Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor AWS Go SDK Enumeration Validations To Use Values Functions (AWSV001 linter) #14601

Open
bflad opened this issue Aug 12, 2020 · 1 comment
Labels
enhancement Requests to existing resources that expand the functionality or scope. linter Pertains to changes to or issues with the various linters. provider Pertains to the provider itself, rather than any interaction with AWS. technical-debt Addresses areas of the codebase that need refactoring or redesign.

Comments

@bflad
Copy link
Contributor

bflad commented Aug 12, 2020

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Previously, the AWS Go SDK received service API models with enumeration types and only created individual Go constants for all elements, e.g.

const (
  // EnvironmentTypeWindowsContainer is a EnvironmentType enum value
  EnvironmentTypeWindowsContainer = "WINDOWS_CONTAINER"


  // EnvironmentTypeLinuxContainer is a EnvironmentType enum value
  EnvironmentTypeLinuxContainer = "LINUX_CONTAINER"


  // EnvironmentTypeLinuxGpuContainer is a EnvironmentType enum value
  EnvironmentTypeLinuxGpuContainer = "LINUX_GPU_CONTAINER"


  // EnvironmentTypeArmContainer is a EnvironmentType enum value
  EnvironmentTypeArmContainer = "ARM_CONTAINER"


  // EnvironmentTypeWindowsServer2019Container is a EnvironmentType enum value
  EnvironmentTypeWindowsServer2019Container = "WINDOWS_SERVER_2019_CONTAINER"
)

In the Terraform AWS Provider codebase, we frequently implemented schema validation by manually listing out all the constants, e.g.

ValidateFunc: validation.StringInSlice([]string{
  codebuild.EnvironmentTypeLinuxContainer,
  codebuild.EnvironmentTypeLinuxGpuContainer,
  codebuild.EnvironmentTypeWindowsContainer,
  codebuild.EnvironmentTypeArmContainer,
}, false),

These upfront validations are valuable to operators over finding configuration errors when making the API requests, potentially very far into creating their infrastructure or otherwise causing unexpected changes/downtime. Given the consequences, we have found over time that many operators have come to expect us to support this upfront validation at the expense of maintaining them with a slight delay as AWS service APIs support additional values.

As of AWS Go SDK v1.34.3 (releasing later today), there is now the ability to call an enumeration-named function ({ENUM}_Values()), which returns the slice of all elements, e.g.

ValidateFunc: validation.StringInSlice(codebuild.EnvironmentType_Values(), false),

This will lower the maintenance burden of this validation, but at the slight human cost of making value additions over time less visible (we generally update the AWS Go SDK regularly, but providing an exact Terraform AWS Provider version that contains a new value will now require additional effort) and less tested (since we generally prefer even simple validation additions such as these to be acceptance tested in some form). The benefits seem to outweigh the tradeoffs though in this case.

We can create a linter check for this with a design of:

  • Find github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation.StringInSlice() call expressions
  • Report if first parameter is a string slice composite literal (NOTE: there will be plenty of false positives which don't provide API enumerations need to be ignored in this codebase and reported to AWS)

Affected File(s)

  • aws/data_source_aws_acm_certificate.go
  • aws/data_source_aws_availability_zones.go
  • aws/data_source_aws_ec2_instance_type_offering.go
  • aws/data_source_aws_ec2_instance_type_offerings.go
  • aws/data_source_aws_glue_script.go
  • aws/data_source_aws_iam_policy_document.go
  • aws/data_source_aws_instances.go
  • aws/data_source_aws_iot_endpoint.go
  • aws/data_source_aws_ram_resource_share.go
  • aws/data_source_aws_route53_resolver_rule.go
  • aws/data_source_aws_route53_resolver_rules.go
  • aws/data_source_aws_ssm_document.go
  • aws/data_source_aws_wafv2_ip_set.go
  • aws/data_source_aws_wafv2_regex_pattern_set.go
  • aws/data_source_aws_wafv2_rule_group.go
  • aws/data_source_aws_wafv2_web_acl.go
  • aws/resource_aws_accessanalyzer_analyzer.go
  • aws/resource_aws_acm_certificate.go
  • aws/resource_aws_acmpca_certificate_authority.go
  • aws/resource_aws_ami.go
  • aws/resource_aws_api_gateway_authorizer.go
  • aws/resource_aws_api_gateway_domain_name.go
  • aws/resource_aws_api_gateway_integration.go
  • aws/resource_aws_api_gateway_method_settings.go
  • aws/resource_aws_api_gateway_rest_api.go
  • aws/resource_aws_api_gateway_stage.go
  • aws/resource_aws_api_gateway_usage_plan.go
  • aws/resource_aws_apigatewayv2_api.go
  • aws/resource_aws_apigatewayv2_authorizer.go
  • aws/resource_aws_apigatewayv2_domain_name.go
  • aws/resource_aws_apigatewayv2_integration.go
  • aws/resource_aws_apigatewayv2_integration_response.go
  • aws/resource_aws_apigatewayv2_route.go
  • aws/resource_aws_apigatewayv2_stage.go
  • aws/resource_aws_appautoscaling_policy.go
  • aws/resource_aws_appmesh_mesh.go
  • aws/resource_aws_appmesh_route.go
  • aws/resource_aws_appmesh_virtual_node.go
  • aws/resource_aws_appmesh_virtual_router.go
  • aws/resource_aws_appsync_datasource.go
  • aws/resource_aws_appsync_function.go
  • aws/resource_aws_appsync_graphql_api.go
  • aws/resource_aws_appsync_resolver.go
  • aws/resource_aws_athena_database.go
  • aws/resource_aws_athena_workgroup.go
  • aws/resource_aws_autoscaling_policy.go
  • aws/resource_aws_backup_selection.go
  • aws/resource_aws_batch_compute_environment.go
  • aws/resource_aws_batch_job_definition.go
  • aws/resource_aws_batch_job_queue.go
  • aws/resource_aws_budgets_budget.go
  • aws/resource_aws_cloudformation_stack_set.go
  • aws/resource_aws_cloudfront_distribution.go
  • aws/resource_aws_cloudhsm2_cluster.go
  • aws/resource_aws_cloudtrail.go
  • aws/resource_aws_cloudwatch_event_permission.go
  • aws/resource_aws_cloudwatch_metric_alarm.go
  • aws/resource_aws_codebuild_project.go
  • aws/resource_aws_codebuild_source_credential.go
  • aws/resource_aws_codebuild_webhook.go
  • aws/resource_aws_codedeploy_app.go
  • aws/resource_aws_codedeploy_deployment_config.go
  • aws/resource_aws_codedeploy_deployment_group.go
  • aws/resource_aws_codepipeline.go
  • aws/resource_aws_codepipeline_webhook.go
  • aws/resource_aws_codestarnotifications_notification_rule.go
  • aws/resource_aws_cognito_identity_pool_roles_attachment.go
  • aws/resource_aws_cognito_identity_provider.go
  • aws/resource_aws_cognito_user_pool.go
  • aws/resource_aws_cognito_user_pool_client.go
  • aws/resource_aws_config_config_rule.go
  • aws/resource_aws_config_organization_custom_rule.go
  • aws/resource_aws_config_organization_managed_rule.go
  • aws/resource_aws_cur_report_definition.go
  • aws/resource_aws_customer_gateway.go
  • aws/resource_aws_datasync_location_smb.go
  • aws/resource_aws_datasync_task.go
  • aws/resource_aws_db_instance.go
  • aws/resource_aws_default_network_acl.go
  • aws/resource_aws_directory_service_directory.go
  • aws/resource_aws_dlm_lifecycle_policy.go
  • aws/resource_aws_dms_endpoint.go
  • aws/resource_aws_dms_event_subscription.go
  • aws/resource_aws_dms_replication_task.go
  • aws/resource_aws_docdb_cluster.go
  • aws/resource_aws_docdb_cluster_parameter_group.go
  • aws/resource_aws_dx_bgp_peer.go
  • aws/resource_aws_dx_hosted_private_virtual_interface.go
  • aws/resource_aws_dx_hosted_public_virtual_interface.go
  • aws/resource_aws_dx_hosted_transit_virtual_interface.go
  • aws/resource_aws_dx_private_virtual_interface.go
  • aws/resource_aws_dx_public_virtual_interface.go
  • aws/resource_aws_dx_transit_virtual_interface.go
  • aws/resource_aws_dynamodb_table.go
  • aws/resource_aws_ec2_availability_zone_group.go
  • aws/resource_aws_ec2_capacity_reservation.go
  • aws/resource_aws_ec2_client_vpn_endpoint.go
  • aws/resource_aws_ec2_fleet.go
  • aws/resource_aws_ec2_traffic_mirror_filter.go
  • aws/resource_aws_ec2_traffic_mirror_filter_rule.go
  • aws/resource_aws_ec2_transit_gateway.go
  • aws/resource_aws_ec2_transit_gateway_vpc_attachment.go
  • aws/resource_aws_ecr_repository.go
  • aws/resource_aws_ecs_capacity_provider.go
  • aws/resource_aws_ecs_cluster.go
  • aws/resource_aws_ecs_service.go
  • aws/resource_aws_ecs_task_definition.go
  • aws/resource_aws_efs_file_system.go
  • aws/resource_aws_eks_cluster.go
  • aws/resource_aws_eks_node_group.go
  • aws/resource_aws_elasticache_cluster.go
  • aws/resource_aws_elasticsearch_domain.go
  • aws/resource_aws_elb.go
  • aws/resource_aws_emr_cluster.go
  • aws/resource_aws_flow_log.go
  • aws/resource_aws_fsx_lustre_file_system.go
  • aws/resource_aws_fsx_windows_file_system.go
  • aws/resource_aws_gamelift_alias.go
  • aws/resource_aws_gamelift_build.go
  • aws/resource_aws_gamelift_fleet.go
  • aws/resource_aws_globalaccelerator_accelerator.go
  • aws/resource_aws_globalaccelerator_endpoint_group.go
  • aws/resource_aws_globalaccelerator_listener.go
  • aws/resource_aws_glue_classifier.go
  • aws/resource_aws_glue_connection.go
  • aws/resource_aws_glue_crawler.go
  • aws/resource_aws_glue_job.go
  • aws/resource_aws_glue_security_configuration.go
  • aws/resource_aws_glue_trigger.go
  • aws/resource_aws_guardduty_ipset.go
  • aws/resource_aws_guardduty_threatintelset.go
  • aws/resource_aws_iam_access_key.go
  • aws/resource_aws_iam_user_ssh_key.go
  • aws/resource_aws_instance.go
  • aws/resource_aws_iot_topic_rule.go
  • aws/resource_aws_kinesis_analytics_application.go
  • aws/resource_aws_kinesis_firehose_delivery_stream.go
  • aws/resource_aws_kinesis_stream.go
  • aws/resource_aws_kms_grant.go
  • aws/resource_aws_kms_key.go
  • aws/resource_aws_lambda_event_source_mapping.go
  • aws/resource_aws_lambda_function.go
  • aws/resource_aws_launch_template.go
  • aws/resource_aws_lb.go
  • aws/resource_aws_lb_listener.go
  • aws/resource_aws_lb_listener_rule.go
  • aws/resource_aws_lb_target_group.go
  • aws/resource_aws_licensemanager_license_configuration.go
  • aws/resource_aws_macie_s3_bucket_association.go
  • aws/resource_aws_media_convert_queue.go
  • aws/resource_aws_mq_broker.go
  • aws/resource_aws_mq_configuration.go
  • aws/resource_aws_msk_cluster.go
  • aws/resource_aws_neptune_cluster.go
  • aws/resource_aws_neptune_cluster_parameter_group.go
  • aws/resource_aws_neptune_parameter_group.go
  • aws/resource_aws_network_acl.go
  • aws/resource_aws_opsworks_application.go
  • aws/resource_aws_opsworks_instance.go
  • aws/resource_aws_opsworks_permission.go
  • aws/resource_aws_organizations_account.go
  • aws/resource_aws_organizations_organization.go
  • aws/resource_aws_organizations_policy.go
  • aws/resource_aws_pinpoint_app.go
  • aws/resource_aws_placement_group.go
  • aws/resource_aws_quicksight_group.go
  • aws/resource_aws_quicksight_user.go
  • aws/resource_aws_rds_cluster.go
  • aws/resource_aws_rds_cluster_endpoint.go
  • aws/resource_aws_rds_global_cluster.go
  • aws/resource_aws_resourcegroups_group.go
  • aws/resource_aws_route53_health_check.go
  • aws/resource_aws_route53_record.go
  • aws/resource_aws_route53_resolver_endpoint.go
  • aws/resource_aws_route53_resolver_rule.go
  • aws/resource_aws_s3_bucket.go
  • aws/resource_aws_s3_bucket_analytics_configuration.go
  • aws/resource_aws_s3_bucket_inventory.go
  • aws/resource_aws_s3_bucket_object.go
  • aws/resource_aws_sagemaker_notebook_instance.go
  • aws/resource_aws_security_group_rule.go
  • aws/resource_aws_service_discovery_service.go
  • aws/resource_aws_ses_event_destination.go
  • aws/resource_aws_ses_identity_notification_topic.go
  • aws/resource_aws_ses_receipt_filter.go
  • aws/resource_aws_sns_sms_preferences.go
  • aws/resource_aws_sns_topic_subscription.go
  • aws/resource_aws_spot_fleet_request.go
  • aws/resource_aws_spot_instance_request.go
  • aws/resource_aws_ssm_association.go
  • aws/resource_aws_ssm_document.go
  • aws/resource_aws_ssm_maintenance_window_target.go
  • aws/resource_aws_ssm_maintenance_window_task.go
  • aws/resource_aws_ssm_parameter.go
  • aws/resource_aws_storagegateway_gateway.go
  • aws/resource_aws_storagegateway_nfs_file_share.go
  • aws/resource_aws_storagegateway_smb_file_share.go
  • aws/resource_aws_transfer_server.go
  • aws/resource_aws_vpc.go
  • aws/resource_aws_vpc_endpoint.go
  • aws/resource_aws_waf_byte_match_set.go
  • aws/resource_aws_waf_ipset.go
  • aws/resource_aws_waf_web_acl.go
  • aws/resource_aws_waf_xss_match_set.go
  • aws/resource_aws_wafregional_web_acl.go
  • aws/resource_aws_wafregional_xss_match_set.go
  • aws/resource_aws_wafv2_ip_set.go
  • aws/resource_aws_wafv2_regex_pattern_set.go
  • aws/resource_aws_wafv2_rule_group.go
  • aws/resource_aws_wafv2_web_acl.go
  • aws/resource_aws_workspaces_workspace.go
  • aws/validators.go
  • aws/wafv2_helper.go

