search

terraform-aws-modules / terraform-aws-emr

Terraform module to create AWS EMR resources 🇺🇦
https://registry.terraform.io/modules/terraform-aws-modules/emr/aws
Apache License 2.0
23 stars 22 forks source link

EMR Studio -> Input service_role_s3_bucket_arns not working as expected #7

Closed JannatBawa closed 1 year ago

JannatBawa commented 1 year ago

Description

Please provide a clear and concise description of the issue you are encountering, and a reproduction of your configuration (see the examples/* directory for references that you can copy+paste and tailor to match your configs if you are unable to copy your exact configuration). The reproduction MUST be executable by running terraform init && terraform apply without any further changes.

If your request is for a new feature, please use the Feature request template.

⚠️ Note

Before you submit an issue, please perform the following first:

  1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
  2. Re-initialize the project root to pull down modules: terraform init
  3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

Reproduction Code [Required]

Steps to reproduce the behavior:

Expected behavior

As per my understanding if a user pass a s3 arn in service_role_s3_bucket_arns input then the EMR studio should be able to read/write on that particular bucker only.

Actual behavior

But here even if you pass s3 arun in service_role_s3_bucket_arns then also its taking all the buckets and the probable reason for the issue is below code.

https://github.com/terraform-aws-modules/terraform-aws-emr/blob/d987b8d45038f8424896aa68e632f7570a19bdc0/modules/studio/main.tf#L293

This has to be coalescelist( ["var.service_role_s3_bucket_arns"], ["arn:aws:s3:::*"])

Terminal Output Screenshot(s)

Additional context

bryantbiggs commented 1 year ago

correct - it should we reversed. please feel free to open a PR to correct

antonbabenko commented 1 year ago

This issue has been resolved in version 1.1.1 :tada:

github-actions[bot] commented 1 year ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.