Open silvestriluca opened 11 months ago
Voting for Prioritization
Volunteering to Work on This Issue
Hey @silvestriluca 👋 Thank you for taking the time to raise this! This resource uses the Permission_Values()
function from the AWS Go SDK to validate the permissions
and permissions_with_grant_options
arguments. It looks like the requisite changes to allow for this were made in AWS Go SDK version 1.44.301
, which has been pulled in to the AWS Provider already. Can you test with the most recent version of the provider (5.11.0
at time of writing) and see if the issue is now resolved?
Terraform Core Version
1.5.4
AWS Provider Version
5.10.0, 4.67.0
Affected Resource(s)
resource:
aws_lakeformation_permissions
Expected Behavior
I should be able to add the following
permissions
andpermissions_with_grant_option
to a given IAM Role.CREATE_LF_TAG
GRANT_WITH_LF_TAG_EXPRESSION
They have been introduced recently by AWS: https://docs.aws.amazon.com/lake-formation/latest/dg/managing-tags.html https://docs.aws.amazon.com/lake-formation/latest/APIReference/API_GrantPermissions.html
Actual Behavior
If I add
CREATE_LF_TAG
permission as I should be allowed by GrantPermissions API...Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
Steps to Reproduce
aws_lakeformation_permissions
resource with a CREATE_LF_TAGpermission
andpermissions_with_grant_option
You get the
Error: expected permissions.1 to be one of ...
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
https://docs.aws.amazon.com/lake-formation/latest/dg/managing-tags.html https://docs.aws.amazon.com/lake-formation/latest/APIReference/API_GrantPermissions.html
Would you like to implement a fix?
No