Definition of Done

  • Create awsproviderlint check
  • All reports of new awsproviderlint check either handled or comment ignored for cases where AWS API models do not have enumeration types

References

@bflad bflad added enhancement Requests to existing resources that expand the functionality or scope. technical-debt Addresses areas of the codebase that need refactoring or redesign. provider Pertains to the provider itself, rather than any interaction with AWS. labels Aug 12, 2020
bflad added a commit to bflad/tfproviderlint that referenced this issue Aug 14, 2020
bflad added a commit to bflad/tfproviderlint that referenced this issue Aug 14, 2020
@bflad bflad added this to the Roadmap milestone Aug 14, 2020
Avolynsk added a commit to Avolynsk/terraform-provider-aws that referenced this issue Aug 30, 2020
* Update CHANGELOG for #14650

* refactor: renaming CloudFormationTemplate to JsonOrYaml

* v3.2.0

* Cleanup after v3.2.0 release

* resource/aws_lb_ssl_negotiation_policy: Fix parsing of resource ID. (#14644)

* resource/aws_apigatewayv2_stage: Set 'execution_arn' attribute for HTTP APIs. (#14638)

* Update CHANGELOG for #14638

* Update module aws/aws-sdk-go to v1.34.4 (#14523)

Co-authored-by: Renovate Bot <bot@renovateapp.com>

* provider: Remove website and website-test Makefile targets (#14503)

Since the provider has been migrated to the Terraform Registry documentation, the provider website portions for terraform.io in the terraform-website repository will be removed soon. There is currently no replacement for fully emulating the whole provider documentation, but there is existing functionality for parts of this today. In the future, full emulation might be possible again but there are no timelines for that implementation.

* Link checking handled via GitHub Actions and `markdown-link-check` (see `.github/workflows/website.yml`)
* Terraform Registry documentation preview rendering (single source code page): https://registry.terraform.io/tools/doc-preview

At some point, we can also remove the legacy `website/aws.erb` side navigation file, however doing so will break open contributions modifying the file.

* docs/provider: Document requirement of Terraform CLI v0.12.26+ for acceptance tests. (#14659)

* resource/aws_dms_replication_instance: Add `allow_major_version_upgrade` argument (#14550)

* r/aws_dms_replication_instance: Support allow_major_version_upgrade attribute

* Stop setting AllowMajorVersionUpgrade

Co-authored-by: Brian Flad <bflad417@gmail.com>

* Optionally include allow_major_version_upgrade

Co-authored-by: Brian Flad <bflad417@gmail.com>

Co-authored-by: Brian Flad <bflad417@gmail.com>

* Update CHANGELOG for #14550

* Update module bflad/tfproviderlint to v0.18.0 (#14654)

* Update module bflad/tfproviderlint to v0.18.0

* deps: go mod tidy for github.com/bflad/tfproviderlint@v0.18.0

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Brian Flad <bflad417@gmail.com>

* expect config additional opts to be set in aws-sdk-go-base

* Update website/docs/index.html.markdown

Co-authored-by: Brian Flad <bflad417@gmail.com>

* update db cluster snapshot create with retry logic

* add forwarded_ip_config attribute to geo and rate_based statements

* docs/provider: Fix broken link in Contribution Checklist (#14466)

* Fix broken link in Contribution Checklist

* Actually fix the link.

* Documentation: Replace aws_ec2_instance_spot_price by aws_ec2_spot_price (#14680)

Co-authored-by: ktalhi <katia.talhi@alterway.fr>

* tests/provider: Update resource testing to 0.12 syntax (K Resources)

* Remove quoted deprecated syntax

* tests/provider: Update resource testing to 0.12 syntax (I Resources)

* AWS Lambda support for Java 8 (Corretto) and custom runtimes on Amazon Linux 2.

* tests/provider: Update resource testing to 0.12 syntax (IAM Resources)

* Simplify aws_lambda_function runtime acceptance tests.

* Update documentation references to latest Lambda Node.js runtime (nodejs12.x).

* Don't attempt to validate EOL runtimes.

* tests/provider: Update resource testing to 0.12 syntax (Q Resources)

* tests/provider: Update resource testing to 0.12 syntax (Ra/RD/Re Resources)

* add test for regex matching in typesets

* tests/provider: Update resource testing to 0.12 syntax (Ss-Sw Resources)

* tests/provider: Update resource testing to 0.12 syntax (W Resources)

* tests/provider: Update resource testing to 0.12 syntax (WAFReg Resources)

* tests/provider: Update resource testing to 0.12 syntax (Ro Resources)

* Update CHANGELOG for #12567

* tests/provider: Update resource testing to 0.12 syntax (S3/Sa Resources)

* tests/provider: Update resource testing to 0.12 syntax (Sec/Ser Resources)

* tests/provider: Update resource testing to 0.12 syntax (Ses Resources)

* Update CHANGELOG for #14663

* tests/provider: Update resource testing to 0.12 syntax (Si-Sq Resources)

* tests/provider: Update resource testing to 0.12 syntax (T Resources)

* Remove extra whitespace with HEREDOCs

* Add note on how to use aws_wafv2_web_acl_association with Cloudfront

The existing docs mention that this resource should only be used with an ALB or API Gateway, but doesn't mention how to get the association to work in Cloudfronts case. This PR ammends that.

