From 80a721e93b9486a67131b9430740d07f9907cb66 Mon Sep 17 00:00:00 2001 From: "Luis M. Gallardo D" Date: Fri, 16 Jul 2021 10:56:16 -0300 Subject: [PATCH 1/2] Add multiple copy_action support --- CHANGELOG.md | 7 ++++++- README.md | 14 ++++++++------ examples/complete_plan/main.tf | 21 +++++++++++++++------ examples/complete_plan/variables.tf | 2 +- examples/selection_by_tags/main.tf | 2 +- examples/selection_by_tags/variables.tf | 2 +- main.tf | 5 ++--- 7 files changed, 34 insertions(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5525b90..0a397f3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.12.0 (July 16, 2021) + +ENHANCEMENTS: + +* Add multiple `copy_action` support (thanks @unni-kr) + ## 0.11.6 (May 13, 2021) FIXES: @@ -31,7 +37,6 @@ ENHANCEMENTS: * Add .gitignore file * Update README - ## 0.11.2 (April 10, 2021) FIXES: diff --git a/README.md b/README.md index ccad843..b6635c9 100644 --- a/README.md +++ b/README.md @@ -45,13 +45,15 @@ module "aws_backup_example" { cold_storage_after = 0 delete_after = 30 }, - copy_action = { - lifecycle = { - cold_storage_after = 0 - delete_after = 90 + copy_actions = [ + { + lifecycle = { + cold_storage_after = 0 + delete_after = 90 + }, + destination_vault_arn = "arn:aws:backup:us-west-2:123456789101:backup-vault:Default" }, - destination_vault_arn = "arn:aws:backup:us-west-2:123456789101:backup-vault:Default" - } + ] recovery_point_tags = { Environment = "production" } diff --git a/examples/complete_plan/main.tf b/examples/complete_plan/main.tf index 7a6c2a0..6947ff0 100644 --- a/examples/complete_plan/main.tf +++ b/examples/complete_plan/main.tf @@ -33,13 +33,22 @@ module "aws_backup_example" { cold_storage_after = 0 delete_after = 30 }, - copy_action = { - lifecycle = { - cold_storage_after = 0 - delete_after = 90 + copy_actions = [ + { + lifecycle = { + cold_storage_after = 0 + delete_after = 90 + }, + destination_vault_arn = "arn:aws:backup:us-west-2:123456789101:backup-vault:Default" }, - destination_vault_arn = "arn:aws:backup:us-west-2:123456789101:backup-vault:Default" - } + { + lifecycle = { + cold_storage_after = 0 + delete_after = 90 + }, + destination_vault_arn = "arn:aws:backup:us-east-2:123456789101:backup-vault:Default" + }, + ] recovery_point_tags = { Environment = "production" } diff --git a/examples/complete_plan/variables.tf b/examples/complete_plan/variables.tf index ff4005d..c7b7aed 100644 --- a/examples/complete_plan/variables.tf +++ b/examples/complete_plan/variables.tf @@ -1,4 +1,4 @@ variable "env" { - type = map + type = map(any) default = {} } diff --git a/examples/selection_by_tags/main.tf b/examples/selection_by_tags/main.tf index 1ec49dc..26add3d 100644 --- a/examples/selection_by_tags/main.tf +++ b/examples/selection_by_tags/main.tf @@ -31,7 +31,7 @@ module "aws_backup_example" { start_window = 120 completion_window = 360 lifecycle = {} - copy_action = {} + copy_actions = [] recovery_point_tags = {} }, ] diff --git a/examples/selection_by_tags/variables.tf b/examples/selection_by_tags/variables.tf index ff4005d..c7b7aed 100644 --- a/examples/selection_by_tags/variables.tf +++ b/examples/selection_by_tags/variables.tf @@ -1,4 +1,4 @@ variable "env" { - type = map + type = map(any) default = {} } diff --git a/main.tf b/main.tf index 22063b0..4874a7c 100644 --- a/main.tf +++ b/main.tf @@ -25,7 +25,7 @@ resource "aws_backup_plan" "ab_plan" { # Lifecycle dynamic "lifecycle" { - for_each = length(lookup(rule.value, "lifecycle")) == 0 ? [] : [lookup(rule.value, "lifecycle", {})] + for_each = length(lookup(rule.value, "lifecycle", {})) == 0 ? [] : [lookup(rule.value, "lifecycle", {})] content { cold_storage_after = lookup(lifecycle.value, "cold_storage_after", 0) delete_after = lookup(lifecycle.value, "delete_after", 90) @@ -34,7 +34,7 @@ resource "aws_backup_plan" "ab_plan" { # Copy action dynamic "copy_action" { - for_each = length(lookup(rule.value, "copy_action", {})) == 0 ? [] : [lookup(rule.value, "copy_action", {})] + for_each = lookup(rule.value, "copy_actions", []) content { destination_vault_arn = lookup(copy_action.value, "destination_vault_arn", null) @@ -48,7 +48,6 @@ resource "aws_backup_plan" "ab_plan" { } } } - } } From 63e82454dd597d2013ee1f7891f1890896b67723 Mon Sep 17 00:00:00 2001 From: "Luis M. Gallardo D" Date: Fri, 16 Jul 2021 11:17:20 -0300 Subject: [PATCH 2/2] Add Error creating Backup Vault know issue in README --- CHANGELOG.md | 1 + README.md | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0a397f3..6a5580b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ENHANCEMENTS: * Add multiple `copy_action` support (thanks @unni-kr) +* Add "Error creating Backup Vault" know issue in README ## 0.11.6 (May 13, 2021) diff --git a/README.md b/README.md index b6635c9..230d71f 100644 --- a/README.md +++ b/README.md @@ -177,3 +177,15 @@ No modules. | [vault\_arn](#output\_vault\_arn) | The ARN of the vault | | [vault\_id](#output\_vault\_id) | The name of the vault | + +## Know Issue: + +### error creating Backup Vault + +In case you get an error message similar to this one: + +``` +error creating Backup Vault (): AccessDeniedException: status code: 403, request id: 8e7e577e-5b74-4d4d-95d0-bf63e0b2cc2e, +``` + +Add the [required IAM permissions mentioned in the CreateBackupVault row](https://docs.aws.amazon.com/aws-backup/latest/devguide/access-control.html#backup-api-permissions-ref) to the role or user creating the Vault (the one running Terraform CLI). In particular make sure `kms` and `backup-storage` permissions are added.