Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

google_storage_transfer_job resource doesn't support ARN role #10844

Closed
tejavar opened this issue Jan 5, 2022 · 3 comments
Closed

google_storage_transfer_job resource doesn't support ARN role #10844

tejavar opened this issue Jan 5, 2022 · 3 comments
Labels
enhancement size/s
Milestone
Goals

Comments

@tejavar
Copy link

tejavar commented Jan 5, 2022
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment. If the issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If the issue is assigned to a user, that user is claiming responsibility for the issue. If the issue is assigned to "hashibot", a community member has claimed the issue already.

Description

We are trying to use google_storage_transfer_job, however currently this resource only supports the AWS Access Key & Secret Key. We are using STS using Vault's AWS secret engine and that provides a session token which is not supported by Google. However google does support ARN IAM roles both in the UI and the SDK but that is not available in the provider.

New or Affected Resource(s)

google_storage_transfer_job

Potential Terraform Configuration

aws_s3_data_source {
      bucket_name = var.aws_s3_bucket
      aws_access_key {
        access_key_id     = var.aws_access_key
        secret_access_key = var.aws_secret_key
      }
    }

References

Here is the terraform provider and the supported attributes...
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_transfer_job

The credential block is missing the option to set IAM ARN https://cloud.google.com/storage-transfer/docs/configure-access#amazon-s3

  • #0000

Reference - #6276
@rileykarson rileykarson added this to the Goals milestone Jan 10, 2022
@upodroid upodroid mentioned this issue Jan 11, 2022
Closed
@Jseph
Copy link

Jseph commented Jan 12, 2022

I have a pull request for this in progress.

@binamov
Copy link
Contributor

binamov commented Jan 21, 2022

This was fixed in GoogleCloudPlatform/magic-modules#5619

@c2thorn c2thorn closed this as completed Sep 13, 2022
@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 14, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement size/s
Projects
None yet
Milestone
Goals
Development

No branches or pull requests
5 participants
@binamov @rileykarson @Jseph @c2thorn @tejavar