* tests/provider: Update hardcoded AZs (lb)

* resource/aws_launch_template: add support for "spot-instances-request" and "elastic-gpu" tag spec (#14662)

* add support for more tagging types

* Update website/docs/r/launch_template.html.markdown

Co-authored-by: Kit Ewbank <Kit_Ewbank@hotmail.com>

Co-authored-by: Kit Ewbank <Kit_Ewbank@hotmail.com>

* Update CHANGELOG for #14662

* tests/provider: Update hardcoded AZs (VPC Endpoint)

* docs/provider: Remove mention of side navigation file in Contributing Guide (#14713)

Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/14712

The `website/aws.erb` file no longer has any effect and will be removed in the future.

* docs/provider: Re-add Release Process section to maintaining guide (#14652)

* infrastructure/repository: Sync recent new AWS service labels (#14641)

Reference: https://github.com/aws/aws-sdk-go/releases/tag/v1.34.4
Reference: https://github.com/aws/aws-sdk-go/releases/tag/v1.33.6
Reference: https://github.com/aws/aws-sdk-go/releases/tag/v1.32.9

* resource/aws_ssm_parameter: Handle data_type retries after creation for asynchronous validation process (#14514)

Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/14513

Previously (depending on relative distance and asynchronous validation timing of SSM API):

```
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
    TestAccAWSSSMParameter_DataType_AwsEc2Image: testing.go:684: Step 0 error: errors during apply:

        Error: error reading SSM Parameter (tf-acc-test-7552804317262985734) after creation: this can indicate that the provided parameter value could not be validated by SSM
```

Now consistently:

```console
$ TF_ACC=1 go test ./aws -v -count 10 -timeout 120m -parallel 20 -run='TestAccAWSSSMParameter_DataType_AwsEc2Image'
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (8.37s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (8.66s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (10.05s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (7.75s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (9.09s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (8.09s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (8.31s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (8.14s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (8.25s)
=== RUN   TestAccAWSSSMParameter_DataType_AwsEc2Image
=== PAUSE TestAccAWSSSMParameter_DataType_AwsEc2Image
=== CONT  TestAccAWSSSMParameter_DataType_AwsEc2Image
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (7.64s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	85.316s
```

Output from acceptance testing:

```
--- PASS: TestAccAWSSSMParameter_disappears (5.12s)
--- PASS: TestAccAWSSSMParameter_basic (7.31s)
--- PASS: TestAccAWSSSMParameter_secure (8.34s)
--- PASS: TestAccAWSSSMParameter_changeNameForcesNew (12.40s)
--- PASS: TestAccAWSSSMParameter_updateDescription (12.63s)
--- PASS: TestAccAWSSSMParameter_overwrite (13.83s)
--- PASS: TestAccAWSSSMParameter_DataType_AwsEc2Image (15.06s)
--- PASS: TestAccAWSSSMParameter_fullPath (17.87s)
--- PASS: TestAccAWSSSMParameter_Tier (18.01s)
--- PASS: TestAccAWSSSMParameter_secure_keyUpdate (19.02s)
--- PASS: TestAccAWSSSMParameter_secure_with_key (22.61s)
--- PASS: TestAccAWSSSMParameter_updateType (24.92s)
--- PASS: TestAccAWSSSMParameter_tags (38.88s)
```

* Update CHANGELOG for #14514

* Update module hashicorp/aws-sdk-go-base to v0.6.0

* use error method migrated to tfawserr package

* tests/provider: Update hardcoded AZs (Data subnet ids)

* Update CHANGELOG for #14555

* add webacl geo-match tests

* docs/resource/aws_s3_bucket_inventory: Clarify bucket argument (#14726)

Co-authored-by: ktalhi <katia.talhi@alterway.fr>

* resource/aws_eks_node_group: Support `AL2_ARM_64` value for `ami_type` argument plan-time validation (#14729)

Output from acceptance testing:

```
--- PASS: TestAccAWSEksNodeGroup_AmiType (1539.32s)
```

* Update CHANGELOG for #14729

* resource/aws_user_pool_domain: Remove from state when deleted + move waiters to their own package (#14732)

Output from acceptance testing:

```
--- PASS: TestAccAWSCognitoUserPoolDomain_disappears (15.35s)
--- PASS: TestAccAWSCognitoUserPoolDomain_basic (17.98s)
```

* Update CHANGELOG for #14732

* docs/provider: Remove legacy side navigation file (#14734)

Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/14712

* service/ec2: Support additional tag on create resources (#14501)

* vpc resource tags on create + align test with contrib guide

* customer gateway resource tags on create

* vpn connection resource tags on create

* vpn gateway resource tags on create

* spot instance request resource tags on create + test

* dhcp options resource tags on create

* route table resource tags on create + tags test

* security group resource tags on create + test

* vpc basic check for empty tags

* network acl resource tags on create + test

* route table empty tag test

* IGW resource tags on create + test

* Egress Only IGW resource tags on create + test

* vpc peering connection resource tags on create + test

* spot instance resource tags on create + test

* ENI resource tags on create + test

* subent tag on create + test

* subent tag on create + test

* use `testAccAvailableAZsNoOptInConfig()``

* docs for spot instance tags

* Update aws/resource_aws_subnet_test.go

Co-authored-by: Brian Flad <bflad417@gmail.com>

* Update website/docs/r/spot_instance_request.html.markdown

Co-authored-by: Brian Flad <bflad417@gmail.com>

Co-authored-by: Brian Flad <bflad417@gmail.com>

* Update CHANGELOG for #14501

* r/aws_rds_cluster_parameter_group and r/aws_db_parameter_group: Restore ability to change parameter values

References:
* https://github.com/terraform-providers/terraform-provider-aws/issues/11846
* https://github.com/terraform-providers/terraform-provider-aws/pull/11540

In #11540, support was added to the rds parameter group resources for
resetting parameter values to AWS defaults when parameters are removed
from config. A side-effect of these changes, however, was that
parameters which remain in the config but whose values have been changed
would also be reset to AWS defaults. This commit restores the ability
for parameter values to be updated in the config while retaining the
ability for parameters being removed from the config to be reset to AWS
defaults.

Output from acceptance testing:

```
make testacc TEST=./aws TESTARGS='-run=TestAccAWSDBClusterParameterGroup_'
...
--- PASS: TestAccAWSDBClusterParameterGroup_disappears (18.01s)
--- PASS: TestAccAWSDBClusterParameterGroup_namePrefix (23.28s)
--- PASS: TestAccAWSDBClusterParameterGroup_only (23.40s)
--- PASS: TestAccAWSDBClusterParameterGroup_generatedName (23.42s)
--- PASS: TestAccAWSDBClusterParameterGroup_generatedName_Parameter (23.77s)
--- PASS: TestAccAWSDBClusterParameterGroup_namePrefix_Parameter (23.79s)
--- PASS: TestAccAWSDBClusterParameterGroup_withApplyMethod (23.89s)
--- PASS: TestAccAWSDBClusterParameterGroup_basic (86.64s)
--- PASS: TestAccAWSDBClusterParameterGroup_updateParameters (24.48s)
```

```
make testacc TEST=./aws TESTARGS='-run=TestAccAWSDBParameterGroup_'
...
--- PASS: TestAccAWSDBParameterGroup_Disappears (18.18s)
--- PASS: TestAccAWSDBParameterGroup_generatedName (22.40s)
--- PASS: TestAccAWSDBParameterGroup_namePrefix (22.69s)
--- PASS: TestAccAWSDBParameterGroup_Only (23.40s)
--- PASS: TestAccAWSDBParameterGroup_MatchDefault (24.19s)
--- PASS: TestAccAWSDBParameterGroup_withApplyMethod (25.23s)
--- PASS: TestAccAWSDBParameterGroup_limit (45.08s)
--- PASS: TestAccAWSDBParameterGroup_basic (75.38s)
--- PASS: TestAccAWSDBParameterGroup_updateParameters (30.10s)
```

* Update CHANGELOG for #12112

* wafv2_web_acl_logging_configuration docs: inspect -> redact

The word `Redact` seemed to make it more clear than `inspect` in regards to what will actually happen with that field.

* Check for null regexp in 'testCheckTypeSetElemNestedAttrsInState'.

* resource/aws_eks_node_group: Add launch_template configuration block (#14639)

Reference: https://github.com/aws/aws-sdk-go/releases/tag/v1.34.4
Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/14523

Output from acceptance testing:

```
--- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1167.16s)
--- PASS: TestAccAWSEksNodeGroup_AmiType (1173.29s)
--- PASS: TestAccAWSEksNodeGroup_disappears (1179.53s)
--- PASS: TestAccAWSEksNodeGroup_basic (1204.59s)
--- PASS: TestAccAWSEksNodeGroup_DiskSize (1217.40s)
--- PASS: TestAccAWSEksNodeGroup_LaunchTemplate_Version (1217.81s)
--- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1218.04s)
--- PASS: TestAccAWSEksNodeGroup_Tags (1222.27s)
--- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1228.60s)
--- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1235.81s)
--- PASS: TestAccAWSEksNodeGroup_Labels (1288.05s)
--- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1293.11s)
--- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1322.00s)
--- PASS: TestAccAWSEksNodeGroup_LaunchTemplate_Id (1569.19s)
--- PASS: TestAccAWSEksNodeGroup_LaunchTemplate_Name (1632.97s)
--- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (3301.17s)
--- PASS: TestAccAWSEksNodeGroup_ForceUpdateVersion (3331.88s)
--- PASS: TestAccAWSEksNodeGroup_Version (3503.58s)
```

* Update CHANGELOG for #14639

* tests/provider: Update hardcoded AZs (Redshift)

* Update CHANGELOG for #14685

* docs/resource/aws_cloudtrail: Update CloudWatch Log group argument reference (#14751)

Co-authored-by: ktalhi <katia.talhi@alterway.fr>

* resource/aws_ec2_client_vpn_network_association: Support resource import and additional security groups (#14146)

