resource/aws_emr_cluster: Add Kerberos support #3553
Conversation
bflad
added
enhancement
|
If you can give me a test build which includes this code change, I can run a test which supplies the same parameters as the cluster I successfully created via cli and got working with with AD server. |
|
This was (manually) verified in an environment with Active Directory and the relevant AD attributes. |
aws/resource_aws_emr_cluster.go
Outdated
| @@ -532,6 +576,10 @@ func resourceAwsEMRClusterRead(d *schema.ResourceData, meta interface{}) error { | |||
| log.Printf("[ERR] Error setting EMR Ec2 Attributes: %s", err) | |||
| } | |||
|
|
|||
| if err := d.Set("kerberos_attributes", flattenEmrKerberosAttributes(d, cluster.KerberosAttributes)); err != nil { | |||
| log.Printf("[ERR] Error setting EMR Kerberos Attributes: %s", err) | |||
There was a problem hiding this comment.
I know the other ifs aren't doing it, but it feels weird to me that this doesn't result in an error returning out of the read?
|
This has been released in version 1.11.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
|
Is there a nice way to handle static passwords like these in terraform? The KDC admin password can't really be changed after the fact so it seems pointless to keep it in the state file (that's what happens right now), and makes me pretty uncomfortable to see it sitting there. Would be nice to be able to tag values as "ephemeral" somehow. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Closes #3477
This will require a lot more time to setup a proper Active Directory acceptance test.