan/apply output. 4. You will now see that the [ResourceTagLogicalOperator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html#cfn-fms-policy-resourcetaglogicaloperator) attribute of the resource in the plan/apply output has flipped from OR -> AND as AND is the default value set by AWS when API call has passed an empty value for this attribute.

Image

Debug Output

N/A

Panic Output

N/A

Important Factoids

N/A

References

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-policy.html#cfn-fms-policy-resourcetaglogicaloperator

Would you like to implement a fix?

Yes
@komal-SkyNET komal-SkyNET added the bug Addresses a defect in current functionality. label Feb 6, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 6, 2025

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@github-actions github-actions bot added service/fms Issues and PRs that pertain to the fms service. needs-triage Waiting for first response or review from a maintainer. labels Feb 6, 2025
@justinretzolk
Copy link
Member

Hey @komal-SkyNET 👋 Thank you for taking the time to raise this! it looks like this is a case where the aws_fms_policy resource needs to be updated to include a new resource_tag_logical_operator argument to track the related argument in the upstream API. For changes such as this -- where new functionality is being added to an existing resource -- we consider this to be an enhancement rather than a bug. With that in mind, I'm going to update the issue slightly. No further action is needed from you at this point, I just like to let people know before I make these kinds of modifications.

@justinretzolk justinretzolk changed the title [Bug]: aws_fms_policy creates a state change in ResourceTagLogicalOperator attribute but shows no diff [Enhancement]: Add resource_tag_logical_operator argument to aws_fms_policy Feb 11, 2025
@justinretzolk justinretzolk added enhancement Requests to existing resources that expand the functionality or scope. and removed bug Addresses a defect in current functionality. needs-triage Waiting for first response or review from a maintainer. labels Feb 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/fms Issues and PRs that pertain to the fms service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@komal-SkyNET @justinretzolk