Output from acceptance testing:

```
--- PASS: TestAccAwsEc2ClientVpn_serial (4.84s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/AuthorizationRule_basic (39.99s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/AuthorizationRule_disappears (36.20s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/AuthorizationRule_groups (76.62s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/AuthorizationRule_Subnets (56.20s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_basic (16.91s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_disappears (14.36s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_msAD (1700.14s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_mutualAuthAndMsAD (1842.62s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_splitTunnel (28.99s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_tags (41.65s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_withDNSServers (27.10s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Endpoint_withLogGroup (29.64s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_basic (552.68s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_disappears (538.30s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_securityGroups (570.08s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Route_basic (575.22s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Route_description (564.03s)
    --- PASS: TestAccAwsEc2ClientVpn_serial/Route_disappears (596.19s)
```

* Update CHANGELOG for #14146

* update to using AWS SDK defined values arrays

* resource/aws_api_gateway_vpc_link: Remove customizable timeout and increase previous hardcoded timeouts to 20 minutes

Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/10407/files#r463739571

Output from acceptance testing:

```
--- PASS: TestAccAWSAPIGatewayVpcLink_basic (696.12s)
--- PASS: TestAccAWSAPIGatewayVpcLink_tags (717.57s)
--- PASS: TestAccAWSAPIGatewayVpcLink_disappears (717.60s)
```

* Update CHANGELOG for #10407

* awsproviderlint: Add AWSV001 check, switch fmtsprintfcallexpr pass to upstream (#14681)

Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/14601
Reference: https://github.com/bflad/tfproviderlint/releases/tag/v0.17.0

* resource/aws_storagegatway_smb_file_share: Add audit_destination_arn and smb_acl_enabled arguments (#13572)

Output from acceptance testing:

```
--- PASS: TestAccAWSStorageGatewaySmbFileShare_KMSEncrypted (236.89s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_Authentication_GuestAccess (242.87s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_Tags (361.66s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_audit (370.31s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_ReadOnly (375.13s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_RequesterPays (400.47s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_ObjectACL (401.00s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_KMSKeyArn (408.98s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_DefaultStorageClass (409.85s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_GuessMIMETypeEnabled (419.67s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_Authentication_ActiveDirectory (828.73s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_InvalidUserList (872.04s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_smb_acl (898.73s)
--- PASS: TestAccAWSStorageGatewaySmbFileShare_ValidUserList (912.84s)
```

* Update CHANGELOG for #13572

* resource/aws_subnet: Fix removing ipv6 cidr block from subnet (#12303)

Output from acceptance testing:

```
--- PASS: TestAccAWSSubnet_disappears (24.88s)
--- PASS: TestAccAWSSubnet_basic (29.51s)
--- PASS: TestAccAWSSubnet_availabilityZoneId (31.44s)
--- PASS: TestAccAWSSubnet_ignoreTags (43.52s)
--- PASS: TestAccAWSSubnet_tags (60.81s)
--- PASS: TestAccAWSSubnet_enableIpv6 (61.10s)
--- PASS: TestAccAWSSubnet_ipv6 (63.05s)
```

* Update CHANGELOG for #12303

* resource/aws_storagegateway_nfs_file_share: Skip UpdateSMBFileShare API call when only tags change and remove extraneous ListTagsForResource API call during read (#13590)

* Update CHANGELOG for #13590

* v3.3.0

* Address review comments

* Add Security Hub custom action resource

* docs/resource/aws_cloudfront_distribution: Clarified arguments requirement for default_cache_behavior (#14760)

* docs/resource/aws_instance: Update volume_type default to gp2 (#14767)

Per https://aws.amazon.com/about-aws/whats-new/2019/07/ebs-default-volume-type-updated-to-gp2/ we are updating the default to the correct type

* tests/resource/aws_cloudtrail: fix testAccAWSCloudTrail_cloudwatch (#14762)

Output from acceptance testing:

```
--- PASS: TestAccAWSCloudTrail_serial (314.43s)
    --- PASS: TestAccAWSCloudTrail_serial/Trail (314.43s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/tags (38.95s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/eventSelector (71.74s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/cloudwatch (45.68s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/includeGlobalServiceEvents (15.43s)
        --- SKIP: TestAccAWSCloudTrail_serial/Trail/isOrganization (1.01s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/logValidation (26.69s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/basic (26.08s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/enableLogging (36.95s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/isMultiRegion (36.16s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/kmsKey (15.73s)
```

* Add 'ewbankkit' as maintainer of select services. (#14246)

* resource/aws_storagegateway_cached_iscsi_volume: Add kms_encrypted and kms_key arguments (#12066)

Output from acceptance testing:

```
--- PASS: TestAccAWSStorageGatewayCachedIscsiVolume_kms (179.65s)
--- PASS: TestAccAWSStorageGatewayCachedIscsiVolume_Tags (226.14s)
--- PASS: TestAccAWSStorageGatewayCachedIscsiVolume_SnapshotId (229.53s)
--- PASS: TestAccAWSStorageGatewayCachedIscsiVolume_basic (230.15s)
--- PASS: TestAccAWSStorageGatewayCachedIscsiVolume_disappears (287.92s)
```

* Update CHANGELOG for #12066

* resource/aws_storagegateway_gateway: Add `smb_security_strategy` argument (#13563)

Output from acceptance testing:

```
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_Cached (186.23s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_FileS3 (186.34s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_Vtl (199.67s)
--- PASS: TestAccAWSStorageGatewayGateway_disappears (201.12s)
--- PASS: TestAccAWSStorageGatewayGateway_SmbGuestPassword (207.36s)
--- PASS: TestAccAWSStorageGatewayGateway_CloudWatchLogs (208.89s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_Stored (214.16s)
--- PASS: TestAccAWSStorageGatewayGateway_SMBSecurityStrategy (227.07s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayTimezone (230.14s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayName (232.70s)
--- PASS: TestAccAWSStorageGatewayGateway_tags (254.53s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayVpcEndpoint (303.37s)
--- PASS: TestAccAWSStorageGatewayGateway_SmbActiveDirectorySettings (793.66s)
```

* Update CHANGELOG for #13563

* resource/aws_appmesh_virtual_node: Disallow empty 'backend' blocks. (#14074)

* Update CHANGELOG for #14074

* update iam related tests with formatting change and regex to catch trailing resources

* resource/aws_storagegateway_nfs_file_share: Add cache_attributes configuration block and support S3 Intelligent Tiering (#14759)

Output from acceptance testing:

```
--- PASS: TestAccAWSStorageGatewayNfsFileShare_disappears (211.77s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_KMSEncrypted (223.93s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_basic (228.23s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_Squash (267.47s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_DefaultStorageClass (271.02s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_ReadOnly (271.44s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_tags (272.90s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_RequesterPays (286.51s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_GuessMIMETypeEnabled (288.90s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_ObjectACL (299.74s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_NFSFileShareDefaults (317.19s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_ClientList (329.73s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_cacheAttributes (334.51s)
--- PASS: TestAccAWSStorageGatewayNfsFileShare_KMSKeyArn (366.22s)
```

* Update CHANGELOG for #14759

* service/acmpca: Add activation of ACMPCA CA to acceptance tests (#13684)

* r/aws_acmpca_certificate_authority: Test CA activation.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsAcmpcaCertificateAuthority_Enabled'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 20 -run=TestAccAwsAcmpcaCertificateAuthority_Enabled -timeout 120m
=== RUN   TestAccAwsAcmpcaCertificateAuthority_Enabled
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_Enabled
=== CONT  TestAccAwsAcmpcaCertificateAuthority_Enabled
--- PASS: TestAccAwsAcmpcaCertificateAuthority_Enabled (69.95s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	69.989s

Add 'TestAccAwsAcmpcaCertificateAuthority_disappears'.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsAcmpcaCertificateAuthority_disappears'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws/ -v -count 1 -parallel 20 -run=TestAccAwsAcmpcaCertificateAuthority_disappears -timeout 120m
=== RUN   TestAccAwsAcmpcaCertificateAuthority_disappears
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_disappears
=== CONT  TestAccAwsAcmpcaCertificateAuthority_disappears
--- PASS: TestAccAwsAcmpcaCertificateAuthority_disappears (25.10s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	25.138s

* r/aws_acmpca_certificate_authority: Remove CAs with DELETED status.

* Update CHANGELOG for #13684

* CODEOWNERS- Add @drfaust92 as services maintainer (#14051)

* Update CODEOWNERS

* add docs

* update list of services to maintain

to include sageamker, glue, codeartifact and storagegateway

* provider: Alphabetize services in CODEOWNERS

Also ensures HashiCorp maintainers are still pinged on reviews for now.

* service/globalaccelerator: Support Client IP address preservation, increase default accelerator creation timeout, remove health_check_path default (#14486)

* Add client_ip_preservation_enabled to global accelerator

* commit test

* r/aws_globalaccelerator_endpoint_group: Use 'tfawsresource.TestCheckTypeSetElemNestedAttrs'.

* r/aws_globalaccelerator_endpoint: Increase deployment wait time (#14161).

* r/aws_globalaccelerator_endpoint_group: Make 'client_ip_preservation_enabled' computed.

* r/aws_globalaccelerator_endpoint_group: Delete security group created by Global Accelerator service in acceptance tests.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsGlobalAcceleratorEndpointGroup_ALB_ClientIP'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAwsGlobalAcceleratorEndpointGroup_ALB_ClientIP -timeout 120m
=== RUN   TestAccAwsGlobalAcceleratorEndpointGroup_ALB_ClientIP
=== PAUSE TestAccAwsGlobalAcceleratorEndpointGroup_ALB_ClientIP
=== CONT  TestAccAwsGlobalAcceleratorEndpointGroup_ALB_ClientIP
--- PASS: TestAccAwsGlobalAcceleratorEndpointGroup_ALB_ClientIP (650.27s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	650.320s

* r/aws_globalaccelerator_endpoint_group: Document 'client_ip_preservation_enabled'.

* r/aws_globalaccelerator_endpoint_group: Add 'TestAccAwsGlobalAcceleratorEndpointGroup_InstanceEndpoint'.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsGlobalAcceleratorEndpointGroup_InstanceEndpoint'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAwsGlobalAcceleratorEndpointGroup_InstanceEndpoint -timeout 120m
=== RUN   TestAccAwsGlobalAcceleratorEndpointGroup_InstanceEndpoint
=== PAUSE TestAccAwsGlobalAcceleratorEndpointGroup_InstanceEndpoint
=== CONT  TestAccAwsGlobalAcceleratorEndpointGroup_InstanceEndpoint
    testing.go:684: Step 0 error: errors during apply:

        Error: Error creating Global Accelerator endpoint group: InvalidArgumentException: Client IP Preservation cannot be set to false for EC2 instances

          on /tmp/tf-test004466997/main.tf line 86:
          (source code not available)

--- FAIL: TestAccAwsGlobalAcceleratorEndpointGroup_InstanceEndpoint (133.29s)
FAIL
FAIL	github.com/terraform-providers/terraform-provider-aws/aws	133.338s
FAIL
GNUmakefile:26: recipe for target 'testacc' failed
make: *** [testacc] Error 1

* r/aws_globalaccelerator_endpoint_group: Simplify 'TestAccAwsGlobalAcceleratorEndpointGroup_basic'.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsGlobalAcceleratorEndpointGroup_basic'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAwsGlobalAcceleratorEndpointGroup_basic -timeout 120m
=== RUN   TestAccAwsGlobalAcceleratorEndpointGroup_basic
=== PAUSE TestAccAwsGlobalAcceleratorEndpointGroup_basic
=== CONT  TestAccAwsGlobalAcceleratorEndpointGroup_basic
    testing.go:684: Step 0 error: After applying this step, the plan was not empty:

        DIFF:

        UPDATE: aws_globalaccelerator_endpoint_group.test
          endpoint_configuration.#:      "0" => "0"
          endpoint_group_region:         "us-west-2" => "us-west-2"
          health_check_interval_seconds: "30" => "30"
          health_check_path:             "" => "/"
          health_check_port:             "80" => ""
          health_check_protocol:         "TCP" => "TCP"
          id:                            "arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0/listener/38d2eb59/endpoint-group/e84317b2d005" => "arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0/listener/38d2eb59/endpoint-group/e84317b2d005"
          listener_arn:                  "arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0/listener/38d2eb59" => "arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0/listener/38d2eb59"
          threshold_count:               "3" => "3"
          traffic_dial_percentage:       "100" => "100"

        STATE:

        aws_globalaccelerator_accelerator.test:
          ID = arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0
          provider = provider.aws
          attributes.# = 1
          attributes.0.flow_logs_enabled = false
          attributes.0.flow_logs_s3_bucket =
          attributes.0.flow_logs_s3_prefix =
          dns_name = a9225ffbbaaf25cce.awsglobalaccelerator.com
          enabled = false
          hosted_zone_id = Z2BJ6XQ5FK7U4H
          ip_address_type = IPV4
          ip_sets.# = 1
          ip_sets.0.ip_addresses.# = 2
          ip_sets.0.ip_addresses.0 = 75.2.20.133
          ip_sets.0.ip_addresses.1 = 99.83.169.50
          ip_sets.0.ip_family = IPv4
          name = tf-acc-test-809980946792323534
        aws_globalaccelerator_endpoint_group.test:
          ID = arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0/listener/38d2eb59/endpoint-group/e84317b2d005
          provider = provider.aws
          endpoint_group_region = us-west-2
          health_check_interval_seconds = 30
          health_check_path =
          health_check_port = 80
          health_check_protocol = TCP
          listener_arn = arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0/listener/38d2eb59
          threshold_count = 3
          traffic_dial_percentage = 100

          Dependencies:
            aws_globalaccelerator_listener.test
        aws_globalaccelerator_listener.test:
          ID = arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0/listener/38d2eb59
          provider = provider.aws
          accelerator_arn = arn:aws:globalaccelerator::xxxxxxxxxxxx:accelerator/9e848383-b09a-4439-ac4f-eacb46aa04c0
          client_affinity = NONE
          port_range.# = 1
          port_range.0.from_port = 80
          port_range.0.to_port = 80
          protocol = TCP

          Dependencies:
            aws_globalaccelerator_accelerator.test
--- FAIL: TestAccAwsGlobalAcceleratorEndpointGroup_basic (179.82s)
FAIL
FAIL	github.com/terraform-providers/terraform-provider-aws/aws	179.872s
FAIL
GNUmakefile:26: recipe for target 'testacc' failed
make: *** [testacc] Error 1

* Fix health_check_path for GA TCP endpoint group

- Set `health_check_path` to Computed without Default
- Update documentation

* Update website/docs/r/globalaccelerator_endpoint_group.html.markdown

Co-authored-by: Brian Flad <bflad417@gmail.com>

* r/aws_globalaccelerator_endpoint_group: Change 'health_check_port' to Computed (#12882).

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsGlobalAcceleratorEndpointGroup_basic'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAwsGlobalAcceleratorEndpointGroup_basic -timeout 120m
=== RUN   TestAccAwsGlobalAcceleratorEndpointGroup_basic
=== PAUSE TestAccAwsGlobalAcceleratorEndpointGroup_basic
=== CONT  TestAccAwsGlobalAcceleratorEndpointGroup_basic
--- PASS: TestAccAwsGlobalAcceleratorEndpointGroup_basic (183.26s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	183.312s
$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsGlobalAcceleratorEndpointGroup_update'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAwsGlobalAcceleratorEndpointGroup_update -timeout 120m
=== RUN   TestAccAwsGlobalAcceleratorEndpointGroup_update
=== PAUSE TestAccAwsGlobalAcceleratorEndpointGroup_update
=== CONT  TestAccAwsGlobalAcceleratorEndpointGroup_update
--- PASS: TestAccAwsGlobalAcceleratorEndpointGroup_update (241.78s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	241.856s

* r/aws_globalaccelerator_endpoint_group: Add '_disappears' acceptance test (#13527, #13826).

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAwsGlobalAcceleratorEndpointGroup_disappears'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAwsGlobalAcceleratorEndpointGroup_disappears -timeout 120m
=== RUN   TestAccAwsGlobalAcceleratorEndpointGroup_disappears
=== PAUSE TestAccAwsGlobalAcceleratorEndpointGroup_disappears
=== CONT  TestAccAwsGlobalAcceleratorEndpointGroup_disappears
--- PASS: TestAccAwsGlobalAcceleratorEndpointGroup_disappears (191.83s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	191.883s

* r/aws_globalaccelerator_endpoint_group: Set 'client_ip_preservation_enabled' to 'true' for EC2 instance endpoint test.

Co-authored-by: Zuhaib Siddique <zuhaib@launchdarkly.com>
Co-authored-by: LOU Xun <aquarhead@ela.build>
Co-authored-by: Brian Flad <bflad417@gmail.com>

* Update CHANGELOG for #14486

* resource/aws_service_discovery_http_namespace: Correct name validation (#14749)

* Update elasticache_replication_group.html.markdown

* allow removing schedule

* refactor disappears test

* Update CHANGELOG for #14792

* service/appmesh: Update AppMesh resource acceptance tests to 0.12 syntax (#14795)

* r/aws_appmesh_mesh: Update resource testing to 0.12 syntax.

* r/aws_appmesh_route: Update resource testing to 0.12 syntax.

* r/aws_appmesh_virtual_node: Update resource testing to 0.12 syntax.

* r/aws_appmesh_virtual_router: Update resource testing to 0.12 syntax.

* r/aws_appmesh_virtual_service: Update resource testing to 0.12 syntax.

* resource/aws_storagegateway_smb_file_share: Support cache attributes and case sensitivity, remove errant docs (#14790)

* remove smb file share defaults as it doesnt exist

* plan time validation refactor

* add cache attributes

* disappears test

* use %w for errors

* use %#v for structs

* support case sensitivity

* Update CHANGELOG for #14790

* update tf syntax

* resource/aws_storagegateway_gateway: Add support for bandwidth values (#13568)

Output from acceptance testing:

```
--- PASS: TestAccAWSStorageGatewayGateway_disappears (182.38s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_Stored (206.84s)
--- PASS: TestAccAWSStorageGatewayGateway_SmbGuestPassword (210.94s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_FileS3 (227.23s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayName (233.03s)
--- PASS: TestAccAWSStorageGatewayGateway_CloudWatchLogs (238.19s)
--- PASS: TestAccAWSStorageGatewayGateway_tags (244.80s)
--- PASS: TestAccAWSStorageGatewayGateway_bandwidthUpload (244.86s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_Vtl (248.04s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayType_Cached (248.57s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayTimezone (262.73s)
--- PASS: TestAccAWSStorageGatewayGateway_SMBSecurityStrategy (262.76s)
--- PASS: TestAccAWSStorageGatewayGateway_bandwidthDownload (281.07s)
--- PASS: TestAccAWSStorageGatewayGateway_GatewayVpcEndpoint (297.35s)
--- PASS: TestAccAWSStorageGatewayGateway_bandwidthAll (300.14s)
--- PASS: TestAccAWSStorageGatewayGateway_SmbActiveDirectorySettings (744.76s)
```

* update test description

* Update CHANGELOG for #13568

* docs/resource/aws_cloudwatch_log_group: Add information about 0 value for retention_in_days argument (#14791)

* Update module aws/aws-sdk-go to v1.34.10 (#14665)

Co-authored-by: Renovate Bot <bot@renovateapp.com>

* New Resource: aws_emr_managed_scaling_policy (#13965)

Output from acceptance testing:

```
--- PASS: TestAccAwsEmrManagedScalingPolicy_ComputeLimits_MaximumOndemandCapacityUnits (469.63s)
--- PASS: TestAccAwsEmrManagedScalingPolicy_basic (475.17s)
--- PASS: TestAccAwsEmrManagedScalingPolicy_ComputeLimits_MaximumCoreCapacityUnits (483.48s)
--- PASS: TestAccAwsEmrManagedScalingPolicy_disappears (493.32s)
```

* Update CHANGELOG for #13965

* tests/resource/aws_codepipeline: Fix TestAccAWSCodePipeline_deployWithServiceRole (#14830)

* resource/aws_xray_sampling_rule: Add tags argument (#14831)

Output from acceptance testing:

```
--- PASS: TestAccAWSXraySamplingRule_basic (13.93s)
--- PASS: TestAccAWSXraySamplingRule_disappears (19.04s)
--- PASS: TestAccAWSXraySamplingRule_update (22.61s)
--- PASS: TestAccAWSXraySamplingRule_tags (53.74s)
```

* Update CHANGELOG for #14831

* Updates Terraform syntax for data source acceptance tests

* tests/resource/aws_redshift_subnet_group: Implement sweeper and disappears test (#14828)

Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/13826
Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/14574

Output from acceptance testing in AWS Commercial:

```
--- PASS: TestAccAWSRedshiftSubnetGroup_disappears (26.83s)
```

Output from acceptance testing in AWS GovCloud (US):

```
--- PASS: TestAccAWSRedshiftSubnetGroup_disappears (30.85s)
```

Output from sweeper in AWS Commercial (aws_redshift_cluster failures unrelated):

```
2020/08/25 10:13:32 [DEBUG] Running Sweepers for region (us-west-2):
2020/08/25 10:13:32 [DEBUG] Running Sweeper (aws_redshift_cluster) in region (us-west-2)
2020/08/25 10:13:34 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-2045223997271387682): InvalidClusterState: Unable to delete the cluster tf-redshift-cluster-2045223997271387682. You can only delete clusters with ACTIVE, INCOMPATIBLE_NETWORK, INCOMPATIBLE_HSM, INCOMPATIBLE_RESTORE, INSUFFICIENT_CAPACITY, or HARDWARE_FAILURE lifecycle.
	status code: 400, request id: fda93346-21d9-46ae-b70a-637edb91777d
2020/08/25 10:13:34 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-8644196052749068490): InvalidClusterState: Unable to delete the cluster tf-redshift-cluster-8644196052749068490. You can only delete clusters with ACTIVE, INCOMPATIBLE_NETWORK, INCOMPATIBLE_HSM, INCOMPATIBLE_RESTORE, INSUFFICIENT_CAPACITY, or HARDWARE_FAILURE lifecycle.
	status code: 400, request id: 980f1a92-52d8-41d0-b942-608b8a28d2b0
2020/08/25 10:13:34 [DEBUG] Running Sweeper (aws_redshift_subnet_group) in region (us-west-2)
2020/08/25 10:13:34 [INFO] Deleting Redshift Cluster Subnet Group: foo-1532990571165558666
2020/08/25 10:13:35 [INFO] Deleting Redshift Cluster Subnet Group: foo-2826273713642737832
2020/08/25 10:13:35 [INFO] Deleting Redshift Cluster Subnet Group: foo-2972341912917468064
2020/08/25 10:13:35 [INFO] Deleting Redshift Cluster Subnet Group: foo-548170896135551408
2020/08/25 10:13:36 [INFO] Deleting Redshift Cluster Subnet Group: foo-6210951272445705940
2020/08/25 10:13:36 [INFO] Deleting Redshift Cluster Subnet Group: foo-6650827170013194054
2020/08/25 10:13:37 [INFO] Deleting Redshift Cluster Subnet Group: foo-8947122441846412195
2020/08/25 10:13:37 [INFO] Deleting Redshift Cluster Subnet Group: tf-acc-test-1033431615102227004
2020/08/25 10:13:37 [INFO] Deleting Redshift Cluster Subnet Group: tf-acc-test-3356016725088449244
2020/08/25 10:13:38 [INFO] Deleting Redshift Cluster Subnet Group: tf-acc-test-366062263239024705
2020/08/25 10:13:38 [INFO] Deleting Redshift Cluster Subnet Group: tf-acc-test-4635827958397283374
2020/08/25 10:13:38 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-1676492653723899859
2020/08/25 10:13:39 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-1799088798996484452
2020/08/25 10:13:39 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-3024108242023612112
2020/08/25 10:13:40 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-3299406627706074951
2020/08/25 10:13:40 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-5403800648237234931
2020/08/25 10:13:40 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-625135235143178083
2020/08/25 10:13:41 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-8306727858374757773
2020/08/25 10:13:41 [INFO] Deleting Redshift Cluster Subnet Group: tf-redshift-subnet-group-8365684838675699564
2020/08/25 10:13:41 Sweeper Tests ran successfully:
	- aws_redshift_cluster
	- aws_redshift_subnet_group
2020/08/25 10:13:41 [DEBUG] Running Sweepers for region (us-east-1):
2020/08/25 10:13:41 [DEBUG] Running Sweeper (aws_redshift_cluster) in region (us-east-1)
2020/08/25 10:13:42 [DEBUG] No Redshift clusters to sweep
2020/08/25 10:13:42 [DEBUG] Running Sweeper (aws_redshift_subnet_group) in region (us-east-1)
2020/08/25 10:13:42 Sweeper Tests ran successfully:
	- aws_redshift_subnet_group
	- aws_redshift_cluster
ok  	github.com/terraform-providers/terraform-provider-aws/aws	12.691s
```

Output from sweeper in AWS GovCloud (US) (aws_redshift_cluster failures unrelated):

```
2020/08/25 10:13:40 [DEBUG] Running Sweepers for region (us-gov-west-1):
2020/08/25 10:13:40 [DEBUG] Running Sweeper (aws_redshift_cluster) in region (us-gov-west-1)
2020/08/25 10:13:43 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-1216426925668034673): InvalidClusterState: Unable to delete the cluster tf-redshift-cluster-1216426925668034673. You can only delete clusters with ACTIVE, INCOMPATIBLE_NETWORK, INCOMPATIBLE_HSM, INCOMPATIBLE_RESTORE, INSUFFICIENT_CAPACITY, or HARDWARE_FAILURE lifecycle.
	status code: 400, request id: 7b5f4c9e-959f-4e80-b01a-65f2cd066f71
2020/08/25 10:13:44 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-219584981761242852): InvalidClusterState: There is an operation running on the Cluster. Please try to delete it at a later time.
	status code: 400, request id: 1c672709-d60b-43b0-aadd-1bdf6a5f4797
2020/08/25 10:13:44 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-2558072814228197965): InvalidClusterState: There is an operation running on the Cluster. Please try to delete it at a later time.
	status code: 400, request id: cc46c761-1a19-4f3e-844d-6c5514eedbf1
2020/08/25 10:13:45 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-6093122516016678979): InvalidClusterState: There is an operation running on the Cluster. Please try to delete it at a later time.
	status code: 400, request id: 24d63cb2-7635-4448-878e-2ccde8e03478
2020/08/25 10:13:45 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-6534318059499305980): InvalidClusterState: There is an operation running on the Cluster. Please try to delete it at a later time.
	status code: 400, request id: 28e83e42-6e20-4366-9c86-25f04d5138ad
2020/08/25 10:13:46 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-7172132402108784395): InvalidClusterState: There is an operation running on the Cluster. Please try to delete it at a later time.
	status code: 400, request id: 1f2cef04-05ef-42dc-bc2c-ce937032db61
2020/08/25 10:13:46 [ERROR] Failed deleting Redshift cluster (tf-redshift-cluster-8068671586261296151): InvalidClusterState: There is an operation running on the Cluster. Please try to delete it at a later time.
	status code: 400, request id: 7abeafb4-268c-4b4d-abae-91e1bcab4e01
2020/08/25 10:13:46 [DEBUG] Running Sweeper (aws_redshift_subnet_group) in region (us-gov-west-1)
2020/08/25 10:13:47 [INFO] Deleting Redshift Cluster Subnet Group: tf-acc-test-2418503084750398980
2020/08/25 10:13:48 [INFO] Deleting Redshift Cluster Subnet Group: tf-acc-test-2939943196500636311
2020/08/25 10:13:48 [INFO] Deleting Redshift Cluster Subnet Group: tf-acc-test-8506717930441343050
2020/08/25 10:13:49 Sweeper Tests ran successfully:
	- aws_redshift_cluster
	- aws_redshift_subnet_group
ok  	github.com/terraform-providers/terraform-provider-aws/aws	10.018s
```

* Small syntax fixes

* update test configs to fix failing tests

* update to using data source instance types

* docs/resource/aws_autoscaling_policy: Add missing min_adjustment_magnitude argument (#14807)

* missing min_adjustment_magnitude argument in the docs

* Update website/docs/r/autoscaling_policy.html.markdown

Co-authored-by: Brian Flad <bflad417@gmail.com>

Co-authored-by: Brian Flad <bflad417@gmail.com>

* New Resource: aws_guardduty_publishing_destination (#13894)

* Implementation of resource new resource type for GuardDuty S3 Export (#10920)

* Added tests and documentation

* Fixed test namings

* Fixed linter issues and removed explicit import test case

* Fixed HCL formatting in documentation

* Fixed some namings and sidebar link

* Update/refactor publishing destination (#1)

* Merged latest master changes and resolved conflicts

* Merged from Upstream master and squashed commits

* Delete defaults.go

* Removed changes from vendor subdirectory and synched with master.

* Refactor GuardDuty to waiter pattern

* Remove unused constant

* Small refactor based on PR review

* Add disappears test and refactor based on PR review

* Refactor based on PR review

* Refactor according to PR review

* Additional fix wrt tf 0.12

Co-authored-by: Sebastian Häpe <Sebastian.Haepe@nordcloud.com>
Co-authored-by: shaepe <44882151+shaepe@users.noreply.github.com>

* Update CHANGELOG for #13894

* resource/aws_guardduty_publishing_destination: Minor adjustments for initial resource

Output from acceptance testing:

```
    --- PASS: TestAccAWSGuardDuty_serial/PublishingDestination (59.25s)
        --- PASS: TestAccAWSGuardDuty_serial/PublishingDestination/basic (30.31s)
        --- PASS: TestAccAWSGuardDuty_serial/PublishingDestination/disappears (28.94s)
```

* internal/service/guardduty/waiter: Refactor Publishing Destination status handling

Output from acceptance testing:

```
    --- PASS: TestAccAWSGuardDuty_serial/PublishingDestination (64.97s)
        --- PASS: TestAccAWSGuardDuty_serial/PublishingDestination/disappears (31.59s)
        --- PASS: TestAccAWSGuardDuty_serial/PublishingDestination/basic (33.39s)
```

* r/aws_cloudfront_distribution: Avoid raw pointer dereferences (#12992).

* r/aws_cloudfront_distribution: Fix 'TestAccAWSCloudFrontDistribution_OriginGroups'.

* resource/aws_securityhub_action_target: Finishing touches for initial resource

Output from acceptance testing:

```
    --- PASS: TestAccAWSSecurityHub_serial/ActionTarget (73.84s)
        --- PASS: TestAccAWSSecurityHub_serial/ActionTarget/Description (24.16s)
        --- PASS: TestAccAWSSecurityHub_serial/ActionTarget/Name (23.25s)
        --- PASS: TestAccAWSSecurityHub_serial/ActionTarget/basic (14.02s)
        --- PASS: TestAccAWSSecurityHub_serial/ActionTarget/disappears (12.41s)
```

* Update CHANGELOG for #10493

* deps: Allow dependabot to upgrade GitHub action versions (#14835)

* Allow dependabot to upgrad GitHub action versions

* Add dependencies section to hashibot w/ dependabot

* Fix aws_ecs_task_definition docs markdown links

It looks like these were broken due to line wrapping.

* remove aws webite ref

* Update CHANGELOG for #14844

* tests/provider: Update hardcoded AZs (Default Subnet)

* New Resource: aws_xray_group (#13597)

Output from acceptance testing:

```
--- PASS: TestAccAWSXrayGroup_disappears (12.57s)
--- PASS: TestAccAWSXrayGroup_basic (28.65s)
--- PASS: TestAccAWSXrayGroup_tags (39.39s)
```

* Update CHANGELOG for #13597

* tests/resource/aws_elb: Fix TestAccAWSELB_swap_subnets (#14865)

Output from acceptance testing:

```
--- PASS: TestAccAWSELB_swap_subnets (45.08s)
```

* Update website/docs/r/elasticache_replication_group.html.markdown

Co-authored-by: angie pinilla <angelinepinilla@gmail.com>

* New Resource: aws_xray_encryption_config (#13600)

Output from acceptance testing:

```
--- PASS: TestAccAWSXrayEncryptionConfig_basic (941.85s)
```

* Update CHANGELOG for #13600

* resource/aws_apigatewayv2_integration: AWS service integrations for HTTP APIs. (#14860)

Output from acceptance testing:

```
--- PASS: TestAccAWSAPIGatewayV2Integration_disappears (29.00s)
--- PASS: TestAccAWSAPIGatewayV2Integration_basicHttp (30.37s)
--- PASS: TestAccAWSAPIGatewayV2IntegrationResponse_basic (32.64s)
--- PASS: TestAccAWSAPIGatewayV2Integration_basicWebSocket (32.81s)
--- PASS: TestAccAWSAPIGatewayV2Integration_AwsServiceIntegration (33.16s)
--- PASS: TestAccAWSAPIGatewayV2IntegrationResponse_disappears (36.85s)
--- PASS: TestAccAWSAPIGatewayV2Integration_IntegrationTypeHttp (41.16s)
--- PASS: TestAccAWSAPIGatewayV2IntegrationResponse_AllAttributes (42.63s)
--- PASS: TestAccAWSAPIGatewayV2Integration_LambdaHttp (46.09s)
--- PASS: TestAccAWSAPIGatewayV2Integration_LambdaWebSocket (52.54s)
--- PASS: TestAccAWSAPIGatewayV2Integration_VpcLinkHttp (417.62s)
--- PASS: TestAccAWSAPIGatewayV2Integration_VpcLinkWebSocket (687.74s)
```

* Update CHANGELOG for #14860

* Update CHANGELOG for #12974

* tests/provider: Ensure GitHub Actions workflow for markdown-lint checks out code and can fetch latest v1 (#14849)

* tests/provider: Ensure GitHub Actions workflow for markdown-lint checks out code and can fetch latest v1

Previously in GitHub Actions production it was exiting immediately with the help message and not failing the step (will need to report upstream):

```
/usr/bin/docker run --name b3ac6370f976814a74da68d2a7f92df15b742_274a0b --label 3b3ac6 --workdir /github/workspace --rm -e GO_VERSION -e GO111MODULE -e TFLINT_VERSION -e INPUT_CONFIG -e INPUT_ARGS -e INPUT_RULES -e INPUT_FIX -e INPUT_OUTPUT -e INPUT_IGNORE -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/terraform-provider-aws/terraform-provider-aws":"/github/workspace" 3b3ac6:370f976814a74da68d2a7f92df15b742  "website/docs"

  Usage: markdownlint [options] <files|directories|globs>

  MarkdownLint Command Line Interface

  Options:

    -h, --help                                  output usage information
    -V, --version                               output the version number
    -f, --fix                                   fix basic errors (does not work with STDIN)
    -s, --stdin                                 read from STDIN (does not work with files)
    -o, --output [outputFile]                   write issues to file (no console)
    -c, --config [configFile]                   configuration file (JSON, JSONC, JS, or YAML)
    -i, --ignore [file|directory|glob]          file(s) to ignore/exclude
    -p, --ignore-path [file]                    path to file with ignore pattern(s)
    -r, --rules  [file|directory|glob|package]  custom rule files
```

Which could also be seen with GitHub Actions testing in `act`:

```console
$ act push -j markdown-lint
[Website Checks/markdown-lint      ] 🚀  Start image=nektos/act-environments-ubuntu:18.04
[Documentation Checks/markdown-lint] 🚀  Start image=nektos/act-environments-ubuntu:18.04
[Documentation Checks/markdown-lint]   🐳  docker run image=nektos/act-environments-ubuntu:18.04 entrypoint=["/usr/bin/tail" "-f" "/dev/null"] cmd=[]
[Website Checks/markdown-lint      ]   🐳  docker run image=nektos/act-environments-ubuntu:18.04 entrypoint=["/usr/bin/tail" "-f" "/dev/null"] cmd=[]
[Documentation Checks/markdown-lint] ⭐  Run avto-dev/markdown-lint@v1.3.0
[Documentation Checks/markdown-lint]   ☁  git clone 'https://github.com/avto-dev/markdown-lint' # ref=v1.3.0
[Website Checks/markdown-lint      ] ⭐  Run avto-dev/markdown-lint@v1.3.0
[Website Checks/markdown-lint      ]   ☁  git clone 'https://github.com/avto-dev/markdown-lint' # ref=v1.3.0
[Documentation Checks/markdown-lint]   🐳  docker build -t act-avto-dev-markdown-lint-v1-3-0:latest /Users/bflad/.cache/act/avto-dev-markdown-lint@v1.3.0
[Documentation Checks/markdown-lint]   🐳  docker run image=act-avto-dev-markdown-lint-v1-3-0:latest entrypoint=[] cmd=["docs"]
[Website Checks/markdown-lint      ]   🐳  docker build -t act-avto-dev-markdown-lint-v1-3-0:latest /Users/bflad/.cache/act/avto-dev-markdown-lint@v1.3.0
[Website Checks/markdown-lint      ]   🐳  docker run image=act-avto-dev-markdown-lint-v1-3-0:latest entrypoint=[] cmd=["website/docs"]
|
|   Usage: markdownlint [options] <files|directories|globs>
|
|   MarkdownLint Command Line Interface
|
|   Options:
|
|     -h, --help                                  output usage information
|     -V, --version                               output the version number
|     -f, --fix                                   fix basic errors (does not work with STDIN)
|     -s, --stdin                                 read from STDIN (does not work with files)
|     -o, --output [outputFile]                   write issues to file (no console)
|     -c, --config [configFile]                   configuration file (JSON, JSONC, JS, or YAML)
|     -i, --ignore [file|directory|glob]          file(s) to ignore/exclude
|     -p, --ignore-path [file]                    path to file with ignore pattern(s)
|     -r, --rules  [file|directory|glob|package]  custom rule files
|
[Documentation Checks/markdown-lint]   ✅  Success - avto-dev/markdown-lint@v1.3.0
|
|   Usage: markdownlint [options] <files|directories|globs>
|
|   MarkdownLint Command Line Interface
|
|   Options:
|
|     -h, --help                                  output usage information
|     -V, --version                               output the version number
|     -f, --fix                                   fix basic errors (does not work with STDIN)
|     -s, --stdin                                 read from STDIN (does not work with files)
|     -o, --output [outputFile]                   write issues to file (no console)
|     -c, --config [configFile]                   configuration file (JSON, JSONC, JS, or YAML)
|     -i, --ignore [file|directory|glob]          file(s) to ignore/exclude
|     -p, --ignore-path [file]                    path to file with ignore pattern(s)
|     -r, --rules  [file|directory|glob|package]  custom rule files
|
[Website Checks/markdown-lint      ]   ✅  Success - avto-dev/markdown-lint@v1.3.0
```

Now with GitHub Actions testing in `act`:

```console
$ act push -j markdown-lint
[Website Checks/markdown-lint      ] 🚀  Start image=nektos/act-environments-ubuntu:18.04
[Documentation Checks/markdown-lint] 🚀  Start image=nektos/act-environments-ubuntu:18.04
[Documentation Checks/markdown-lint]   🐳  docker run image=nektos/act-environments-ubuntu:18.04 entrypoint=["/usr/bin/tail" "-f" "/dev/null"] cmd=[]
[Website Checks/markdown-lint      ]   🐳  docker run image=nektos/act-environments-ubuntu:18.04 entrypoint=["/usr/bin/tail" "-f" "/dev/null"] cmd=[]
[Website Checks/markdown-lint      ]   🐳  docker cp src=/Users/bflad/src/github.com/terraform-providers/terraform-provider-aws/. dst=/github/workspace
[Documentation Checks/markdown-lint]   🐳  docker cp src=/Users/bflad/src/github.com/terraform-providers/terraform-provider-aws/. dst=/github/workspace
[Documentation Checks/markdown-lint] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] Unable to copy link vendor --> ../../../../../../vendor
[Documentation Checks/markdown-lint] Unable to copy link vendor --> ../../../../../../vendor
[Documentation Checks/markdown-lint] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] Unable to copy link vendor --> ../../../../../../vendor
[Documentation Checks/markdown-lint] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] Unable to copy link vendor --> ../../../../../../vendor
[Documentation Checks/markdown-lint] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] Unable to copy link vendor --> ../../../../../../vendor
[Documentation Checks/markdown-lint] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] Unable to copy link vendor --> ../../../../../../vendor
[Documentation Checks/markdown-lint] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] Unable to copy link vendor --> ../../../../../../vendor
[Website Checks/markdown-lint      ] ⭐  Run actions/checkout@v2
[Website Checks/markdown-lint      ]   ✅  Success - actions/checkout@v2
[Website Checks/markdown-lint      ] ⭐  Run avto-dev/markdown-lint@v1
[Website Checks/markdown-lint      ]   ☁  git clone 'https://github.com/avto-dev/markdown-lint' # ref=v1
[Documentation Checks/markdown-lint] ⭐  Run actions/checkout@v2
[Documentation Checks/markdown-lint]   ✅  Success - actions/checkout@v2
[Documentation Checks/markdown-lint] ⭐  Run avto-dev/markdown-lint@v1
[Documentation Checks/markdown-lint]   ☁  git clone 'https://github.com/avto-dev/markdown-lint' # ref=v1
[Website Checks/markdown-lint      ]   🐳  docker build -t act-avto-dev-markdown-lint-v1:latest /Users/bflad/.cache/act/avto-dev-markdown-lint@v1
[Documentation Checks/markdown-lint]   🐳  docker build -t act-avto-dev-markdown-lint-v1:latest /Users/bflad/.cache/act/avto-dev-markdown-lint@v1
[Website Checks/markdown-lint      ]   🐳  docker run image=act-avto-dev-markdown-lint-v1:latest entrypoint=[] cmd=["website/docs"]
[Documentation Checks/markdown-lint]   🐳  docker run image=act-avto-dev-markdown-lint-v1:latest entrypoint=[] cmd=["docs"]
[Documentation Checks/markdown-lint]   ✅  Success - avto-dev/markdown-lint@v1
| website/docs/r/emr_managed_scaling_policy.html.markdown:60 MD031/blanks-around-fences Fenced code blocks should be surrounded by blank lines [Context: "```console"]
| website/docs/r/spot_instance_request.html.markdown:69 MD032/blanks-around-lists Lists should be surrounded by blank lines [Context: "* `tags` - (Optional) A map of..."]
[Website Checks/markdown-lint      ]   ❌  Failure - avto-dev/markdown-lint@v1
Error: exit with `FAILURE`: 1
```

These failures will be addressed separately.

* docs/provider: Fix markdown-lint reports

Reference: https://github.com/terraform-providers/terraform-provider-aws/pull/14849

* resource/aws_emr_instance_group: Extend instance group timeout by 50% (#13077)

* Update CHANGELOG for #13077

* resource/aws_emr_instance_group: Increase creation and update timeouts to 30 minutes (#14106)

Co-authored-by: Brian Flad <bflad417@gmail.com>

* Update CHANGELOG for #14106

* Update CHANGELOG for #9525

* add create timeout for rds_cluster_endpoint resource

* v3.4.0

* Cleanup after v3.4.0 release

* add diffsupressfunc for json field

* refactor opsworks_slack tests and update enumerated values

* add "other" to source type values

Co-authored-by: Brian Flad <bflad417@gmail.com>

* resource/aws_acm_certificate: Provide additional plan-time validation for subject_alternative_names values (#14782)

Previously:

```
    TestAccAWSAcmCertificate_SubjectAlternativeNames_EmptyString: resource_aws_acm_certificate_test.go:315: Step 1/1, expected an error with pattern, no match on: terraform failed: exit status 1

        stderr:

        Error: Error requesting certificate: ValidationException: 1 validation error detected: Value '[]' at 'subjectAlternativeNames' failed to satisfy constraint: Member must satisfy constraint: [Member must have length less than or equal to 253, Member must have length greater than or equal to 1, Member must satisfy regular expression pattern: ^(\*\.)?(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$]
        	status code: 400, request id: c82c20fc-931d-4e04-b79f-d9795db14fa9
```

The intention of this change was test and prevent against panic in Terraform 0.11, however since the provider no longer supports 0.11 and earlier, this is now merely an enhancement. We could also attempt the same regular expression validation, however that seems more likely to change in the future, should ACM support additional characters in domain naming so its omitted for now.

Output from acceptance testing (unrelated failures due to testing account quota issues):

```
--- PASS: TestAccAWSAcmCertificate_root_TrailingPeriod (2.66s)
--- PASS: TestAccAWSAcmCertificate_SubjectAlternativeNames_EmptyString (2.94s)
--- FAIL: TestAccAWSAcmCertificate_imported_DomainName (6.59s)
--- FAIL: TestAccAWSAcmCertificate_imported_IpAddress (6.22s)
--- PASS: TestAccAWSAcmCertificate_root (19.80s)
--- PASS: TestAccAWSAcmCertificate_emailValidation (20.68s)
--- PASS: TestAccAWSAcmCertificate_dnsValidation (21.38s)
--- PASS: TestAccAWSAcmCertificate_san_TrailingPeriod (21.73s)
--- PASS: TestAccAWSAcmCertificate_disableCTLogging (21.82s)
--- PASS: TestAccAWSAcmCertificate_wildcardAndRootSan (22.66s)
--- PASS: TestAccAWSAcmCertificate_san_multiple (23.00s)
--- PASS: TestAccAWSAcmCertificate_wildcard (23.41s)
--- PASS: TestAccAWSAcmCertificate_privateCert (23.68s)
--- PASS: TestAccAWSAcmCertificate_san_single (24.92s)
--- PASS: TestAccAWSAcmCertificate_rootAndWildcardSan (35.64s)
--- PASS: TestAccAWSAcmCertificate_tags (54.65s)
```

* Update CHANGELOG for #14782

* resource/aws_msk_configuration: Implement Update and Delete support (#14826)

Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/14822

Fixes consistent test failures like the following, since the deletion API did not exist previously:

```
=== CONT  TestAccAWSMskConfigurationDataSource_Name
TestAccAWSMskConfigurationDataSource_Name: data_source_aws_msk_configuration_test.go:16: Step 1/1 error: terraform failed: exit status 1
stderr:
Error: error creating MSK Configuration: LimitExceededException:
  status code: 429, request id: 2d1a5f7b-9810-4721-8aba-5873760578f7
--- FAIL: TestAccAWSMskConfigurationDataSource_Name (3942.7…
ewbankkit added a commit to Tremualin/terraform-provider-aws that referenced this issue Sep 1, 2021
ewbankkit added a commit to evan-cleary/terraform-provider-aws that referenced this issue Oct 5, 2021
ewbankkit added a commit that referenced this issue Nov 4, 2021
@breathingdust breathingdust removed this from the Roadmap milestone Nov 10, 2021
ewbankkit added a commit to nishigori/terraform-provider-aws that referenced this issue Jan 2, 2022
ewbankkit added a commit to zachfeld/terraform-provider-aws that referenced this issue Mar 14, 2022
ewbankkit added a commit to zachfeld/terraform-provider-aws that referenced this issue Mar 18, 2022
ewbankkit added a commit to kliu47/terraform-provider-aws that referenced this issue Apr 6, 2022
ewbankkit added a commit to kliu47/terraform-provider-aws that referenced this issue Apr 6, 2022
@PatMyron
Copy link
Contributor

PatMyron commented Apr 16, 2022

thousands have been mapped here: https://github.com/terraform-linters/tflint-ruleset-aws/tree/master/rules/models/mappings
worth investigating upstreaming @wata727

ewbankkit added a commit to nikhil-goenka/terraform-provider-aws that referenced this issue Apr 20, 2022
ewbankkit added a commit to mattburgess/terraform-provider-aws that referenced this issue Apr 21, 2022
ewbankkit added a commit to cjerad/terraform-provider-aws that referenced this issue May 13, 2022
Mikechoi78 added a commit to Mikechoi78/tfproviderlint that referenced this issue May 23, 2022
ewbankkit added a commit to jalavoy/terraform-provider-aws that referenced this issue May 27, 2022
ewbankkit added a commit to DrFaust92/terraform-provider-aws that referenced this issue Jun 22, 2022
ewbankkit added a commit to teddylear/terraform-provider-aws that referenced this issue Aug 2, 2022
ewbankkit added a commit to teddylear/terraform-provider-aws that referenced this issue Aug 2, 2022
ewbankkit added a commit to jochenboesmans/terraform-provider-aws that referenced this issue Sep 29, 2022
ewbankkit added a commit to bschaatsbergen/terraform-provider-aws that referenced this issue Oct 27, 2022
ewbankkit added a commit to jms200/terraform-provider-aws that referenced this issue Nov 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement Requests to existing resources that expand the functionality or scope. linter Pertains to changes to or issues with the various linters. provider Pertains to the provider itself, rather than any interaction with AWS. technical-debt Addresses areas of the codebase that need refactoring or redesign.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants