From b28e84ab2d8586798966aa4150c2a10deed16de6 Mon Sep 17 00:00:00 2001 From: Aidan Feldman Date: Tue, 17 Apr 2018 01:53:37 -0400 Subject: [PATCH 01/10] add an aws_organizations_root data source --- aws/data_source_aws_organizations_root.go | 42 +++++++++++++++++++ ...data_source_aws_organizations_root_test.go | 42 +++++++++++++++++++ aws/provider.go | 1 + website/aws.erb | 3 ++ .../docs/d/organizations_root.html.markdown | 30 +++++++++++++ 5 files changed, 118 insertions(+) create mode 100644 aws/data_source_aws_organizations_root.go create mode 100644 aws/data_source_aws_organizations_root_test.go create mode 100644 website/docs/d/organizations_root.html.markdown diff --git a/aws/data_source_aws_organizations_root.go b/aws/data_source_aws_organizations_root.go new file mode 100644 index 000000000000..85f889f0f495 --- /dev/null +++ b/aws/data_source_aws_organizations_root.go @@ -0,0 +1,42 @@ +package aws + +import ( + "errors" + + "github.com/aws/aws-sdk-go/service/organizations" + "github.com/hashicorp/terraform/helper/schema" +) + +func dataSourceAwsOrganizationRoot() *schema.Resource { + return &schema.Resource{ + Read: dataSourceAwsOrganizationRootRead, + + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +func dataSourceAwsOrganizationRootRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).organizationsconn + + input := &organizations.ListRootsInput{} + result, err := conn.ListRoots(input) + if err != nil { + return err + } + + // there should be exactly one, per https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#root + root := result.Roots[0] + if root == nil { + return errors.New("Root organizational unit not found") + } + + d.SetId(*root.Id) + d.Set("arn", root.Arn) + + return nil +} diff --git a/aws/data_source_aws_organizations_root_test.go b/aws/data_source_aws_organizations_root_test.go new file mode 100644 index 000000000000..67da4f15be9c --- /dev/null +++ b/aws/data_source_aws_organizations_root_test.go @@ -0,0 +1,42 @@ +package aws + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccDataSourceAwsOrganizationRoot_basic(t *testing.T) { + resourceName := "data.aws_organizations_root.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAwsOrganizationRootConfig, + Check: resource.ComposeTestCheckFunc( + testAccDataSourceAwsOrganizationRootCheck(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "arn"), + ), + }, + }, + }) +} + +func testAccDataSourceAwsOrganizationRootCheck(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + _, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("root module has no resource called %s", name) + } + + return nil + } +} + +const testAccDataSourceAwsOrganizationRootConfig = ` +data "aws_organizations_root" "test" {} +` diff --git a/aws/provider.go b/aws/provider.go index 074aa98995aa..b67a4a585924 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -243,6 +243,7 @@ func Provider() terraform.ResourceProvider { "aws_network_acls": dataSourceAwsNetworkAcls(), "aws_network_interface": dataSourceAwsNetworkInterface(), "aws_network_interfaces": dataSourceAwsNetworkInterfaces(), + "aws_organizations_root": dataSourceAwsOrganizationRoot(), "aws_partition": dataSourceAwsPartition(), "aws_prefix_list": dataSourceAwsPrefixList(), "aws_pricing_product": dataSourceAwsPricingProduct(), diff --git a/website/aws.erb b/website/aws.erb index d16a7f690d72..94d0dd79ff98 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -299,6 +299,9 @@ > aws_network_interfaces + > + aws_organizations_root + > aws_partition diff --git a/website/docs/d/organizations_root.html.markdown b/website/docs/d/organizations_root.html.markdown new file mode 100644 index 000000000000..87937aad26a9 --- /dev/null +++ b/website/docs/d/organizations_root.html.markdown @@ -0,0 +1,30 @@ +--- +layout: "aws" +page_title: "AWS: aws_organizations_root" +sidebar_current: "docs-aws-datasource-organizations-root" +description: |- + Provides details about the root organizational unit +--- + +# Data Source: aws_organizations_root + +`aws_organizations_root` provides details about the [root organizational unit](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#root). + +Will give an error if Organizations aren't enabled - see `aws_organizations_organization`. + +## Example Usage + +```hcl +data "aws_organizations_root" "root" {} +``` + +## Argument Reference + +None. + +## Attributes Reference + +The following attributes are exported: + +* `arn` - The ARN of the organizational unit +* `id` - The ID of the organizational unit (`r-...`) From a4286f13c0b58bb95d175925ef6441ee1c4c62a0 Mon Sep 17 00:00:00 2001 From: Aidan Feldman Date: Tue, 17 Apr 2018 21:57:58 -0400 Subject: [PATCH 02/10] switch aws_organizations_root to aws_organizations_unit This will be more future-proof, allowing support for non-root organizational units. --- ...data_source_aws_organizations_root_test.go | 42 ------------ ... => data_source_aws_organizations_unit.go} | 11 +++- ...data_source_aws_organizations_unit_test.go | 66 +++++++++++++++++++ aws/provider.go | 2 +- website/aws.erb | 4 +- .../docs/d/organizations_root.html.markdown | 30 --------- .../docs/d/organizations_unit.html.markdown | 34 ++++++++++ 7 files changed, 111 insertions(+), 78 deletions(-) delete mode 100644 aws/data_source_aws_organizations_root_test.go rename aws/{data_source_aws_organizations_root.go => data_source_aws_organizations_unit.go} (75%) create mode 100644 aws/data_source_aws_organizations_unit_test.go delete mode 100644 website/docs/d/organizations_root.html.markdown create mode 100644 website/docs/d/organizations_unit.html.markdown diff --git a/aws/data_source_aws_organizations_root_test.go b/aws/data_source_aws_organizations_root_test.go deleted file mode 100644 index 67da4f15be9c..000000000000 --- a/aws/data_source_aws_organizations_root_test.go +++ /dev/null @@ -1,42 +0,0 @@ -package aws - -import ( - "fmt" - "testing" - - "github.com/hashicorp/terraform/helper/resource" - "github.com/hashicorp/terraform/terraform" -) - -func TestAccDataSourceAwsOrganizationRoot_basic(t *testing.T) { - resourceName := "data.aws_organizations_root.test" - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - Steps: []resource.TestStep{ - { - Config: testAccDataSourceAwsOrganizationRootConfig, - Check: resource.ComposeTestCheckFunc( - testAccDataSourceAwsOrganizationRootCheck(resourceName), - resource.TestCheckResourceAttrSet(resourceName, "arn"), - ), - }, - }, - }) -} - -func testAccDataSourceAwsOrganizationRootCheck(name string) resource.TestCheckFunc { - return func(s *terraform.State) error { - _, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("root module has no resource called %s", name) - } - - return nil - } -} - -const testAccDataSourceAwsOrganizationRootConfig = ` -data "aws_organizations_root" "test" {} -` diff --git a/aws/data_source_aws_organizations_root.go b/aws/data_source_aws_organizations_unit.go similarity index 75% rename from aws/data_source_aws_organizations_root.go rename to aws/data_source_aws_organizations_unit.go index 85f889f0f495..17bf509d12b2 100644 --- a/aws/data_source_aws_organizations_root.go +++ b/aws/data_source_aws_organizations_unit.go @@ -7,20 +7,25 @@ import ( "github.com/hashicorp/terraform/helper/schema" ) -func dataSourceAwsOrganizationRoot() *schema.Resource { +func dataSourceAwsOrganizationUnit() *schema.Resource { return &schema.Resource{ - Read: dataSourceAwsOrganizationRootRead, + Read: dataSourceAwsOrganizationUnitRead, Schema: map[string]*schema.Schema{ "arn": { Type: schema.TypeString, Computed: true, }, + "root": { + Type: schema.TypeBool, + Default: true, + Optional: true, + }, }, } } -func dataSourceAwsOrganizationRootRead(d *schema.ResourceData, meta interface{}) error { +func dataSourceAwsOrganizationUnitRead(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).organizationsconn input := &organizations.ListRootsInput{} diff --git a/aws/data_source_aws_organizations_unit_test.go b/aws/data_source_aws_organizations_unit_test.go new file mode 100644 index 000000000000..350e2b5b20b9 --- /dev/null +++ b/aws/data_source_aws_organizations_unit_test.go @@ -0,0 +1,66 @@ +package aws + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccDataSourceAwsOrganizationUnit_empty(t *testing.T) { + resourceName := "data.aws_organizations_unit.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAwsOrganizationUnitConfig_empty, + Check: resource.ComposeTestCheckFunc( + testAccDataSourceAwsOrganizationUnitCheck(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "arn"), + ), + }, + }, + }) +} + +func TestAccDataSourceAwsOrganizationUnit_rootTrue(t *testing.T) { + resourceName := "data.aws_organizations_unit.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAwsOrganizationUnitConfig_rootTrue, + Check: resource.ComposeTestCheckFunc( + testAccDataSourceAwsOrganizationUnitCheck(resourceName), + resource.TestCheckResourceAttrSet(resourceName, "arn"), + ), + }, + }, + }) +} + +func testAccDataSourceAwsOrganizationUnitCheck(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + _, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("root module has no resource called %s", name) + } + + return nil + } +} + +const testAccDataSourceAwsOrganizationUnitConfig_empty = ` +data "aws_organizations_unit" "test" {} +` + +const testAccDataSourceAwsOrganizationUnitConfig_rootTrue = ` +data "aws_organizations_unit" "test" { + root = true +} +` diff --git a/aws/provider.go b/aws/provider.go index b67a4a585924..804e8e2363de 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -243,7 +243,7 @@ func Provider() terraform.ResourceProvider { "aws_network_acls": dataSourceAwsNetworkAcls(), "aws_network_interface": dataSourceAwsNetworkInterface(), "aws_network_interfaces": dataSourceAwsNetworkInterfaces(), - "aws_organizations_root": dataSourceAwsOrganizationRoot(), + "aws_organizations_unit": dataSourceAwsOrganizationUnit(), "aws_partition": dataSourceAwsPartition(), "aws_prefix_list": dataSourceAwsPrefixList(), "aws_pricing_product": dataSourceAwsPricingProduct(), diff --git a/website/aws.erb b/website/aws.erb index 94d0dd79ff98..6e79e7c17774 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -299,8 +299,8 @@ > aws_network_interfaces - > - aws_organizations_root + > + aws_organizations_unit > aws_partition diff --git a/website/docs/d/organizations_root.html.markdown b/website/docs/d/organizations_root.html.markdown deleted file mode 100644 index 87937aad26a9..000000000000 --- a/website/docs/d/organizations_root.html.markdown +++ /dev/null @@ -1,30 +0,0 @@ ---- -layout: "aws" -page_title: "AWS: aws_organizations_root" -sidebar_current: "docs-aws-datasource-organizations-root" -description: |- - Provides details about the root organizational unit ---- - -# Data Source: aws_organizations_root - -`aws_organizations_root` provides details about the [root organizational unit](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#root). - -Will give an error if Organizations aren't enabled - see `aws_organizations_organization`. - -## Example Usage - -```hcl -data "aws_organizations_root" "root" {} -``` - -## Argument Reference - -None. - -## Attributes Reference - -The following attributes are exported: - -* `arn` - The ARN of the organizational unit -* `id` - The ID of the organizational unit (`r-...`) diff --git a/website/docs/d/organizations_unit.html.markdown b/website/docs/d/organizations_unit.html.markdown new file mode 100644 index 000000000000..b5aa3510d53b --- /dev/null +++ b/website/docs/d/organizations_unit.html.markdown @@ -0,0 +1,34 @@ +--- +layout: "aws" +page_title: "AWS: aws_organizations_unit" +sidebar_current: "docs-aws-datasource-organizations-unit" +description: |- + Provides details about an organizational unit +--- + +# Data Source: aws_organizations_unit + +`aws_organizations_unit` provides details about an [organizational unit](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_ous.html). + +~> **Note:** Only supports root organizational units at the moment. Also, must be retrieved from the organization's master account. + +Will give an error if Organizations aren't enabled - see `aws_organizations_organization`. + +## Example Usage + +```hcl +data "aws_organizations_unit" "root" { + root = true +} +``` + +## Argument Reference + +* `root` - (Optional) Boolean constraint on whether the desired organizational unit is the [root](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#root) for the organization. For now, this is always `true`. + +## Attributes Reference + +The following attributes are exported: + +* `arn` - The ARN of the organizational unit +* `id` - The ID of the organizational unit (`r-...`) From 20959bf9b8153b2dc36a12f8154917d8e42d7858 Mon Sep 17 00:00:00 2001 From: Aidan Feldman Date: Mon, 30 Apr 2018 21:05:23 -0500 Subject: [PATCH 03/10] update aws_organizations_policy_attachment example to use aws_organizations_unit data source --- .../docs/r/organizations_policy_attachment.html.markdown | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/website/docs/r/organizations_policy_attachment.html.markdown b/website/docs/r/organizations_policy_attachment.html.markdown index dfa15d496e48..067733eabe34 100644 --- a/website/docs/r/organizations_policy_attachment.html.markdown +++ b/website/docs/r/organizations_policy_attachment.html.markdown @@ -24,9 +24,13 @@ resource "aws_organizations_policy_attachment" "account" { ### Organization Root ```hcl +data "aws_organizations_unit" "root" { + root = true +} + resource "aws_organizations_policy_attachment" "root" { policy_id = "${aws_organizations_policy.example.id}" - target_id = "r-12345678" + target_id = "${data.aws_organizations_unit.root.id}" } ``` From 3edc42d5c905d5245626abd51c9b917bd78d998f Mon Sep 17 00:00:00 2001 From: Aidan Feldman Date: Sat, 14 Apr 2018 00:51:30 -0400 Subject: [PATCH 04/10] add an aws_organization_unit resource --- aws/provider.go | 1 + aws/resource_aws_organizations_test.go | 3 + aws/resource_aws_organizations_unit.go | 153 ++++++++++++++++++ aws/resource_aws_organizations_unit_test.go | 111 +++++++++++++ website/aws.erb | 3 + .../docs/r/organizations_unit.html.markdown | 47 ++++++ 6 files changed, 318 insertions(+) create mode 100644 aws/resource_aws_organizations_unit.go create mode 100644 aws/resource_aws_organizations_unit_test.go create mode 100644 website/docs/r/organizations_unit.html.markdown diff --git a/aws/provider.go b/aws/provider.go index 804e8e2363de..67ba2eca46ba 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -582,6 +582,7 @@ func Provider() terraform.ResourceProvider { "aws_organizations_account": resourceAwsOrganizationsAccount(), "aws_organizations_policy": resourceAwsOrganizationsPolicy(), "aws_organizations_policy_attachment": resourceAwsOrganizationsPolicyAttachment(), + "aws_organizations_unit": resourceAwsOrganizationsUnit(), "aws_placement_group": resourceAwsPlacementGroup(), "aws_proxy_protocol_policy": resourceAwsProxyProtocolPolicy(), "aws_rds_cluster": resourceAwsRDSCluster(), diff --git a/aws/resource_aws_organizations_test.go b/aws/resource_aws_organizations_test.go index a437b76bb992..aef4e12808f3 100644 --- a/aws/resource_aws_organizations_test.go +++ b/aws/resource_aws_organizations_test.go @@ -14,6 +14,9 @@ func TestAccAWSOrganizations(t *testing.T) { "Account": { "basic": testAccAwsOrganizationsAccount_basic, }, + "Unit": { + "basic": testAccAwsOrganizationsUnit_basic, + }, } for group, m := range testCases { diff --git a/aws/resource_aws_organizations_unit.go b/aws/resource_aws_organizations_unit.go new file mode 100644 index 000000000000..e95703c6f9cf --- /dev/null +++ b/aws/resource_aws_organizations_unit.go @@ -0,0 +1,153 @@ +package aws + +import ( + "fmt" + "log" + "regexp" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/organizations" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/validation" +) + +func resourceAwsOrganizationsUnit() *schema.Resource { + return &schema.Resource{ + Create: resourceAwsOrganizationsUnitCreate, + Read: resourceAwsOrganizationsUnitRead, + Delete: resourceAwsOrganizationsUnitDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "name": { + // TODO remove + ForceNew: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringLenBetween(1, 128), + }, + "parent_id": { + // TODO remove + ForceNew: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validation.StringMatch(regexp.MustCompile("^(r-[0-9a-z]{4,32})|(ou-[0-9a-z]{4,32}-[a-z0-9]{8,32})$"), "see https://docs.aws.amazon.com/organizations/latest/APIReference/API_CreateOrganizationalUnit.html#organizations-CreateOrganizationalUnit-request-ParentId"), + }, + }, + } +} + +func resourceAwsOrganizationsUnitCreate(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).organizationsconn + + // Create the organizational unit + createOpts := &organizations.CreateOrganizationalUnitInput{ + Name: aws.String(d.Get("name").(string)), + ParentId: aws.String(d.Get("parent_id").(string)), + } + + log.Printf("[DEBUG] Organizational Unit create config: %#v", createOpts) + + var err error + var resp *organizations.CreateOrganizationalUnitOutput + err = resource.Retry(4*time.Minute, func() *resource.RetryError { + resp, err = conn.CreateOrganizationalUnit(createOpts) + + if err != nil { + if isAWSErr(err, organizations.ErrCodeFinalizingOrganizationException, "") { + log.Printf("[DEBUG] Trying to create organizational unit again: %q", err.Error()) + return resource.RetryableError(err) + } + + return resource.NonRetryableError(err) + } + + return nil + }) + + if err != nil { + return fmt.Errorf("Error creating organizational unit: %s", err) + } + log.Printf("[DEBUG] Organizational Unit create response: %#v", resp) + + // Store the ID + ouId := resp.OrganizationalUnit.Id + d.SetId(*ouId) + + return resourceAwsOrganizationsUnitRead(d, meta) +} + +func resourceAwsOrganizationsUnitRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).organizationsconn + describeOpts := &organizations.DescribeOrganizationalUnitInput{ + OrganizationalUnitId: aws.String(d.Id()), + } + resp, err := conn.DescribeOrganizationalUnit(describeOpts) + if err != nil { + if isAWSErr(err, organizations.ErrCodeOrganizationalUnitNotFoundException, "") { + log.Printf("[WARN] Organizational Unit does not exist, removing from state: %s", d.Id()) + d.SetId("") + return nil + } + return err + } + + ou := resp.OrganizationalUnit + if ou == nil { + log.Printf("[WARN] Organizational Unit does not exist, removing from state: %s", d.Id()) + d.SetId("") + return nil + } + + parentId, err := resourceAwsOrganizationsUnitGetParentId(conn, d.Id()) + if err != nil { + log.Printf("[WARN] Unable to find parent organizational unit, removing from state: %s", d.Id()) + d.SetId("") + return nil + } + + d.Set("arn", ou.Arn) + d.Set("name", ou.Name) + d.Set("parent_id", parentId) + return nil +} + +func resourceAwsOrganizationsUnitDelete(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).organizationsconn + + input := &organizations.DeleteOrganizationalUnitInput{ + OrganizationalUnitId: aws.String(d.Id()), + } + log.Printf("[DEBUG] Removing AWS organizational unit from organization: %s", input) + _, err := conn.DeleteOrganizationalUnit(input) + if err != nil { + if isAWSErr(err, organizations.ErrCodeOrganizationalUnitNotFoundException, "") { + return nil + } + return err + } + return nil +} + +func resourceAwsOrganizationsUnitGetParentId(conn *organizations.Organizations, childId string) (string, error) { + input := &organizations.ListParentsInput{ + ChildId: aws.String(childId), + } + resp, err := conn.ListParents(input) + if err != nil { + return "", err + } + + // assume there is only a single parent + // https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListParents.html + parent := resp.Parents[0] + return aws.StringValue(parent.Id), nil +} diff --git a/aws/resource_aws_organizations_unit_test.go b/aws/resource_aws_organizations_unit_test.go new file mode 100644 index 000000000000..a8c67ddf2b21 --- /dev/null +++ b/aws/resource_aws_organizations_unit_test.go @@ -0,0 +1,111 @@ +package aws + +import ( + "fmt" + "testing" + + "github.com/aws/aws-sdk-go/service/organizations" + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func testAccAwsOrganizationsUnit_basic(t *testing.T) { + var unit organizations.OrganizationalUnit + + rInt := acctest.RandInt() + name := fmt.Sprintf("tf_outest_%d", rInt) + resourceName := "aws_organizations_unit.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsOrganizationsUnitDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsOrganizationsUnitConfig(name), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsOrganizationsUnitExists(resourceName, &unit), + resource.TestCheckResourceAttrSet(resourceName, "arn"), + resource.TestCheckResourceAttr(resourceName, "name", name), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccCheckAwsOrganizationsUnitDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*AWSClient).organizationsconn + + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_organizations_unit" { + continue + } + + params := &organizations.DescribeOrganizationalUnitInput{ + OrganizationalUnitId: &rs.Primary.ID, + } + + resp, err := conn.DescribeOrganizationalUnit(params) + + if err != nil { + if isAWSErr(err, organizations.ErrCodeOrganizationalUnitNotFoundException, "") { + return nil + } + return err + } + + if resp == nil && resp.OrganizationalUnit != nil { + return fmt.Errorf("Bad: Organizational Unit still exists: %q", rs.Primary.ID) + } + } + + return nil + +} + +func testAccCheckAwsOrganizationsUnitExists(n string, ou *organizations.OrganizationalUnit) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[n] + if !ok { + return fmt.Errorf("Not found: %s", n) + } + + conn := testAccProvider.Meta().(*AWSClient).organizationsconn + params := &organizations.DescribeOrganizationalUnitInput{ + OrganizationalUnitId: &rs.Primary.ID, + } + + resp, err := conn.DescribeOrganizationalUnit(params) + + if err != nil { + return err + } + + if resp == nil || resp.OrganizationalUnit == nil { + return fmt.Errorf("Organizational Unit %q does not exist", rs.Primary.ID) + } + + ou = resp.OrganizationalUnit + + return nil + } +} + +func testAccAwsOrganizationsUnitConfig(name string) string { + return fmt.Sprintf(` +data "aws_organizations_unit" "root" { + root = true +} + +resource "aws_organizations_unit" "test" { + parent_id = "${data.aws_organizations_unit.root.id}" + name = "%s" +} +`, name) +} diff --git a/website/aws.erb b/website/aws.erb index 6e79e7c17774..9245370d7019 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -1836,6 +1836,9 @@ > aws_organizations_policy_attachment + > + aws_organizations_unit + diff --git a/website/docs/r/organizations_unit.html.markdown b/website/docs/r/organizations_unit.html.markdown new file mode 100644 index 000000000000..53a3d647deeb --- /dev/null +++ b/website/docs/r/organizations_unit.html.markdown @@ -0,0 +1,47 @@ +--- +layout: "aws" +page_title: "AWS: aws_organizations_unit" +sidebar_current: "docs-aws-resource-organizations-unit" +description: |- + Provides a resource to create an organizational unit. +--- + +# aws_organizations_unit + +Provides a resource to create an organizational unit. + +## Example Usage: + +```hcl +data "aws_organizations_unit" "root" { + root = true +} + +resource "aws_organizations_unit" "tenants" { + parent_id = "${data.aws_organizations_unit.root.id}" + name = "tenants" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - The name for the organizational unit +* `parent_id` - ID of the parent organizational unit, which may be the root + +## Attributes Reference + +The following additional attributes are exported: + +* `arn` - ARN of the organization +* `id` - Identifier of the organization +* `parent_id` - ID of the parent organizational unit + +## Import + +The AWS organization can be imported by using the `id`, e.g. + +``` +$ terraform import aws_organizations_unit.my_unit ou-1234567 +``` From 80ea22dcc44e024755c0709db6499e8fd59854c5 Mon Sep 17 00:00:00 2001 From: Aidan Feldman Date: Wed, 18 Apr 2018 02:08:41 -0400 Subject: [PATCH 05/10] add support for changing the name of an aws_organizations_unit --- aws/resource_aws_organizations_test.go | 3 +- aws/resource_aws_organizations_unit.go | 24 ++++++++++++++-- aws/resource_aws_organizations_unit_test.go | 31 +++++++++++++++++++++ 3 files changed, 54 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_organizations_test.go b/aws/resource_aws_organizations_test.go index aef4e12808f3..de20a1b3b16a 100644 --- a/aws/resource_aws_organizations_test.go +++ b/aws/resource_aws_organizations_test.go @@ -15,7 +15,8 @@ func TestAccAWSOrganizations(t *testing.T) { "basic": testAccAwsOrganizationsAccount_basic, }, "Unit": { - "basic": testAccAwsOrganizationsUnit_basic, + "basic": testAccAwsOrganizationsUnit_basic, + "update": testAccAwsOrganizationsUnitUpdate, }, } diff --git a/aws/resource_aws_organizations_unit.go b/aws/resource_aws_organizations_unit.go index e95703c6f9cf..51f33c1e30e0 100644 --- a/aws/resource_aws_organizations_unit.go +++ b/aws/resource_aws_organizations_unit.go @@ -17,6 +17,7 @@ func resourceAwsOrganizationsUnit() *schema.Resource { return &schema.Resource{ Create: resourceAwsOrganizationsUnitCreate, Read: resourceAwsOrganizationsUnitRead, + Update: resourceAwsOrganizationsUnitUpdate, Delete: resourceAwsOrganizationsUnitDelete, Importer: &schema.ResourceImporter{ State: schema.ImportStatePassthrough, @@ -28,14 +29,11 @@ func resourceAwsOrganizationsUnit() *schema.Resource { Computed: true, }, "name": { - // TODO remove - ForceNew: true, Type: schema.TypeString, Required: true, ValidateFunc: validation.StringLenBetween(1, 128), }, "parent_id": { - // TODO remove ForceNew: true, Type: schema.TypeString, Required: true, @@ -120,6 +118,26 @@ func resourceAwsOrganizationsUnitRead(d *schema.ResourceData, meta interface{}) return nil } +func resourceAwsOrganizationsUnitUpdate(d *schema.ResourceData, meta interface{}) error { + if d.HasChange("name") { + conn := meta.(*AWSClient).organizationsconn + + updateOpts := &organizations.UpdateOrganizationalUnitInput{ + Name: aws.String(d.Get("name").(string)), + OrganizationalUnitId: aws.String(d.Id()), + } + + log.Printf("[DEBUG] Organizational Unit update config: %#v", updateOpts) + resp, err := conn.UpdateOrganizationalUnit(updateOpts) + if err != nil { + return fmt.Errorf("Error creating organizational unit: %s", err) + } + log.Printf("[DEBUG] Organizational Unit update response: %#v", resp) + } + + return nil +} + func resourceAwsOrganizationsUnitDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).organizationsconn diff --git a/aws/resource_aws_organizations_unit_test.go b/aws/resource_aws_organizations_unit_test.go index a8c67ddf2b21..0984aeb28459 100644 --- a/aws/resource_aws_organizations_unit_test.go +++ b/aws/resource_aws_organizations_unit_test.go @@ -39,6 +39,37 @@ func testAccAwsOrganizationsUnit_basic(t *testing.T) { }) } +func testAccAwsOrganizationsUnitUpdate(t *testing.T) { + var unit organizations.OrganizationalUnit + + rInt := acctest.RandInt() + name1 := fmt.Sprintf("tf_outest_%d", rInt) + name2 := fmt.Sprintf("tf_outest_%d", rInt+1) + resourceName := "aws_organizations_unit.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsOrganizationsUnitDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsOrganizationsUnitConfig(name1), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsOrganizationsUnitExists(resourceName, &unit), + resource.TestCheckResourceAttr(resourceName, "name", name1), + ), + }, + { + Config: testAccAwsOrganizationsUnitConfig(name2), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsOrganizationsUnitExists(resourceName, &unit), + resource.TestCheckResourceAttr(resourceName, "name", name2), + ), + }, + }, + }) +} + func testAccCheckAwsOrganizationsUnitDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).organizationsconn From 9e468dc5186757c092332f787333ef3f70d8480b Mon Sep 17 00:00:00 2001 From: Aidan Feldman Date: Wed, 18 Apr 2018 02:45:03 -0400 Subject: [PATCH 06/10] add import test for aws_organizations_unit --- aws/import_aws_organizations_unit_test.go | 28 +++++++++++++++++++++++ aws/resource_aws_organizations_test.go | 5 ++-- 2 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 aws/import_aws_organizations_unit_test.go diff --git a/aws/import_aws_organizations_unit_test.go b/aws/import_aws_organizations_unit_test.go new file mode 100644 index 000000000000..c4616fbabcb9 --- /dev/null +++ b/aws/import_aws_organizations_unit_test.go @@ -0,0 +1,28 @@ +package aws + +import ( + "testing" + + "github.com/hashicorp/terraform/helper/resource" +) + +func testAccAwsOrganizationsUnit_importBasic(t *testing.T) { + resourceName := "aws_organizations_unit.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsOrganizationsUnitDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsOrganizationsUnitConfig("foo"), + }, + + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} diff --git a/aws/resource_aws_organizations_test.go b/aws/resource_aws_organizations_test.go index de20a1b3b16a..9ecbcf70ad98 100644 --- a/aws/resource_aws_organizations_test.go +++ b/aws/resource_aws_organizations_test.go @@ -15,8 +15,9 @@ func TestAccAWSOrganizations(t *testing.T) { "basic": testAccAwsOrganizationsAccount_basic, }, "Unit": { - "basic": testAccAwsOrganizationsUnit_basic, - "update": testAccAwsOrganizationsUnitUpdate, + "basic": testAccAwsOrganizationsUnit_basic, + "importBasic": testAccAwsOrganizationsUnit_importBasic, + "update": testAccAwsOrganizationsUnitUpdate, }, } From 68165cd811e4dde5ef2d5a91e3c5cdea3794e6ac Mon Sep 17 00:00:00 2001 From: Bryan Alexander Date: Tue, 7 May 2019 22:18:12 -0500 Subject: [PATCH 07/10] removes data source dependency for aws_organizations_unit resource --- aws/data_source_aws_organizations_unit.go | 47 - ...data_source_aws_organizations_unit_test.go | 66 - aws/import_aws_organizations_unit_test.go | 28 - aws/provider.go | 1388 +++++------ aws/resource_aws_organizations_unit_test.go | 47 +- website/aws.erb | 2137 +++++++++-------- .../r/organizations_account.html.markdown | 2 +- 7 files changed, 1859 insertions(+), 1856 deletions(-) delete mode 100644 aws/data_source_aws_organizations_unit.go delete mode 100644 aws/data_source_aws_organizations_unit_test.go delete mode 100644 aws/import_aws_organizations_unit_test.go diff --git a/aws/data_source_aws_organizations_unit.go b/aws/data_source_aws_organizations_unit.go deleted file mode 100644 index 17bf509d12b2..000000000000 --- a/aws/data_source_aws_organizations_unit.go +++ /dev/null @@ -1,47 +0,0 @@ -package aws - -import ( - "errors" - - "github.com/aws/aws-sdk-go/service/organizations" - "github.com/hashicorp/terraform/helper/schema" -) - -func dataSourceAwsOrganizationUnit() *schema.Resource { - return &schema.Resource{ - Read: dataSourceAwsOrganizationUnitRead, - - Schema: map[string]*schema.Schema{ - "arn": { - Type: schema.TypeString, - Computed: true, - }, - "root": { - Type: schema.TypeBool, - Default: true, - Optional: true, - }, - }, - } -} - -func dataSourceAwsOrganizationUnitRead(d *schema.ResourceData, meta interface{}) error { - conn := meta.(*AWSClient).organizationsconn - - input := &organizations.ListRootsInput{} - result, err := conn.ListRoots(input) - if err != nil { - return err - } - - // there should be exactly one, per https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#root - root := result.Roots[0] - if root == nil { - return errors.New("Root organizational unit not found") - } - - d.SetId(*root.Id) - d.Set("arn", root.Arn) - - return nil -} diff --git a/aws/data_source_aws_organizations_unit_test.go b/aws/data_source_aws_organizations_unit_test.go deleted file mode 100644 index 350e2b5b20b9..000000000000 --- a/aws/data_source_aws_organizations_unit_test.go +++ /dev/null @@ -1,66 +0,0 @@ -package aws - -import ( - "fmt" - "testing" - - "github.com/hashicorp/terraform/helper/resource" - "github.com/hashicorp/terraform/terraform" -) - -func TestAccDataSourceAwsOrganizationUnit_empty(t *testing.T) { - resourceName := "data.aws_organizations_unit.test" - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - Steps: []resource.TestStep{ - { - Config: testAccDataSourceAwsOrganizationUnitConfig_empty, - Check: resource.ComposeTestCheckFunc( - testAccDataSourceAwsOrganizationUnitCheck(resourceName), - resource.TestCheckResourceAttrSet(resourceName, "arn"), - ), - }, - }, - }) -} - -func TestAccDataSourceAwsOrganizationUnit_rootTrue(t *testing.T) { - resourceName := "data.aws_organizations_unit.test" - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - Steps: []resource.TestStep{ - { - Config: testAccDataSourceAwsOrganizationUnitConfig_rootTrue, - Check: resource.ComposeTestCheckFunc( - testAccDataSourceAwsOrganizationUnitCheck(resourceName), - resource.TestCheckResourceAttrSet(resourceName, "arn"), - ), - }, - }, - }) -} - -func testAccDataSourceAwsOrganizationUnitCheck(name string) resource.TestCheckFunc { - return func(s *terraform.State) error { - _, ok := s.RootModule().Resources[name] - if !ok { - return fmt.Errorf("root module has no resource called %s", name) - } - - return nil - } -} - -const testAccDataSourceAwsOrganizationUnitConfig_empty = ` -data "aws_organizations_unit" "test" {} -` - -const testAccDataSourceAwsOrganizationUnitConfig_rootTrue = ` -data "aws_organizations_unit" "test" { - root = true -} -` diff --git a/aws/import_aws_organizations_unit_test.go b/aws/import_aws_organizations_unit_test.go deleted file mode 100644 index c4616fbabcb9..000000000000 --- a/aws/import_aws_organizations_unit_test.go +++ /dev/null @@ -1,28 +0,0 @@ -package aws - -import ( - "testing" - - "github.com/hashicorp/terraform/helper/resource" -) - -func testAccAwsOrganizationsUnit_importBasic(t *testing.T) { - resourceName := "aws_organizations_unit.test" - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccCheckAwsOrganizationsUnitDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAwsOrganizationsUnitConfig("foo"), - }, - - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - }, - }, - }) -} diff --git a/aws/provider.go b/aws/provider.go index 67ba2eca46ba..728a308164aa 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -1,11 +1,8 @@ package aws import ( - "bytes" - "fmt" "log" - "github.com/hashicorp/terraform/helper/hashcode" "github.com/hashicorp/terraform/helper/mutexkv" "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/terraform" @@ -91,22 +88,6 @@ func Provider() terraform.ResourceProvider { Set: schema.HashString, }, - "dynamodb_endpoint": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["dynamodb_endpoint"], - Removed: "Use `dynamodb` inside `endpoints` block instead", - }, - - "kinesis_endpoint": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["kinesis_endpoint"], - Removed: "Use `kinesis` inside `endpoints` block instead", - }, - "endpoints": endpointsSchema(), "insecure": { @@ -185,6 +166,7 @@ func Provider() terraform.ResourceProvider { "aws_cloudwatch_log_group": dataSourceAwsCloudwatchLogGroup(), "aws_cognito_user_pools": dataSourceAwsCognitoUserPools(), "aws_codecommit_repository": dataSourceAwsCodeCommitRepository(), + "aws_cur_report_definition": dataSourceAwsCurReportDefinition(), "aws_db_cluster_snapshot": dataSourceAwsDbClusterSnapshot(), "aws_db_event_categories": dataSourceAwsDbEventCategories(), "aws_db_instance": dataSourceAwsDbInstance(), @@ -197,6 +179,7 @@ func Provider() terraform.ResourceProvider { "aws_ec2_transit_gateway": dataSourceAwsEc2TransitGateway(), "aws_ec2_transit_gateway_route_table": dataSourceAwsEc2TransitGatewayRouteTable(), "aws_ec2_transit_gateway_vpc_attachment": dataSourceAwsEc2TransitGatewayVpcAttachment(), + "aws_ec2_transit_gateway_vpn_attachment": dataSourceAwsEc2TransitGatewayVpnAttachment(), "aws_ecr_repository": dataSourceAwsEcrRepository(), "aws_ecs_cluster": dataSourceAwsEcsCluster(), "aws_ecs_container_definition": dataSourceAwsEcsContainerDefinition(), @@ -206,6 +189,8 @@ func Provider() terraform.ResourceProvider { "aws_efs_mount_target": dataSourceAwsEfsMountTarget(), "aws_eip": dataSourceAwsEip(), "aws_eks_cluster": dataSourceAwsEksCluster(), + "aws_eks_cluster_auth": dataSourceAwsEksClusterAuth(), + "aws_elastic_beanstalk_application": dataSourceAwsElasticBeanstalkApplication(), "aws_elastic_beanstalk_hosted_zone": dataSourceAwsElasticBeanstalkHostedZone(), "aws_elastic_beanstalk_solution_stack": dataSourceAwsElasticBeanstalkSolutionStack(), "aws_elasticache_cluster": dataSourceAwsElastiCacheCluster(), @@ -243,7 +228,6 @@ func Provider() terraform.ResourceProvider { "aws_network_acls": dataSourceAwsNetworkAcls(), "aws_network_interface": dataSourceAwsNetworkInterface(), "aws_network_interfaces": dataSourceAwsNetworkInterfaces(), - "aws_organizations_unit": dataSourceAwsOrganizationUnit(), "aws_partition": dataSourceAwsPartition(), "aws_prefix_list": dataSourceAwsPrefixList(), "aws_pricing_product": dataSourceAwsPricingProduct(), @@ -267,6 +251,7 @@ func Provider() terraform.ResourceProvider { "aws_storagegateway_local_disk": dataSourceAwsStorageGatewayLocalDisk(), "aws_subnet": dataSourceAwsSubnet(), "aws_subnet_ids": dataSourceAwsSubnetIDs(), + "aws_transfer_server": dataSourceAwsTransferServer(), "aws_vpcs": dataSourceAwsVpcs(), "aws_security_group": dataSourceAwsSecurityGroup(), "aws_security_groups": dataSourceAwsSecurityGroups(), @@ -288,455 +273,494 @@ func Provider() terraform.ResourceProvider { }, ResourcesMap: map[string]*schema.Resource{ - "aws_acm_certificate": resourceAwsAcmCertificate(), - "aws_acm_certificate_validation": resourceAwsAcmCertificateValidation(), - "aws_acmpca_certificate_authority": resourceAwsAcmpcaCertificateAuthority(), - "aws_ami": resourceAwsAmi(), - "aws_ami_copy": resourceAwsAmiCopy(), - "aws_ami_from_instance": resourceAwsAmiFromInstance(), - "aws_ami_launch_permission": resourceAwsAmiLaunchPermission(), - "aws_api_gateway_account": resourceAwsApiGatewayAccount(), - "aws_api_gateway_api_key": resourceAwsApiGatewayApiKey(), - "aws_api_gateway_authorizer": resourceAwsApiGatewayAuthorizer(), - "aws_api_gateway_base_path_mapping": resourceAwsApiGatewayBasePathMapping(), - "aws_api_gateway_client_certificate": resourceAwsApiGatewayClientCertificate(), - "aws_api_gateway_deployment": resourceAwsApiGatewayDeployment(), - "aws_api_gateway_documentation_part": resourceAwsApiGatewayDocumentationPart(), - "aws_api_gateway_documentation_version": resourceAwsApiGatewayDocumentationVersion(), - "aws_api_gateway_domain_name": resourceAwsApiGatewayDomainName(), - "aws_api_gateway_gateway_response": resourceAwsApiGatewayGatewayResponse(), - "aws_api_gateway_integration": resourceAwsApiGatewayIntegration(), - "aws_api_gateway_integration_response": resourceAwsApiGatewayIntegrationResponse(), - "aws_api_gateway_method": resourceAwsApiGatewayMethod(), - "aws_api_gateway_method_response": resourceAwsApiGatewayMethodResponse(), - "aws_api_gateway_method_settings": resourceAwsApiGatewayMethodSettings(), - "aws_api_gateway_model": resourceAwsApiGatewayModel(), - "aws_api_gateway_request_validator": resourceAwsApiGatewayRequestValidator(), - "aws_api_gateway_resource": resourceAwsApiGatewayResource(), - "aws_api_gateway_rest_api": resourceAwsApiGatewayRestApi(), - "aws_api_gateway_stage": resourceAwsApiGatewayStage(), - "aws_api_gateway_usage_plan": resourceAwsApiGatewayUsagePlan(), - "aws_api_gateway_usage_plan_key": resourceAwsApiGatewayUsagePlanKey(), - "aws_api_gateway_vpc_link": resourceAwsApiGatewayVpcLink(), - "aws_app_cookie_stickiness_policy": resourceAwsAppCookieStickinessPolicy(), - "aws_appautoscaling_target": resourceAwsAppautoscalingTarget(), - "aws_appautoscaling_policy": resourceAwsAppautoscalingPolicy(), - "aws_appautoscaling_scheduled_action": resourceAwsAppautoscalingScheduledAction(), - "aws_appmesh_mesh": resourceAwsAppmeshMesh(), - "aws_appmesh_route": resourceAwsAppmeshRoute(), - "aws_appmesh_virtual_node": resourceAwsAppmeshVirtualNode(), - "aws_appmesh_virtual_router": resourceAwsAppmeshVirtualRouter(), - "aws_appsync_api_key": resourceAwsAppsyncApiKey(), - "aws_appsync_datasource": resourceAwsAppsyncDatasource(), - "aws_appsync_graphql_api": resourceAwsAppsyncGraphqlApi(), - "aws_athena_database": resourceAwsAthenaDatabase(), - "aws_athena_named_query": resourceAwsAthenaNamedQuery(), - "aws_autoscaling_attachment": resourceAwsAutoscalingAttachment(), - "aws_autoscaling_group": resourceAwsAutoscalingGroup(), - "aws_autoscaling_lifecycle_hook": resourceAwsAutoscalingLifecycleHook(), - "aws_autoscaling_notification": resourceAwsAutoscalingNotification(), - "aws_autoscaling_policy": resourceAwsAutoscalingPolicy(), - "aws_autoscaling_schedule": resourceAwsAutoscalingSchedule(), - "aws_budgets_budget": resourceAwsBudgetsBudget(), - "aws_cloud9_environment_ec2": resourceAwsCloud9EnvironmentEc2(), - "aws_cloudformation_stack": resourceAwsCloudFormationStack(), - "aws_cloudfront_distribution": resourceAwsCloudFrontDistribution(), - "aws_cloudfront_origin_access_identity": resourceAwsCloudFrontOriginAccessIdentity(), - "aws_cloudfront_public_key": resourceAwsCloudFrontPublicKey(), - "aws_cloudtrail": resourceAwsCloudTrail(), - "aws_cloudwatch_event_permission": resourceAwsCloudWatchEventPermission(), - "aws_cloudwatch_event_rule": resourceAwsCloudWatchEventRule(), - "aws_cloudwatch_event_target": resourceAwsCloudWatchEventTarget(), - "aws_cloudwatch_log_destination": resourceAwsCloudWatchLogDestination(), - "aws_cloudwatch_log_destination_policy": resourceAwsCloudWatchLogDestinationPolicy(), - "aws_cloudwatch_log_group": resourceAwsCloudWatchLogGroup(), - "aws_cloudwatch_log_metric_filter": resourceAwsCloudWatchLogMetricFilter(), - "aws_cloudwatch_log_resource_policy": resourceAwsCloudWatchLogResourcePolicy(), - "aws_cloudwatch_log_stream": resourceAwsCloudWatchLogStream(), - "aws_cloudwatch_log_subscription_filter": resourceAwsCloudwatchLogSubscriptionFilter(), - "aws_config_aggregate_authorization": resourceAwsConfigAggregateAuthorization(), - "aws_config_config_rule": resourceAwsConfigConfigRule(), - "aws_config_configuration_aggregator": resourceAwsConfigConfigurationAggregator(), - "aws_config_configuration_recorder": resourceAwsConfigConfigurationRecorder(), - "aws_config_configuration_recorder_status": resourceAwsConfigConfigurationRecorderStatus(), - "aws_config_delivery_channel": resourceAwsConfigDeliveryChannel(), - "aws_cognito_identity_pool": resourceAwsCognitoIdentityPool(), - "aws_cognito_identity_pool_roles_attachment": resourceAwsCognitoIdentityPoolRolesAttachment(), - "aws_cognito_identity_provider": resourceAwsCognitoIdentityProvider(), - "aws_cognito_user_group": resourceAwsCognitoUserGroup(), - "aws_cognito_user_pool": resourceAwsCognitoUserPool(), - "aws_cognito_user_pool_client": resourceAwsCognitoUserPoolClient(), - "aws_cognito_user_pool_domain": resourceAwsCognitoUserPoolDomain(), - "aws_cloudhsm_v2_cluster": resourceAwsCloudHsm2Cluster(), - "aws_cloudhsm_v2_hsm": resourceAwsCloudHsm2Hsm(), - "aws_cognito_resource_server": resourceAwsCognitoResourceServer(), - "aws_cloudwatch_metric_alarm": resourceAwsCloudWatchMetricAlarm(), - "aws_cloudwatch_dashboard": resourceAwsCloudWatchDashboard(), - "aws_codedeploy_app": resourceAwsCodeDeployApp(), - "aws_codedeploy_deployment_config": resourceAwsCodeDeployDeploymentConfig(), - "aws_codedeploy_deployment_group": resourceAwsCodeDeployDeploymentGroup(), - "aws_codecommit_repository": resourceAwsCodeCommitRepository(), - "aws_codecommit_trigger": resourceAwsCodeCommitTrigger(), - "aws_codebuild_project": resourceAwsCodeBuildProject(), - "aws_codebuild_webhook": resourceAwsCodeBuildWebhook(), - "aws_codepipeline": resourceAwsCodePipeline(), - "aws_codepipeline_webhook": resourceAwsCodePipelineWebhook(), - "aws_customer_gateway": resourceAwsCustomerGateway(), - "aws_datasync_agent": resourceAwsDataSyncAgent(), - "aws_datasync_location_efs": resourceAwsDataSyncLocationEfs(), - "aws_datasync_location_nfs": resourceAwsDataSyncLocationNfs(), - "aws_datasync_location_s3": resourceAwsDataSyncLocationS3(), - "aws_datasync_task": resourceAwsDataSyncTask(), - "aws_dax_cluster": resourceAwsDaxCluster(), - "aws_dax_parameter_group": resourceAwsDaxParameterGroup(), - "aws_dax_subnet_group": resourceAwsDaxSubnetGroup(), - "aws_db_cluster_snapshot": resourceAwsDbClusterSnapshot(), - "aws_db_event_subscription": resourceAwsDbEventSubscription(), - "aws_db_instance": resourceAwsDbInstance(), - "aws_db_option_group": resourceAwsDbOptionGroup(), - "aws_db_parameter_group": resourceAwsDbParameterGroup(), - "aws_db_security_group": resourceAwsDbSecurityGroup(), - "aws_db_snapshot": resourceAwsDbSnapshot(), - "aws_db_subnet_group": resourceAwsDbSubnetGroup(), - "aws_devicefarm_project": resourceAwsDevicefarmProject(), - "aws_directory_service_directory": resourceAwsDirectoryServiceDirectory(), - "aws_directory_service_conditional_forwarder": resourceAwsDirectoryServiceConditionalForwarder(), - "aws_dlm_lifecycle_policy": resourceAwsDlmLifecyclePolicy(), - "aws_dms_certificate": resourceAwsDmsCertificate(), - "aws_dms_endpoint": resourceAwsDmsEndpoint(), - "aws_dms_replication_instance": resourceAwsDmsReplicationInstance(), - "aws_dms_replication_subnet_group": resourceAwsDmsReplicationSubnetGroup(), - "aws_dms_replication_task": resourceAwsDmsReplicationTask(), - "aws_dx_bgp_peer": resourceAwsDxBgpPeer(), - "aws_dx_connection": resourceAwsDxConnection(), - "aws_dx_connection_association": resourceAwsDxConnectionAssociation(), - "aws_dx_gateway": resourceAwsDxGateway(), - "aws_dx_gateway_association": resourceAwsDxGatewayAssociation(), - "aws_dx_hosted_private_virtual_interface": resourceAwsDxHostedPrivateVirtualInterface(), - "aws_dx_hosted_private_virtual_interface_accepter": resourceAwsDxHostedPrivateVirtualInterfaceAccepter(), - "aws_dx_hosted_public_virtual_interface": resourceAwsDxHostedPublicVirtualInterface(), - "aws_dx_hosted_public_virtual_interface_accepter": resourceAwsDxHostedPublicVirtualInterfaceAccepter(), - "aws_dx_lag": resourceAwsDxLag(), - "aws_dx_private_virtual_interface": resourceAwsDxPrivateVirtualInterface(), - "aws_dx_public_virtual_interface": resourceAwsDxPublicVirtualInterface(), - "aws_dynamodb_table": resourceAwsDynamoDbTable(), - "aws_dynamodb_table_item": resourceAwsDynamoDbTableItem(), - "aws_dynamodb_global_table": resourceAwsDynamoDbGlobalTable(), - "aws_ebs_snapshot": resourceAwsEbsSnapshot(), - "aws_ebs_snapshot_copy": resourceAwsEbsSnapshotCopy(), - "aws_ebs_volume": resourceAwsEbsVolume(), - "aws_ec2_capacity_reservation": resourceAwsEc2CapacityReservation(), - "aws_ec2_fleet": resourceAwsEc2Fleet(), - "aws_ec2_transit_gateway": resourceAwsEc2TransitGateway(), - "aws_ec2_transit_gateway_route": resourceAwsEc2TransitGatewayRoute(), - "aws_ec2_transit_gateway_route_table": resourceAwsEc2TransitGatewayRouteTable(), - "aws_ec2_transit_gateway_route_table_association": resourceAwsEc2TransitGatewayRouteTableAssociation(), - "aws_ec2_transit_gateway_route_table_propagation": resourceAwsEc2TransitGatewayRouteTablePropagation(), - "aws_ec2_transit_gateway_vpc_attachment": resourceAwsEc2TransitGatewayVpcAttachment(), - "aws_ecr_lifecycle_policy": resourceAwsEcrLifecyclePolicy(), - "aws_ecr_repository": resourceAwsEcrRepository(), - "aws_ecr_repository_policy": resourceAwsEcrRepositoryPolicy(), - "aws_ecs_cluster": resourceAwsEcsCluster(), - "aws_ecs_service": resourceAwsEcsService(), - "aws_ecs_task_definition": resourceAwsEcsTaskDefinition(), - "aws_efs_file_system": resourceAwsEfsFileSystem(), - "aws_efs_mount_target": resourceAwsEfsMountTarget(), - "aws_egress_only_internet_gateway": resourceAwsEgressOnlyInternetGateway(), - "aws_eip": resourceAwsEip(), - "aws_eip_association": resourceAwsEipAssociation(), - "aws_eks_cluster": resourceAwsEksCluster(), - "aws_elasticache_cluster": resourceAwsElasticacheCluster(), - "aws_elasticache_parameter_group": resourceAwsElasticacheParameterGroup(), - "aws_elasticache_replication_group": resourceAwsElasticacheReplicationGroup(), - "aws_elasticache_security_group": resourceAwsElasticacheSecurityGroup(), - "aws_elasticache_subnet_group": resourceAwsElasticacheSubnetGroup(), - "aws_elastic_beanstalk_application": resourceAwsElasticBeanstalkApplication(), - "aws_elastic_beanstalk_application_version": resourceAwsElasticBeanstalkApplicationVersion(), - "aws_elastic_beanstalk_configuration_template": resourceAwsElasticBeanstalkConfigurationTemplate(), - "aws_elastic_beanstalk_environment": resourceAwsElasticBeanstalkEnvironment(), - "aws_elasticsearch_domain": resourceAwsElasticSearchDomain(), - "aws_elasticsearch_domain_policy": resourceAwsElasticSearchDomainPolicy(), - "aws_elastictranscoder_pipeline": resourceAwsElasticTranscoderPipeline(), - "aws_elastictranscoder_preset": resourceAwsElasticTranscoderPreset(), - "aws_elb": resourceAwsElb(), - "aws_elb_attachment": resourceAwsElbAttachment(), - "aws_emr_cluster": resourceAwsEMRCluster(), - "aws_emr_instance_group": resourceAwsEMRInstanceGroup(), - "aws_emr_security_configuration": resourceAwsEMRSecurityConfiguration(), - "aws_flow_log": resourceAwsFlowLog(), - "aws_gamelift_alias": resourceAwsGameliftAlias(), - "aws_gamelift_build": resourceAwsGameliftBuild(), - "aws_gamelift_fleet": resourceAwsGameliftFleet(), - "aws_gamelift_game_session_queue": resourceAwsGameliftGameSessionQueue(), - "aws_glacier_vault": resourceAwsGlacierVault(), - "aws_glacier_vault_lock": resourceAwsGlacierVaultLock(), - "aws_glue_catalog_database": resourceAwsGlueCatalogDatabase(), - "aws_glue_catalog_table": resourceAwsGlueCatalogTable(), - "aws_glue_classifier": resourceAwsGlueClassifier(), - "aws_glue_connection": resourceAwsGlueConnection(), - "aws_glue_crawler": resourceAwsGlueCrawler(), - "aws_glue_job": resourceAwsGlueJob(), - "aws_glue_security_configuration": resourceAwsGlueSecurityConfiguration(), - "aws_glue_trigger": resourceAwsGlueTrigger(), - "aws_guardduty_detector": resourceAwsGuardDutyDetector(), - "aws_guardduty_ipset": resourceAwsGuardDutyIpset(), - "aws_guardduty_member": resourceAwsGuardDutyMember(), - "aws_guardduty_threatintelset": resourceAwsGuardDutyThreatintelset(), - "aws_iam_access_key": resourceAwsIamAccessKey(), - "aws_iam_account_alias": resourceAwsIamAccountAlias(), - "aws_iam_account_password_policy": resourceAwsIamAccountPasswordPolicy(), - "aws_iam_group_policy": resourceAwsIamGroupPolicy(), - "aws_iam_group": resourceAwsIamGroup(), - "aws_iam_group_membership": resourceAwsIamGroupMembership(), - "aws_iam_group_policy_attachment": resourceAwsIamGroupPolicyAttachment(), - "aws_iam_instance_profile": resourceAwsIamInstanceProfile(), - "aws_iam_openid_connect_provider": resourceAwsIamOpenIDConnectProvider(), - "aws_iam_policy": resourceAwsIamPolicy(), - "aws_iam_policy_attachment": resourceAwsIamPolicyAttachment(), - "aws_iam_role_policy_attachment": resourceAwsIamRolePolicyAttachment(), - "aws_iam_role_policy": resourceAwsIamRolePolicy(), - "aws_iam_role": resourceAwsIamRole(), - "aws_iam_saml_provider": resourceAwsIamSamlProvider(), - "aws_iam_server_certificate": resourceAwsIAMServerCertificate(), - "aws_iam_service_linked_role": resourceAwsIamServiceLinkedRole(), - "aws_iam_user_group_membership": resourceAwsIamUserGroupMembership(), - "aws_iam_user_policy_attachment": resourceAwsIamUserPolicyAttachment(), - "aws_iam_user_policy": resourceAwsIamUserPolicy(), - "aws_iam_user_ssh_key": resourceAwsIamUserSshKey(), - "aws_iam_user": resourceAwsIamUser(), - "aws_iam_user_login_profile": resourceAwsIamUserLoginProfile(), - "aws_inspector_assessment_target": resourceAWSInspectorAssessmentTarget(), - "aws_inspector_assessment_template": resourceAWSInspectorAssessmentTemplate(), - "aws_inspector_resource_group": resourceAWSInspectorResourceGroup(), - "aws_instance": resourceAwsInstance(), - "aws_internet_gateway": resourceAwsInternetGateway(), - "aws_iot_certificate": resourceAwsIotCertificate(), - "aws_iot_policy": resourceAwsIotPolicy(), - "aws_iot_policy_attachment": resourceAwsIotPolicyAttachment(), - "aws_iot_thing": resourceAwsIotThing(), - "aws_iot_thing_principal_attachment": resourceAwsIotThingPrincipalAttachment(), - "aws_iot_thing_type": resourceAwsIotThingType(), - "aws_iot_topic_rule": resourceAwsIotTopicRule(), - "aws_key_pair": resourceAwsKeyPair(), - "aws_kinesis_firehose_delivery_stream": resourceAwsKinesisFirehoseDeliveryStream(), - "aws_kinesis_stream": resourceAwsKinesisStream(), - "aws_kinesis_analytics_application": resourceAwsKinesisAnalyticsApplication(), - "aws_kms_alias": resourceAwsKmsAlias(), - "aws_kms_grant": resourceAwsKmsGrant(), - "aws_kms_key": resourceAwsKmsKey(), - "aws_lambda_function": resourceAwsLambdaFunction(), - "aws_lambda_event_source_mapping": resourceAwsLambdaEventSourceMapping(), - "aws_lambda_alias": resourceAwsLambdaAlias(), - "aws_lambda_permission": resourceAwsLambdaPermission(), - "aws_launch_configuration": resourceAwsLaunchConfiguration(), - "aws_launch_template": resourceAwsLaunchTemplate(), - "aws_licensemanager_association": resourceAwsLicenseManagerAssociation(), - "aws_licensemanager_license_configuration": resourceAwsLicenseManagerLicenseConfiguration(), - "aws_lightsail_domain": resourceAwsLightsailDomain(), - "aws_lightsail_instance": resourceAwsLightsailInstance(), - "aws_lightsail_key_pair": resourceAwsLightsailKeyPair(), - "aws_lightsail_static_ip": resourceAwsLightsailStaticIp(), - "aws_lightsail_static_ip_attachment": resourceAwsLightsailStaticIpAttachment(), - "aws_lb_cookie_stickiness_policy": resourceAwsLBCookieStickinessPolicy(), - "aws_load_balancer_policy": resourceAwsLoadBalancerPolicy(), - "aws_load_balancer_backend_server_policy": resourceAwsLoadBalancerBackendServerPolicies(), - "aws_load_balancer_listener_policy": resourceAwsLoadBalancerListenerPolicies(), - "aws_lb_ssl_negotiation_policy": resourceAwsLBSSLNegotiationPolicy(), - "aws_macie_member_account_association": resourceAwsMacieMemberAccountAssociation(), - "aws_macie_s3_bucket_association": resourceAwsMacieS3BucketAssociation(), - "aws_main_route_table_association": resourceAwsMainRouteTableAssociation(), - "aws_mq_broker": resourceAwsMqBroker(), - "aws_mq_configuration": resourceAwsMqConfiguration(), - "aws_media_store_container": resourceAwsMediaStoreContainer(), - "aws_media_store_container_policy": resourceAwsMediaStoreContainerPolicy(), - "aws_nat_gateway": resourceAwsNatGateway(), - "aws_network_acl": resourceAwsNetworkAcl(), - "aws_default_network_acl": resourceAwsDefaultNetworkAcl(), - "aws_neptune_cluster": resourceAwsNeptuneCluster(), - "aws_neptune_cluster_instance": resourceAwsNeptuneClusterInstance(), - "aws_neptune_cluster_parameter_group": resourceAwsNeptuneClusterParameterGroup(), - "aws_neptune_cluster_snapshot": resourceAwsNeptuneClusterSnapshot(), - "aws_neptune_event_subscription": resourceAwsNeptuneEventSubscription(), - "aws_neptune_parameter_group": resourceAwsNeptuneParameterGroup(), - "aws_neptune_subnet_group": resourceAwsNeptuneSubnetGroup(), - "aws_network_acl_rule": resourceAwsNetworkAclRule(), - "aws_network_interface": resourceAwsNetworkInterface(), - "aws_network_interface_attachment": resourceAwsNetworkInterfaceAttachment(), - "aws_opsworks_application": resourceAwsOpsworksApplication(), - "aws_opsworks_stack": resourceAwsOpsworksStack(), - "aws_opsworks_java_app_layer": resourceAwsOpsworksJavaAppLayer(), - "aws_opsworks_haproxy_layer": resourceAwsOpsworksHaproxyLayer(), - "aws_opsworks_static_web_layer": resourceAwsOpsworksStaticWebLayer(), - "aws_opsworks_php_app_layer": resourceAwsOpsworksPhpAppLayer(), - "aws_opsworks_rails_app_layer": resourceAwsOpsworksRailsAppLayer(), - "aws_opsworks_nodejs_app_layer": resourceAwsOpsworksNodejsAppLayer(), - "aws_opsworks_memcached_layer": resourceAwsOpsworksMemcachedLayer(), - "aws_opsworks_mysql_layer": resourceAwsOpsworksMysqlLayer(), - "aws_opsworks_ganglia_layer": resourceAwsOpsworksGangliaLayer(), - "aws_opsworks_custom_layer": resourceAwsOpsworksCustomLayer(), - "aws_opsworks_instance": resourceAwsOpsworksInstance(), - "aws_opsworks_user_profile": resourceAwsOpsworksUserProfile(), - "aws_opsworks_permission": resourceAwsOpsworksPermission(), - "aws_opsworks_rds_db_instance": resourceAwsOpsworksRdsDbInstance(), - "aws_organizations_organization": resourceAwsOrganizationsOrganization(), - "aws_organizations_account": resourceAwsOrganizationsAccount(), - "aws_organizations_policy": resourceAwsOrganizationsPolicy(), - "aws_organizations_policy_attachment": resourceAwsOrganizationsPolicyAttachment(), - "aws_organizations_unit": resourceAwsOrganizationsUnit(), - "aws_placement_group": resourceAwsPlacementGroup(), - "aws_proxy_protocol_policy": resourceAwsProxyProtocolPolicy(), - "aws_rds_cluster": resourceAwsRDSCluster(), - "aws_rds_cluster_endpoint": resourceAwsRDSClusterEndpoint(), - "aws_rds_cluster_instance": resourceAwsRDSClusterInstance(), - "aws_rds_cluster_parameter_group": resourceAwsRDSClusterParameterGroup(), - "aws_rds_global_cluster": resourceAwsRDSGlobalCluster(), - "aws_redshift_cluster": resourceAwsRedshiftCluster(), - "aws_redshift_security_group": resourceAwsRedshiftSecurityGroup(), - "aws_redshift_parameter_group": resourceAwsRedshiftParameterGroup(), - "aws_redshift_subnet_group": resourceAwsRedshiftSubnetGroup(), - "aws_redshift_snapshot_copy_grant": resourceAwsRedshiftSnapshotCopyGrant(), - "aws_redshift_event_subscription": resourceAwsRedshiftEventSubscription(), - "aws_route53_delegation_set": resourceAwsRoute53DelegationSet(), - "aws_route53_query_log": resourceAwsRoute53QueryLog(), - "aws_route53_record": resourceAwsRoute53Record(), - "aws_route53_zone_association": resourceAwsRoute53ZoneAssociation(), - "aws_route53_zone": resourceAwsRoute53Zone(), - "aws_route53_health_check": resourceAwsRoute53HealthCheck(), - "aws_route": resourceAwsRoute(), - "aws_route_table": resourceAwsRouteTable(), - "aws_default_route_table": resourceAwsDefaultRouteTable(), - "aws_route_table_association": resourceAwsRouteTableAssociation(), - "aws_secretsmanager_secret": resourceAwsSecretsManagerSecret(), - "aws_secretsmanager_secret_version": resourceAwsSecretsManagerSecretVersion(), - "aws_ses_active_receipt_rule_set": resourceAwsSesActiveReceiptRuleSet(), - "aws_ses_domain_identity": resourceAwsSesDomainIdentity(), - "aws_ses_domain_identity_verification": resourceAwsSesDomainIdentityVerification(), - "aws_ses_domain_dkim": resourceAwsSesDomainDkim(), - "aws_ses_domain_mail_from": resourceAwsSesDomainMailFrom(), - "aws_ses_receipt_filter": resourceAwsSesReceiptFilter(), - "aws_ses_receipt_rule": resourceAwsSesReceiptRule(), - "aws_ses_receipt_rule_set": resourceAwsSesReceiptRuleSet(), - "aws_ses_configuration_set": resourceAwsSesConfigurationSet(), - "aws_ses_event_destination": resourceAwsSesEventDestination(), - "aws_ses_identity_notification_topic": resourceAwsSesNotificationTopic(), - "aws_ses_template": resourceAwsSesTemplate(), - "aws_s3_account_public_access_block": resourceAwsS3AccountPublicAccessBlock(), - "aws_s3_bucket": resourceAwsS3Bucket(), - "aws_s3_bucket_policy": resourceAwsS3BucketPolicy(), - "aws_s3_bucket_public_access_block": resourceAwsS3BucketPublicAccessBlock(), - "aws_s3_bucket_object": resourceAwsS3BucketObject(), - "aws_s3_bucket_notification": resourceAwsS3BucketNotification(), - "aws_s3_bucket_metric": resourceAwsS3BucketMetric(), - "aws_s3_bucket_inventory": resourceAwsS3BucketInventory(), - "aws_security_group": resourceAwsSecurityGroup(), - "aws_network_interface_sg_attachment": resourceAwsNetworkInterfaceSGAttachment(), - "aws_default_security_group": resourceAwsDefaultSecurityGroup(), - "aws_security_group_rule": resourceAwsSecurityGroupRule(), - "aws_securityhub_account": resourceAwsSecurityHubAccount(), - "aws_securityhub_product_subscription": resourceAwsSecurityHubProductSubscription(), - "aws_securityhub_standards_subscription": resourceAwsSecurityHubStandardsSubscription(), - "aws_servicecatalog_portfolio": resourceAwsServiceCatalogPortfolio(), - "aws_service_discovery_http_namespace": resourceAwsServiceDiscoveryHttpNamespace(), - "aws_service_discovery_private_dns_namespace": resourceAwsServiceDiscoveryPrivateDnsNamespace(), - "aws_service_discovery_public_dns_namespace": resourceAwsServiceDiscoveryPublicDnsNamespace(), - "aws_service_discovery_service": resourceAwsServiceDiscoveryService(), - "aws_simpledb_domain": resourceAwsSimpleDBDomain(), - "aws_ssm_activation": resourceAwsSsmActivation(), - "aws_ssm_association": resourceAwsSsmAssociation(), - "aws_ssm_document": resourceAwsSsmDocument(), - "aws_ssm_maintenance_window": resourceAwsSsmMaintenanceWindow(), - "aws_ssm_maintenance_window_target": resourceAwsSsmMaintenanceWindowTarget(), - "aws_ssm_maintenance_window_task": resourceAwsSsmMaintenanceWindowTask(), - "aws_ssm_patch_baseline": resourceAwsSsmPatchBaseline(), - "aws_ssm_patch_group": resourceAwsSsmPatchGroup(), - "aws_ssm_parameter": resourceAwsSsmParameter(), - "aws_ssm_resource_data_sync": resourceAwsSsmResourceDataSync(), - "aws_storagegateway_cache": resourceAwsStorageGatewayCache(), - "aws_storagegateway_cached_iscsi_volume": resourceAwsStorageGatewayCachedIscsiVolume(), - "aws_storagegateway_gateway": resourceAwsStorageGatewayGateway(), - "aws_storagegateway_nfs_file_share": resourceAwsStorageGatewayNfsFileShare(), - "aws_storagegateway_smb_file_share": resourceAwsStorageGatewaySmbFileShare(), - "aws_storagegateway_upload_buffer": resourceAwsStorageGatewayUploadBuffer(), - "aws_storagegateway_working_storage": resourceAwsStorageGatewayWorkingStorage(), - "aws_spot_datafeed_subscription": resourceAwsSpotDataFeedSubscription(), - "aws_spot_instance_request": resourceAwsSpotInstanceRequest(), - "aws_spot_fleet_request": resourceAwsSpotFleetRequest(), - "aws_sqs_queue": resourceAwsSqsQueue(), - "aws_sqs_queue_policy": resourceAwsSqsQueuePolicy(), - "aws_snapshot_create_volume_permission": resourceAwsSnapshotCreateVolumePermission(), - "aws_sns_platform_application": resourceAwsSnsPlatformApplication(), - "aws_sns_sms_preferences": resourceAwsSnsSmsPreferences(), - "aws_sns_topic": resourceAwsSnsTopic(), - "aws_sns_topic_policy": resourceAwsSnsTopicPolicy(), - "aws_sns_topic_subscription": resourceAwsSnsTopicSubscription(), - "aws_sfn_activity": resourceAwsSfnActivity(), - "aws_sfn_state_machine": resourceAwsSfnStateMachine(), - "aws_default_subnet": resourceAwsDefaultSubnet(), - "aws_subnet": resourceAwsSubnet(), - "aws_swf_domain": resourceAwsSwfDomain(), - "aws_transfer_server": resourceAwsTransferServer(), - "aws_transfer_ssh_key": resourceAwsTransferSshKey(), - "aws_transfer_user": resourceAwsTransferUser(), - "aws_volume_attachment": resourceAwsVolumeAttachment(), - "aws_vpc_dhcp_options_association": resourceAwsVpcDhcpOptionsAssociation(), - "aws_default_vpc_dhcp_options": resourceAwsDefaultVpcDhcpOptions(), - "aws_vpc_dhcp_options": resourceAwsVpcDhcpOptions(), - "aws_vpc_peering_connection": resourceAwsVpcPeeringConnection(), - "aws_vpc_peering_connection_accepter": resourceAwsVpcPeeringConnectionAccepter(), - "aws_vpc_peering_connection_options": resourceAwsVpcPeeringConnectionOptions(), - "aws_default_vpc": resourceAwsDefaultVpc(), - "aws_vpc": resourceAwsVpc(), - "aws_vpc_endpoint": resourceAwsVpcEndpoint(), - "aws_vpc_endpoint_connection_notification": resourceAwsVpcEndpointConnectionNotification(), - "aws_vpc_endpoint_route_table_association": resourceAwsVpcEndpointRouteTableAssociation(), - "aws_vpc_endpoint_subnet_association": resourceAwsVpcEndpointSubnetAssociation(), - "aws_vpc_endpoint_service": resourceAwsVpcEndpointService(), - "aws_vpc_endpoint_service_allowed_principal": resourceAwsVpcEndpointServiceAllowedPrincipal(), - "aws_vpc_ipv4_cidr_block_association": resourceAwsVpcIpv4CidrBlockAssociation(), - "aws_vpn_connection": resourceAwsVpnConnection(), - "aws_vpn_connection_route": resourceAwsVpnConnectionRoute(), - "aws_vpn_gateway": resourceAwsVpnGateway(), - "aws_vpn_gateway_attachment": resourceAwsVpnGatewayAttachment(), - "aws_vpn_gateway_route_propagation": resourceAwsVpnGatewayRoutePropagation(), - "aws_waf_byte_match_set": resourceAwsWafByteMatchSet(), - "aws_waf_ipset": resourceAwsWafIPSet(), - "aws_waf_rate_based_rule": resourceAwsWafRateBasedRule(), - "aws_waf_regex_match_set": resourceAwsWafRegexMatchSet(), - "aws_waf_regex_pattern_set": resourceAwsWafRegexPatternSet(), - "aws_waf_rule": resourceAwsWafRule(), - "aws_waf_rule_group": resourceAwsWafRuleGroup(), - "aws_waf_size_constraint_set": resourceAwsWafSizeConstraintSet(), - "aws_waf_web_acl": resourceAwsWafWebAcl(), - "aws_waf_xss_match_set": resourceAwsWafXssMatchSet(), - "aws_waf_sql_injection_match_set": resourceAwsWafSqlInjectionMatchSet(), - "aws_waf_geo_match_set": resourceAwsWafGeoMatchSet(), - "aws_wafregional_byte_match_set": resourceAwsWafRegionalByteMatchSet(), - "aws_wafregional_geo_match_set": resourceAwsWafRegionalGeoMatchSet(), - "aws_wafregional_ipset": resourceAwsWafRegionalIPSet(), - "aws_wafregional_rate_based_rule": resourceAwsWafRegionalRateBasedRule(), - "aws_wafregional_regex_match_set": resourceAwsWafRegionalRegexMatchSet(), - "aws_wafregional_regex_pattern_set": resourceAwsWafRegionalRegexPatternSet(), - "aws_wafregional_rule": resourceAwsWafRegionalRule(), - "aws_wafregional_rule_group": resourceAwsWafRegionalRuleGroup(), - "aws_wafregional_size_constraint_set": resourceAwsWafRegionalSizeConstraintSet(), - "aws_wafregional_sql_injection_match_set": resourceAwsWafRegionalSqlInjectionMatchSet(), - "aws_wafregional_xss_match_set": resourceAwsWafRegionalXssMatchSet(), - "aws_wafregional_web_acl": resourceAwsWafRegionalWebAcl(), - "aws_wafregional_web_acl_association": resourceAwsWafRegionalWebAclAssociation(), - "aws_batch_compute_environment": resourceAwsBatchComputeEnvironment(), - "aws_batch_job_definition": resourceAwsBatchJobDefinition(), - "aws_batch_job_queue": resourceAwsBatchJobQueue(), - "aws_pinpoint_app": resourceAwsPinpointApp(), - "aws_pinpoint_adm_channel": resourceAwsPinpointADMChannel(), - "aws_pinpoint_apns_channel": resourceAwsPinpointAPNSChannel(), - "aws_pinpoint_apns_sandbox_channel": resourceAwsPinpointAPNSSandboxChannel(), - "aws_pinpoint_apns_voip_channel": resourceAwsPinpointAPNSVoipChannel(), - "aws_pinpoint_apns_voip_sandbox_channel": resourceAwsPinpointAPNSVoipSandboxChannel(), - "aws_pinpoint_baidu_channel": resourceAwsPinpointBaiduChannel(), - "aws_pinpoint_email_channel": resourceAwsPinpointEmailChannel(), - "aws_pinpoint_event_stream": resourceAwsPinpointEventStream(), - "aws_pinpoint_gcm_channel": resourceAwsPinpointGCMChannel(), - "aws_pinpoint_sms_channel": resourceAwsPinpointSMSChannel(), + "aws_acm_certificate": resourceAwsAcmCertificate(), + "aws_acm_certificate_validation": resourceAwsAcmCertificateValidation(), + "aws_acmpca_certificate_authority": resourceAwsAcmpcaCertificateAuthority(), + "aws_ami": resourceAwsAmi(), + "aws_ami_copy": resourceAwsAmiCopy(), + "aws_ami_from_instance": resourceAwsAmiFromInstance(), + "aws_ami_launch_permission": resourceAwsAmiLaunchPermission(), + "aws_api_gateway_account": resourceAwsApiGatewayAccount(), + "aws_api_gateway_api_key": resourceAwsApiGatewayApiKey(), + "aws_api_gateway_authorizer": resourceAwsApiGatewayAuthorizer(), + "aws_api_gateway_base_path_mapping": resourceAwsApiGatewayBasePathMapping(), + "aws_api_gateway_client_certificate": resourceAwsApiGatewayClientCertificate(), + "aws_api_gateway_deployment": resourceAwsApiGatewayDeployment(), + "aws_api_gateway_documentation_part": resourceAwsApiGatewayDocumentationPart(), + "aws_api_gateway_documentation_version": resourceAwsApiGatewayDocumentationVersion(), + "aws_api_gateway_domain_name": resourceAwsApiGatewayDomainName(), + "aws_api_gateway_gateway_response": resourceAwsApiGatewayGatewayResponse(), + "aws_api_gateway_integration": resourceAwsApiGatewayIntegration(), + "aws_api_gateway_integration_response": resourceAwsApiGatewayIntegrationResponse(), + "aws_api_gateway_method": resourceAwsApiGatewayMethod(), + "aws_api_gateway_method_response": resourceAwsApiGatewayMethodResponse(), + "aws_api_gateway_method_settings": resourceAwsApiGatewayMethodSettings(), + "aws_api_gateway_model": resourceAwsApiGatewayModel(), + "aws_api_gateway_request_validator": resourceAwsApiGatewayRequestValidator(), + "aws_api_gateway_resource": resourceAwsApiGatewayResource(), + "aws_api_gateway_rest_api": resourceAwsApiGatewayRestApi(), + "aws_api_gateway_stage": resourceAwsApiGatewayStage(), + "aws_api_gateway_usage_plan": resourceAwsApiGatewayUsagePlan(), + "aws_api_gateway_usage_plan_key": resourceAwsApiGatewayUsagePlanKey(), + "aws_api_gateway_vpc_link": resourceAwsApiGatewayVpcLink(), + "aws_app_cookie_stickiness_policy": resourceAwsAppCookieStickinessPolicy(), + "aws_appautoscaling_target": resourceAwsAppautoscalingTarget(), + "aws_appautoscaling_policy": resourceAwsAppautoscalingPolicy(), + "aws_appautoscaling_scheduled_action": resourceAwsAppautoscalingScheduledAction(), + "aws_appmesh_mesh": resourceAwsAppmeshMesh(), + "aws_appmesh_route": resourceAwsAppmeshRoute(), + "aws_appmesh_virtual_node": resourceAwsAppmeshVirtualNode(), + "aws_appmesh_virtual_router": resourceAwsAppmeshVirtualRouter(), + "aws_appmesh_virtual_service": resourceAwsAppmeshVirtualService(), + "aws_appsync_api_key": resourceAwsAppsyncApiKey(), + "aws_appsync_datasource": resourceAwsAppsyncDatasource(), + "aws_appsync_graphql_api": resourceAwsAppsyncGraphqlApi(), + "aws_appsync_resolver": resourceAwsAppsyncResolver(), + "aws_athena_database": resourceAwsAthenaDatabase(), + "aws_athena_named_query": resourceAwsAthenaNamedQuery(), + "aws_autoscaling_attachment": resourceAwsAutoscalingAttachment(), + "aws_autoscaling_group": resourceAwsAutoscalingGroup(), + "aws_autoscaling_lifecycle_hook": resourceAwsAutoscalingLifecycleHook(), + "aws_autoscaling_notification": resourceAwsAutoscalingNotification(), + "aws_autoscaling_policy": resourceAwsAutoscalingPolicy(), + "aws_autoscaling_schedule": resourceAwsAutoscalingSchedule(), + "aws_backup_plan": resourceAwsBackupPlan(), + "aws_backup_selection": resourceAwsBackupSelection(), + "aws_backup_vault": resourceAwsBackupVault(), + "aws_budgets_budget": resourceAwsBudgetsBudget(), + "aws_cloud9_environment_ec2": resourceAwsCloud9EnvironmentEc2(), + "aws_cloudformation_stack": resourceAwsCloudFormationStack(), + "aws_cloudformation_stack_set": resourceAwsCloudFormationStackSet(), + "aws_cloudformation_stack_set_instance": resourceAwsCloudFormationStackSetInstance(), + "aws_cloudfront_distribution": resourceAwsCloudFrontDistribution(), + "aws_cloudfront_origin_access_identity": resourceAwsCloudFrontOriginAccessIdentity(), + "aws_cloudfront_public_key": resourceAwsCloudFrontPublicKey(), + "aws_cloudtrail": resourceAwsCloudTrail(), + "aws_cloudwatch_event_permission": resourceAwsCloudWatchEventPermission(), + "aws_cloudwatch_event_rule": resourceAwsCloudWatchEventRule(), + "aws_cloudwatch_event_target": resourceAwsCloudWatchEventTarget(), + "aws_cloudwatch_log_destination": resourceAwsCloudWatchLogDestination(), + "aws_cloudwatch_log_destination_policy": resourceAwsCloudWatchLogDestinationPolicy(), + "aws_cloudwatch_log_group": resourceAwsCloudWatchLogGroup(), + "aws_cloudwatch_log_metric_filter": resourceAwsCloudWatchLogMetricFilter(), + "aws_cloudwatch_log_resource_policy": resourceAwsCloudWatchLogResourcePolicy(), + "aws_cloudwatch_log_stream": resourceAwsCloudWatchLogStream(), + "aws_cloudwatch_log_subscription_filter": resourceAwsCloudwatchLogSubscriptionFilter(), + "aws_config_aggregate_authorization": resourceAwsConfigAggregateAuthorization(), + "aws_config_config_rule": resourceAwsConfigConfigRule(), + "aws_config_configuration_aggregator": resourceAwsConfigConfigurationAggregator(), + "aws_config_configuration_recorder": resourceAwsConfigConfigurationRecorder(), + "aws_config_configuration_recorder_status": resourceAwsConfigConfigurationRecorderStatus(), + "aws_config_delivery_channel": resourceAwsConfigDeliveryChannel(), + "aws_cognito_identity_pool": resourceAwsCognitoIdentityPool(), + "aws_cognito_identity_pool_roles_attachment": resourceAwsCognitoIdentityPoolRolesAttachment(), + "aws_cognito_identity_provider": resourceAwsCognitoIdentityProvider(), + "aws_cognito_user_group": resourceAwsCognitoUserGroup(), + "aws_cognito_user_pool": resourceAwsCognitoUserPool(), + "aws_cognito_user_pool_client": resourceAwsCognitoUserPoolClient(), + "aws_cognito_user_pool_domain": resourceAwsCognitoUserPoolDomain(), + "aws_cloudhsm_v2_cluster": resourceAwsCloudHsm2Cluster(), + "aws_cloudhsm_v2_hsm": resourceAwsCloudHsm2Hsm(), + "aws_cognito_resource_server": resourceAwsCognitoResourceServer(), + "aws_cloudwatch_metric_alarm": resourceAwsCloudWatchMetricAlarm(), + "aws_cloudwatch_dashboard": resourceAwsCloudWatchDashboard(), + "aws_codedeploy_app": resourceAwsCodeDeployApp(), + "aws_codedeploy_deployment_config": resourceAwsCodeDeployDeploymentConfig(), + "aws_codedeploy_deployment_group": resourceAwsCodeDeployDeploymentGroup(), + "aws_codecommit_repository": resourceAwsCodeCommitRepository(), + "aws_codecommit_trigger": resourceAwsCodeCommitTrigger(), + "aws_codebuild_project": resourceAwsCodeBuildProject(), + "aws_codebuild_webhook": resourceAwsCodeBuildWebhook(), + "aws_codepipeline": resourceAwsCodePipeline(), + "aws_codepipeline_webhook": resourceAwsCodePipelineWebhook(), + "aws_cur_report_definition": resourceAwsCurReportDefinition(), + "aws_customer_gateway": resourceAwsCustomerGateway(), + "aws_datasync_agent": resourceAwsDataSyncAgent(), + "aws_datasync_location_efs": resourceAwsDataSyncLocationEfs(), + "aws_datasync_location_nfs": resourceAwsDataSyncLocationNfs(), + "aws_datasync_location_s3": resourceAwsDataSyncLocationS3(), + "aws_datasync_task": resourceAwsDataSyncTask(), + "aws_dax_cluster": resourceAwsDaxCluster(), + "aws_dax_parameter_group": resourceAwsDaxParameterGroup(), + "aws_dax_subnet_group": resourceAwsDaxSubnetGroup(), + "aws_db_cluster_snapshot": resourceAwsDbClusterSnapshot(), + "aws_db_event_subscription": resourceAwsDbEventSubscription(), + "aws_db_instance": resourceAwsDbInstance(), + "aws_db_instance_role_association": resourceAwsDbInstanceRoleAssociation(), + "aws_db_option_group": resourceAwsDbOptionGroup(), + "aws_db_parameter_group": resourceAwsDbParameterGroup(), + "aws_db_security_group": resourceAwsDbSecurityGroup(), + "aws_db_snapshot": resourceAwsDbSnapshot(), + "aws_db_subnet_group": resourceAwsDbSubnetGroup(), + "aws_devicefarm_project": resourceAwsDevicefarmProject(), + "aws_directory_service_directory": resourceAwsDirectoryServiceDirectory(), + "aws_directory_service_conditional_forwarder": resourceAwsDirectoryServiceConditionalForwarder(), + "aws_dlm_lifecycle_policy": resourceAwsDlmLifecyclePolicy(), + "aws_dms_certificate": resourceAwsDmsCertificate(), + "aws_dms_endpoint": resourceAwsDmsEndpoint(), + "aws_dms_replication_instance": resourceAwsDmsReplicationInstance(), + "aws_dms_replication_subnet_group": resourceAwsDmsReplicationSubnetGroup(), + "aws_dms_replication_task": resourceAwsDmsReplicationTask(), + "aws_docdb_cluster": resourceAwsDocDBCluster(), + "aws_docdb_cluster_instance": resourceAwsDocDBClusterInstance(), + "aws_docdb_cluster_parameter_group": resourceAwsDocDBClusterParameterGroup(), + "aws_docdb_cluster_snapshot": resourceAwsDocDBClusterSnapshot(), + "aws_docdb_subnet_group": resourceAwsDocDBSubnetGroup(), + "aws_dx_bgp_peer": resourceAwsDxBgpPeer(), + "aws_dx_connection": resourceAwsDxConnection(), + "aws_dx_connection_association": resourceAwsDxConnectionAssociation(), + "aws_dx_gateway": resourceAwsDxGateway(), + "aws_dx_gateway_association": resourceAwsDxGatewayAssociation(), + "aws_dx_gateway_association_proposal": resourceAwsDxGatewayAssociationProposal(), + "aws_dx_hosted_private_virtual_interface": resourceAwsDxHostedPrivateVirtualInterface(), + "aws_dx_hosted_private_virtual_interface_accepter": resourceAwsDxHostedPrivateVirtualInterfaceAccepter(), + "aws_dx_hosted_public_virtual_interface": resourceAwsDxHostedPublicVirtualInterface(), + "aws_dx_hosted_public_virtual_interface_accepter": resourceAwsDxHostedPublicVirtualInterfaceAccepter(), + "aws_dx_lag": resourceAwsDxLag(), + "aws_dx_private_virtual_interface": resourceAwsDxPrivateVirtualInterface(), + "aws_dx_public_virtual_interface": resourceAwsDxPublicVirtualInterface(), + "aws_dynamodb_table": resourceAwsDynamoDbTable(), + "aws_dynamodb_table_item": resourceAwsDynamoDbTableItem(), + "aws_dynamodb_global_table": resourceAwsDynamoDbGlobalTable(), + "aws_ebs_snapshot": resourceAwsEbsSnapshot(), + "aws_ebs_snapshot_copy": resourceAwsEbsSnapshotCopy(), + "aws_ebs_volume": resourceAwsEbsVolume(), + "aws_ec2_capacity_reservation": resourceAwsEc2CapacityReservation(), + "aws_ec2_client_vpn_endpoint": resourceAwsEc2ClientVpnEndpoint(), + "aws_ec2_client_vpn_network_association": resourceAwsEc2ClientVpnNetworkAssociation(), + "aws_ec2_fleet": resourceAwsEc2Fleet(), + "aws_ec2_transit_gateway": resourceAwsEc2TransitGateway(), + "aws_ec2_transit_gateway_route": resourceAwsEc2TransitGatewayRoute(), + "aws_ec2_transit_gateway_route_table": resourceAwsEc2TransitGatewayRouteTable(), + "aws_ec2_transit_gateway_route_table_association": resourceAwsEc2TransitGatewayRouteTableAssociation(), + "aws_ec2_transit_gateway_route_table_propagation": resourceAwsEc2TransitGatewayRouteTablePropagation(), + "aws_ec2_transit_gateway_vpc_attachment": resourceAwsEc2TransitGatewayVpcAttachment(), + "aws_ecr_lifecycle_policy": resourceAwsEcrLifecyclePolicy(), + "aws_ecr_repository": resourceAwsEcrRepository(), + "aws_ecr_repository_policy": resourceAwsEcrRepositoryPolicy(), + "aws_ecs_cluster": resourceAwsEcsCluster(), + "aws_ecs_service": resourceAwsEcsService(), + "aws_ecs_task_definition": resourceAwsEcsTaskDefinition(), + "aws_efs_file_system": resourceAwsEfsFileSystem(), + "aws_efs_mount_target": resourceAwsEfsMountTarget(), + "aws_egress_only_internet_gateway": resourceAwsEgressOnlyInternetGateway(), + "aws_eip": resourceAwsEip(), + "aws_eip_association": resourceAwsEipAssociation(), + "aws_eks_cluster": resourceAwsEksCluster(), + "aws_elasticache_cluster": resourceAwsElasticacheCluster(), + "aws_elasticache_parameter_group": resourceAwsElasticacheParameterGroup(), + "aws_elasticache_replication_group": resourceAwsElasticacheReplicationGroup(), + "aws_elasticache_security_group": resourceAwsElasticacheSecurityGroup(), + "aws_elasticache_subnet_group": resourceAwsElasticacheSubnetGroup(), + "aws_elastic_beanstalk_application": resourceAwsElasticBeanstalkApplication(), + "aws_elastic_beanstalk_application_version": resourceAwsElasticBeanstalkApplicationVersion(), + "aws_elastic_beanstalk_configuration_template": resourceAwsElasticBeanstalkConfigurationTemplate(), + "aws_elastic_beanstalk_environment": resourceAwsElasticBeanstalkEnvironment(), + "aws_elasticsearch_domain": resourceAwsElasticSearchDomain(), + "aws_elasticsearch_domain_policy": resourceAwsElasticSearchDomainPolicy(), + "aws_elastictranscoder_pipeline": resourceAwsElasticTranscoderPipeline(), + "aws_elastictranscoder_preset": resourceAwsElasticTranscoderPreset(), + "aws_elb": resourceAwsElb(), + "aws_elb_attachment": resourceAwsElbAttachment(), + "aws_emr_cluster": resourceAwsEMRCluster(), + "aws_emr_instance_group": resourceAwsEMRInstanceGroup(), + "aws_emr_security_configuration": resourceAwsEMRSecurityConfiguration(), + "aws_flow_log": resourceAwsFlowLog(), + "aws_gamelift_alias": resourceAwsGameliftAlias(), + "aws_gamelift_build": resourceAwsGameliftBuild(), + "aws_gamelift_fleet": resourceAwsGameliftFleet(), + "aws_gamelift_game_session_queue": resourceAwsGameliftGameSessionQueue(), + "aws_glacier_vault": resourceAwsGlacierVault(), + "aws_glacier_vault_lock": resourceAwsGlacierVaultLock(), + "aws_globalaccelerator_accelerator": resourceAwsGlobalAcceleratorAccelerator(), + "aws_globalaccelerator_listener": resourceAwsGlobalAcceleratorListener(), + "aws_glue_catalog_database": resourceAwsGlueCatalogDatabase(), + "aws_glue_catalog_table": resourceAwsGlueCatalogTable(), + "aws_glue_classifier": resourceAwsGlueClassifier(), + "aws_glue_connection": resourceAwsGlueConnection(), + "aws_glue_crawler": resourceAwsGlueCrawler(), + "aws_glue_job": resourceAwsGlueJob(), + "aws_glue_security_configuration": resourceAwsGlueSecurityConfiguration(), + "aws_glue_trigger": resourceAwsGlueTrigger(), + "aws_guardduty_detector": resourceAwsGuardDutyDetector(), + "aws_guardduty_invite_accepter": resourceAwsGuardDutyInviteAccepter(), + "aws_guardduty_ipset": resourceAwsGuardDutyIpset(), + "aws_guardduty_member": resourceAwsGuardDutyMember(), + "aws_guardduty_threatintelset": resourceAwsGuardDutyThreatintelset(), + "aws_iam_access_key": resourceAwsIamAccessKey(), + "aws_iam_account_alias": resourceAwsIamAccountAlias(), + "aws_iam_account_password_policy": resourceAwsIamAccountPasswordPolicy(), + "aws_iam_group_policy": resourceAwsIamGroupPolicy(), + "aws_iam_group": resourceAwsIamGroup(), + "aws_iam_group_membership": resourceAwsIamGroupMembership(), + "aws_iam_group_policy_attachment": resourceAwsIamGroupPolicyAttachment(), + "aws_iam_instance_profile": resourceAwsIamInstanceProfile(), + "aws_iam_openid_connect_provider": resourceAwsIamOpenIDConnectProvider(), + "aws_iam_policy": resourceAwsIamPolicy(), + "aws_iam_policy_attachment": resourceAwsIamPolicyAttachment(), + "aws_iam_role_policy_attachment": resourceAwsIamRolePolicyAttachment(), + "aws_iam_role_policy": resourceAwsIamRolePolicy(), + "aws_iam_role": resourceAwsIamRole(), + "aws_iam_saml_provider": resourceAwsIamSamlProvider(), + "aws_iam_server_certificate": resourceAwsIAMServerCertificate(), + "aws_iam_service_linked_role": resourceAwsIamServiceLinkedRole(), + "aws_iam_user_group_membership": resourceAwsIamUserGroupMembership(), + "aws_iam_user_policy_attachment": resourceAwsIamUserPolicyAttachment(), + "aws_iam_user_policy": resourceAwsIamUserPolicy(), + "aws_iam_user_ssh_key": resourceAwsIamUserSshKey(), + "aws_iam_user": resourceAwsIamUser(), + "aws_iam_user_login_profile": resourceAwsIamUserLoginProfile(), + "aws_inspector_assessment_target": resourceAWSInspectorAssessmentTarget(), + "aws_inspector_assessment_template": resourceAWSInspectorAssessmentTemplate(), + "aws_inspector_resource_group": resourceAWSInspectorResourceGroup(), + "aws_instance": resourceAwsInstance(), + "aws_internet_gateway": resourceAwsInternetGateway(), + "aws_iot_certificate": resourceAwsIotCertificate(), + "aws_iot_policy": resourceAwsIotPolicy(), + "aws_iot_policy_attachment": resourceAwsIotPolicyAttachment(), + "aws_iot_thing": resourceAwsIotThing(), + "aws_iot_thing_principal_attachment": resourceAwsIotThingPrincipalAttachment(), + "aws_iot_thing_type": resourceAwsIotThingType(), + "aws_iot_topic_rule": resourceAwsIotTopicRule(), + "aws_iot_role_alias": resourceAwsIotRoleAlias(), + "aws_key_pair": resourceAwsKeyPair(), + "aws_kinesis_firehose_delivery_stream": resourceAwsKinesisFirehoseDeliveryStream(), + "aws_kinesis_stream": resourceAwsKinesisStream(), + "aws_kinesis_analytics_application": resourceAwsKinesisAnalyticsApplication(), + "aws_kms_alias": resourceAwsKmsAlias(), + "aws_kms_external_key": resourceAwsKmsExternalKey(), + "aws_kms_grant": resourceAwsKmsGrant(), + "aws_kms_key": resourceAwsKmsKey(), + "aws_kms_ciphertext": resourceAwsKmsCiphertext(), + "aws_lambda_function": resourceAwsLambdaFunction(), + "aws_lambda_event_source_mapping": resourceAwsLambdaEventSourceMapping(), + "aws_lambda_alias": resourceAwsLambdaAlias(), + "aws_lambda_permission": resourceAwsLambdaPermission(), + "aws_lambda_layer_version": resourceAwsLambdaLayerVersion(), + "aws_launch_configuration": resourceAwsLaunchConfiguration(), + "aws_launch_template": resourceAwsLaunchTemplate(), + "aws_licensemanager_association": resourceAwsLicenseManagerAssociation(), + "aws_licensemanager_license_configuration": resourceAwsLicenseManagerLicenseConfiguration(), + "aws_lightsail_domain": resourceAwsLightsailDomain(), + "aws_lightsail_instance": resourceAwsLightsailInstance(), + "aws_lightsail_key_pair": resourceAwsLightsailKeyPair(), + "aws_lightsail_static_ip": resourceAwsLightsailStaticIp(), + "aws_lightsail_static_ip_attachment": resourceAwsLightsailStaticIpAttachment(), + "aws_lb_cookie_stickiness_policy": resourceAwsLBCookieStickinessPolicy(), + "aws_load_balancer_policy": resourceAwsLoadBalancerPolicy(), + "aws_load_balancer_backend_server_policy": resourceAwsLoadBalancerBackendServerPolicies(), + "aws_load_balancer_listener_policy": resourceAwsLoadBalancerListenerPolicies(), + "aws_lb_ssl_negotiation_policy": resourceAwsLBSSLNegotiationPolicy(), + "aws_macie_member_account_association": resourceAwsMacieMemberAccountAssociation(), + "aws_macie_s3_bucket_association": resourceAwsMacieS3BucketAssociation(), + "aws_main_route_table_association": resourceAwsMainRouteTableAssociation(), + "aws_mq_broker": resourceAwsMqBroker(), + "aws_mq_configuration": resourceAwsMqConfiguration(), + "aws_media_package_channel": resourceAwsMediaPackageChannel(), + "aws_media_store_container": resourceAwsMediaStoreContainer(), + "aws_media_store_container_policy": resourceAwsMediaStoreContainerPolicy(), + "aws_nat_gateway": resourceAwsNatGateway(), + "aws_network_acl": resourceAwsNetworkAcl(), + "aws_default_network_acl": resourceAwsDefaultNetworkAcl(), + "aws_neptune_cluster": resourceAwsNeptuneCluster(), + "aws_neptune_cluster_instance": resourceAwsNeptuneClusterInstance(), + "aws_neptune_cluster_parameter_group": resourceAwsNeptuneClusterParameterGroup(), + "aws_neptune_cluster_snapshot": resourceAwsNeptuneClusterSnapshot(), + "aws_neptune_event_subscription": resourceAwsNeptuneEventSubscription(), + "aws_neptune_parameter_group": resourceAwsNeptuneParameterGroup(), + "aws_neptune_subnet_group": resourceAwsNeptuneSubnetGroup(), + "aws_network_acl_rule": resourceAwsNetworkAclRule(), + "aws_network_interface": resourceAwsNetworkInterface(), + "aws_network_interface_attachment": resourceAwsNetworkInterfaceAttachment(), + "aws_opsworks_application": resourceAwsOpsworksApplication(), + "aws_opsworks_stack": resourceAwsOpsworksStack(), + "aws_opsworks_java_app_layer": resourceAwsOpsworksJavaAppLayer(), + "aws_opsworks_haproxy_layer": resourceAwsOpsworksHaproxyLayer(), + "aws_opsworks_static_web_layer": resourceAwsOpsworksStaticWebLayer(), + "aws_opsworks_php_app_layer": resourceAwsOpsworksPhpAppLayer(), + "aws_opsworks_rails_app_layer": resourceAwsOpsworksRailsAppLayer(), + "aws_opsworks_nodejs_app_layer": resourceAwsOpsworksNodejsAppLayer(), + "aws_opsworks_memcached_layer": resourceAwsOpsworksMemcachedLayer(), + "aws_opsworks_mysql_layer": resourceAwsOpsworksMysqlLayer(), + "aws_opsworks_ganglia_layer": resourceAwsOpsworksGangliaLayer(), + "aws_opsworks_custom_layer": resourceAwsOpsworksCustomLayer(), + "aws_opsworks_instance": resourceAwsOpsworksInstance(), + "aws_opsworks_user_profile": resourceAwsOpsworksUserProfile(), + "aws_opsworks_permission": resourceAwsOpsworksPermission(), + "aws_opsworks_rds_db_instance": resourceAwsOpsworksRdsDbInstance(), + "aws_organizations_organization": resourceAwsOrganizationsOrganization(), + "aws_organizations_account": resourceAwsOrganizationsAccount(), + "aws_organizations_policy": resourceAwsOrganizationsPolicy(), + "aws_organizations_policy_attachment": resourceAwsOrganizationsPolicyAttachment(), + "aws_organizations_unit": resourceAwsOrganizationsUnit(), + "aws_placement_group": resourceAwsPlacementGroup(), + "aws_proxy_protocol_policy": resourceAwsProxyProtocolPolicy(), + "aws_ram_principal_association": resourceAwsRamPrincipalAssociation(), + "aws_ram_resource_association": resourceAwsRamResourceAssociation(), + "aws_ram_resource_share": resourceAwsRamResourceShare(), + "aws_rds_cluster": resourceAwsRDSCluster(), + "aws_rds_cluster_endpoint": resourceAwsRDSClusterEndpoint(), + "aws_rds_cluster_instance": resourceAwsRDSClusterInstance(), + "aws_rds_cluster_parameter_group": resourceAwsRDSClusterParameterGroup(), + "aws_rds_global_cluster": resourceAwsRDSGlobalCluster(), + "aws_redshift_cluster": resourceAwsRedshiftCluster(), + "aws_redshift_security_group": resourceAwsRedshiftSecurityGroup(), + "aws_redshift_parameter_group": resourceAwsRedshiftParameterGroup(), + "aws_redshift_subnet_group": resourceAwsRedshiftSubnetGroup(), + "aws_redshift_snapshot_copy_grant": resourceAwsRedshiftSnapshotCopyGrant(), + "aws_redshift_event_subscription": resourceAwsRedshiftEventSubscription(), + "aws_resourcegroups_group": resourceAwsResourceGroupsGroup(), + "aws_route53_delegation_set": resourceAwsRoute53DelegationSet(), + "aws_route53_query_log": resourceAwsRoute53QueryLog(), + "aws_route53_record": resourceAwsRoute53Record(), + "aws_route53_zone_association": resourceAwsRoute53ZoneAssociation(), + "aws_route53_zone": resourceAwsRoute53Zone(), + "aws_route53_health_check": resourceAwsRoute53HealthCheck(), + "aws_route53_resolver_endpoint": resourceAwsRoute53ResolverEndpoint(), + "aws_route53_resolver_rule_association": resourceAwsRoute53ResolverRuleAssociation(), + "aws_route53_resolver_rule": resourceAwsRoute53ResolverRule(), + "aws_route": resourceAwsRoute(), + "aws_route_table": resourceAwsRouteTable(), + "aws_default_route_table": resourceAwsDefaultRouteTable(), + "aws_route_table_association": resourceAwsRouteTableAssociation(), + "aws_sagemaker_model": resourceAwsSagemakerModel(), + "aws_sagemaker_endpoint_configuration": resourceAwsSagemakerEndpointConfiguration(), + "aws_sagemaker_endpoint": resourceAwsSagemakerEndpoint(), + "aws_sagemaker_notebook_instance_lifecycle_configuration": resourceAwsSagemakerNotebookInstanceLifeCycleConfiguration(), + "aws_sagemaker_notebook_instance": resourceAwsSagemakerNotebookInstance(), + "aws_secretsmanager_secret": resourceAwsSecretsManagerSecret(), + "aws_secretsmanager_secret_version": resourceAwsSecretsManagerSecretVersion(), + "aws_ses_active_receipt_rule_set": resourceAwsSesActiveReceiptRuleSet(), + "aws_ses_domain_identity": resourceAwsSesDomainIdentity(), + "aws_ses_domain_identity_verification": resourceAwsSesDomainIdentityVerification(), + "aws_ses_domain_dkim": resourceAwsSesDomainDkim(), + "aws_ses_domain_mail_from": resourceAwsSesDomainMailFrom(), + "aws_ses_receipt_filter": resourceAwsSesReceiptFilter(), + "aws_ses_receipt_rule": resourceAwsSesReceiptRule(), + "aws_ses_receipt_rule_set": resourceAwsSesReceiptRuleSet(), + "aws_ses_configuration_set": resourceAwsSesConfigurationSet(), + "aws_ses_event_destination": resourceAwsSesEventDestination(), + "aws_ses_identity_notification_topic": resourceAwsSesNotificationTopic(), + "aws_ses_template": resourceAwsSesTemplate(), + "aws_s3_account_public_access_block": resourceAwsS3AccountPublicAccessBlock(), + "aws_s3_bucket": resourceAwsS3Bucket(), + "aws_s3_bucket_policy": resourceAwsS3BucketPolicy(), + "aws_s3_bucket_public_access_block": resourceAwsS3BucketPublicAccessBlock(), + "aws_s3_bucket_object": resourceAwsS3BucketObject(), + "aws_s3_bucket_notification": resourceAwsS3BucketNotification(), + "aws_s3_bucket_metric": resourceAwsS3BucketMetric(), + "aws_s3_bucket_inventory": resourceAwsS3BucketInventory(), + "aws_security_group": resourceAwsSecurityGroup(), + "aws_network_interface_sg_attachment": resourceAwsNetworkInterfaceSGAttachment(), + "aws_default_security_group": resourceAwsDefaultSecurityGroup(), + "aws_security_group_rule": resourceAwsSecurityGroupRule(), + "aws_securityhub_account": resourceAwsSecurityHubAccount(), + "aws_securityhub_product_subscription": resourceAwsSecurityHubProductSubscription(), + "aws_securityhub_standards_subscription": resourceAwsSecurityHubStandardsSubscription(), + "aws_servicecatalog_portfolio": resourceAwsServiceCatalogPortfolio(), + "aws_service_discovery_http_namespace": resourceAwsServiceDiscoveryHttpNamespace(), + "aws_service_discovery_private_dns_namespace": resourceAwsServiceDiscoveryPrivateDnsNamespace(), + "aws_service_discovery_public_dns_namespace": resourceAwsServiceDiscoveryPublicDnsNamespace(), + "aws_service_discovery_service": resourceAwsServiceDiscoveryService(), + "aws_simpledb_domain": resourceAwsSimpleDBDomain(), + "aws_ssm_activation": resourceAwsSsmActivation(), + "aws_ssm_association": resourceAwsSsmAssociation(), + "aws_ssm_document": resourceAwsSsmDocument(), + "aws_ssm_maintenance_window": resourceAwsSsmMaintenanceWindow(), + "aws_ssm_maintenance_window_target": resourceAwsSsmMaintenanceWindowTarget(), + "aws_ssm_maintenance_window_task": resourceAwsSsmMaintenanceWindowTask(), + "aws_ssm_patch_baseline": resourceAwsSsmPatchBaseline(), + "aws_ssm_patch_group": resourceAwsSsmPatchGroup(), + "aws_ssm_parameter": resourceAwsSsmParameter(), + "aws_ssm_resource_data_sync": resourceAwsSsmResourceDataSync(), + "aws_storagegateway_cache": resourceAwsStorageGatewayCache(), + "aws_storagegateway_cached_iscsi_volume": resourceAwsStorageGatewayCachedIscsiVolume(), + "aws_storagegateway_gateway": resourceAwsStorageGatewayGateway(), + "aws_storagegateway_nfs_file_share": resourceAwsStorageGatewayNfsFileShare(), + "aws_storagegateway_smb_file_share": resourceAwsStorageGatewaySmbFileShare(), + "aws_storagegateway_upload_buffer": resourceAwsStorageGatewayUploadBuffer(), + "aws_storagegateway_working_storage": resourceAwsStorageGatewayWorkingStorage(), + "aws_spot_datafeed_subscription": resourceAwsSpotDataFeedSubscription(), + "aws_spot_instance_request": resourceAwsSpotInstanceRequest(), + "aws_spot_fleet_request": resourceAwsSpotFleetRequest(), + "aws_sqs_queue": resourceAwsSqsQueue(), + "aws_sqs_queue_policy": resourceAwsSqsQueuePolicy(), + "aws_snapshot_create_volume_permission": resourceAwsSnapshotCreateVolumePermission(), + "aws_sns_platform_application": resourceAwsSnsPlatformApplication(), + "aws_sns_sms_preferences": resourceAwsSnsSmsPreferences(), + "aws_sns_topic": resourceAwsSnsTopic(), + "aws_sns_topic_policy": resourceAwsSnsTopicPolicy(), + "aws_sns_topic_subscription": resourceAwsSnsTopicSubscription(), + "aws_sfn_activity": resourceAwsSfnActivity(), + "aws_sfn_state_machine": resourceAwsSfnStateMachine(), + "aws_default_subnet": resourceAwsDefaultSubnet(), + "aws_subnet": resourceAwsSubnet(), + "aws_swf_domain": resourceAwsSwfDomain(), + "aws_transfer_server": resourceAwsTransferServer(), + "aws_transfer_ssh_key": resourceAwsTransferSshKey(), + "aws_transfer_user": resourceAwsTransferUser(), + "aws_volume_attachment": resourceAwsVolumeAttachment(), + "aws_vpc_dhcp_options_association": resourceAwsVpcDhcpOptionsAssociation(), + "aws_default_vpc_dhcp_options": resourceAwsDefaultVpcDhcpOptions(), + "aws_vpc_dhcp_options": resourceAwsVpcDhcpOptions(), + "aws_vpc_peering_connection": resourceAwsVpcPeeringConnection(), + "aws_vpc_peering_connection_accepter": resourceAwsVpcPeeringConnectionAccepter(), + "aws_vpc_peering_connection_options": resourceAwsVpcPeeringConnectionOptions(), + "aws_default_vpc": resourceAwsDefaultVpc(), + "aws_vpc": resourceAwsVpc(), + "aws_vpc_endpoint": resourceAwsVpcEndpoint(), + "aws_vpc_endpoint_connection_notification": resourceAwsVpcEndpointConnectionNotification(), + "aws_vpc_endpoint_route_table_association": resourceAwsVpcEndpointRouteTableAssociation(), + "aws_vpc_endpoint_subnet_association": resourceAwsVpcEndpointSubnetAssociation(), + "aws_vpc_endpoint_service": resourceAwsVpcEndpointService(), + "aws_vpc_endpoint_service_allowed_principal": resourceAwsVpcEndpointServiceAllowedPrincipal(), + "aws_vpc_ipv4_cidr_block_association": resourceAwsVpcIpv4CidrBlockAssociation(), + "aws_vpn_connection": resourceAwsVpnConnection(), + "aws_vpn_connection_route": resourceAwsVpnConnectionRoute(), + "aws_vpn_gateway": resourceAwsVpnGateway(), + "aws_vpn_gateway_attachment": resourceAwsVpnGatewayAttachment(), + "aws_vpn_gateway_route_propagation": resourceAwsVpnGatewayRoutePropagation(), + "aws_waf_byte_match_set": resourceAwsWafByteMatchSet(), + "aws_waf_ipset": resourceAwsWafIPSet(), + "aws_waf_rate_based_rule": resourceAwsWafRateBasedRule(), + "aws_waf_regex_match_set": resourceAwsWafRegexMatchSet(), + "aws_waf_regex_pattern_set": resourceAwsWafRegexPatternSet(), + "aws_waf_rule": resourceAwsWafRule(), + "aws_waf_rule_group": resourceAwsWafRuleGroup(), + "aws_waf_size_constraint_set": resourceAwsWafSizeConstraintSet(), + "aws_waf_web_acl": resourceAwsWafWebAcl(), + "aws_waf_xss_match_set": resourceAwsWafXssMatchSet(), + "aws_waf_sql_injection_match_set": resourceAwsWafSqlInjectionMatchSet(), + "aws_waf_geo_match_set": resourceAwsWafGeoMatchSet(), + "aws_wafregional_byte_match_set": resourceAwsWafRegionalByteMatchSet(), + "aws_wafregional_geo_match_set": resourceAwsWafRegionalGeoMatchSet(), + "aws_wafregional_ipset": resourceAwsWafRegionalIPSet(), + "aws_wafregional_rate_based_rule": resourceAwsWafRegionalRateBasedRule(), + "aws_wafregional_regex_match_set": resourceAwsWafRegionalRegexMatchSet(), + "aws_wafregional_regex_pattern_set": resourceAwsWafRegionalRegexPatternSet(), + "aws_wafregional_rule": resourceAwsWafRegionalRule(), + "aws_wafregional_rule_group": resourceAwsWafRegionalRuleGroup(), + "aws_wafregional_size_constraint_set": resourceAwsWafRegionalSizeConstraintSet(), + "aws_wafregional_sql_injection_match_set": resourceAwsWafRegionalSqlInjectionMatchSet(), + "aws_wafregional_xss_match_set": resourceAwsWafRegionalXssMatchSet(), + "aws_wafregional_web_acl": resourceAwsWafRegionalWebAcl(), + "aws_wafregional_web_acl_association": resourceAwsWafRegionalWebAclAssociation(), + "aws_worklink_fleet": resourceAwsWorkLinkFleet(), + "aws_worklink_website_certificate_authority_association": resourceAwsWorkLinkWebsiteCertificateAuthorityAssociation(), + "aws_batch_compute_environment": resourceAwsBatchComputeEnvironment(), + "aws_batch_job_definition": resourceAwsBatchJobDefinition(), + "aws_batch_job_queue": resourceAwsBatchJobQueue(), + "aws_pinpoint_app": resourceAwsPinpointApp(), + "aws_pinpoint_adm_channel": resourceAwsPinpointADMChannel(), + "aws_pinpoint_apns_channel": resourceAwsPinpointAPNSChannel(), + "aws_pinpoint_apns_sandbox_channel": resourceAwsPinpointAPNSSandboxChannel(), + "aws_pinpoint_apns_voip_channel": resourceAwsPinpointAPNSVoipChannel(), + "aws_pinpoint_apns_voip_sandbox_channel": resourceAwsPinpointAPNSVoipSandboxChannel(), + "aws_pinpoint_baidu_channel": resourceAwsPinpointBaiduChannel(), + "aws_pinpoint_email_channel": resourceAwsPinpointEmailChannel(), + "aws_pinpoint_event_stream": resourceAwsPinpointEventStream(), + "aws_pinpoint_gcm_channel": resourceAwsPinpointGCMChannel(), + "aws_pinpoint_sms_channel": resourceAwsPinpointSMSChannel(), // ALBs are actually LBs because they can be type `network` or `application` // To avoid regressions, we will add a new resource for each and they both point @@ -760,6 +784,7 @@ func Provider() terraform.ResourceProvider { } var descriptions map[string]string +var endpointServiceNames []string func init() { descriptions = map[string]string{ @@ -785,53 +810,7 @@ func init() { "being executed. If the API request still fails, an error is\n" + "thrown.", - "apigateway_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "cloudformation_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "cloudwatch_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "cloudwatchevents_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "cloudwatchlogs_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "devicefarm_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "dynamodb_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n" + - "It's typically used to connect to dynamodb-local.", - - "kinesis_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n" + - "It's typically used to connect to kinesalite.", - - "kinesis_analytics_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "kms_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "iam_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "lambda_endpoint": "Use this to override the default endpoint URL constructed from the `region`\n", - - "ec2_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "autoscaling_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "efs_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "elb_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "es_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "rds_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "s3_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "s3control_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "sns_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "sqs_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", - - "ssm_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n", + "endpoint": "Use this to override the default service endpoint URL", "insecure": "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted," + "default value is `false`", @@ -868,6 +847,124 @@ func init() { " this policy to grant further permissions that are in excess to those of the, " + " role that is being assumed.", } + + endpointServiceNames = []string{ + "acm", + "acmpca", + "apigateway", + "applicationautoscaling", + "appmesh", + "appsync", + "athena", + "autoscaling", + "backup", + "batch", + "budgets", + "cloud9", + "cloudformation", + "cloudfront", + "cloudhsm", + "cloudsearch", + "cloudtrail", + "cloudwatch", + "cloudwatchevents", + "cloudwatchlogs", + "codebuild", + "codecommit", + "codedeploy", + "codepipeline", + "cognitoidentity", + "cognitoidp", + "configservice", + "cur", + "datapipeline", + "datasync", + "dax", + "devicefarm", + "directconnect", + "dlm", + "dms", + "docdb", + "ds", + "dynamodb", + "ec2", + "ecr", + "ecs", + "efs", + "eks", + "elasticache", + "elasticbeanstalk", + "elastictranscoder", + "elb", + "emr", + "es", + "firehose", + "fms", + "fsx", + "gamelift", + "glacier", + "globalaccelerator", + "glue", + "guardduty", + "iam", + "inspector", + "iot", + "kafka", + "kinesis_analytics", + "kinesis", + "kinesisanalytics", + "kinesisvideo", + "kms", + "lambda", + "lexmodels", + "licensemanager", + "lightsail", + "macie", + "managedblockchain", + "mediaconnect", + "mediaconvert", + "medialive", + "mediapackage", + "mediastore", + "mediastoredata", + "mq", + "neptune", + "opsworks", + "organizations", + "pinpoint", + "pricing", + "quicksight", + "r53", + "ram", + "rds", + "redshift", + "resourcegroups", + "route53", + "route53resolver", + "s3", + "s3control", + "sagemaker", + "sdb", + "secretsmanager", + "securityhub", + "serverlessrepo", + "servicecatalog", + "servicediscovery", + "ses", + "shield", + "sns", + "sqs", + "ssm", + "stepfunctions", + "storagegateway", + "sts", + "swf", + "transfer", + "waf", + "wafregional", + "worklink", + "workspaces", + } } func providerConfigure(d *schema.ResourceData) (interface{}, error) { @@ -877,6 +974,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) { Profile: d.Get("profile").(string), Token: d.Get("token").(string), Region: d.Get("region").(string), + Endpoints: make(map[string]string), MaxRetries: d.Get("max_retries").(int), Insecure: d.Get("insecure").(bool), SkipCredsValidation: d.Get("skip_credentials_validation").(bool), @@ -915,42 +1013,21 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) { for _, endpointsSetI := range endpointsSet.List() { endpoints := endpointsSetI.(map[string]interface{}) - config.AcmEndpoint = endpoints["acm"].(string) - config.ApigatewayEndpoint = endpoints["apigateway"].(string) - config.CloudFormationEndpoint = endpoints["cloudformation"].(string) - config.CloudWatchEndpoint = endpoints["cloudwatch"].(string) - config.CloudWatchEventsEndpoint = endpoints["cloudwatchevents"].(string) - config.CloudWatchLogsEndpoint = endpoints["cloudwatchlogs"].(string) - config.DeviceFarmEndpoint = endpoints["devicefarm"].(string) - config.DynamoDBEndpoint = endpoints["dynamodb"].(string) - config.Ec2Endpoint = endpoints["ec2"].(string) - config.AutoscalingEndpoint = endpoints["autoscaling"].(string) - config.EcrEndpoint = endpoints["ecr"].(string) - config.EcsEndpoint = endpoints["ecs"].(string) - config.EfsEndpoint = endpoints["efs"].(string) - config.ElbEndpoint = endpoints["elb"].(string) - config.EsEndpoint = endpoints["es"].(string) - config.IamEndpoint = endpoints["iam"].(string) - config.KinesisEndpoint = endpoints["kinesis"].(string) - config.KinesisAnalyticsEndpoint = endpoints["kinesis_analytics"].(string) - config.KmsEndpoint = endpoints["kms"].(string) - config.LambdaEndpoint = endpoints["lambda"].(string) - config.R53Endpoint = endpoints["r53"].(string) - config.RdsEndpoint = endpoints["rds"].(string) - config.S3Endpoint = endpoints["s3"].(string) - config.S3ControlEndpoint = endpoints["s3control"].(string) - config.SnsEndpoint = endpoints["sns"].(string) - config.SqsEndpoint = endpoints["sqs"].(string) - config.StsEndpoint = endpoints["sts"].(string) - config.SsmEndpoint = endpoints["ssm"].(string) + for _, endpointServiceName := range endpointServiceNames { + config.Endpoints[endpointServiceName] = endpoints[endpointServiceName].(string) + } } if v, ok := d.GetOk("allowed_account_ids"); ok { - config.AllowedAccountIds = v.(*schema.Set).List() + for _, accountIDRaw := range v.(*schema.Set).List() { + config.AllowedAccountIds = append(config.AllowedAccountIds, accountIDRaw.(string)) + } } if v, ok := d.GetOk("forbidden_account_ids"); ok { - config.ForbiddenAccountIds = v.(*schema.Set).List() + for _, accountIDRaw := range v.(*schema.Set).List() { + config.ForbiddenAccountIds = append(config.ForbiddenAccountIds, accountIDRaw.(string)) + } } return config.Client() @@ -995,213 +1072,26 @@ func assumeRoleSchema() *schema.Schema { } func endpointsSchema() *schema.Schema { + endpointsAttributes := make(map[string]*schema.Schema) + + for _, endpointServiceName := range endpointServiceNames { + endpointsAttributes[endpointServiceName] = &schema.Schema{ + Type: schema.TypeString, + Optional: true, + Default: "", + Description: descriptions["endpoint"], + } + } + + // Since the endpoints attribute is a TypeSet we cannot use ConflictsWith + endpointsAttributes["kinesis_analytics"].Deprecated = "use `endpoints` configuration block `kinesisanalytics` argument instead" + endpointsAttributes["r53"].Deprecated = "use `endpoints` configuration block `route53` argument instead" + return &schema.Schema{ Type: schema.TypeSet, Optional: true, Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "acm": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["acm_endpoint"], - }, - "apigateway": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["apigateway_endpoint"], - }, - "cloudwatch": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["cloudwatch_endpoint"], - }, - "cloudwatchevents": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["cloudwatchevents_endpoint"], - }, - "cloudwatchlogs": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["cloudwatchlogs_endpoint"], - }, - "cloudformation": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["cloudformation_endpoint"], - }, - "devicefarm": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["devicefarm_endpoint"], - }, - "dynamodb": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["dynamodb_endpoint"], - }, - "iam": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["iam_endpoint"], - }, - - "ec2": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["ec2_endpoint"], - }, - - "autoscaling": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["autoscaling_endpoint"], - }, - - "ecr": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["ecr_endpoint"], - }, - - "ecs": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["ecs_endpoint"], - }, - - "efs": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["efs_endpoint"], - }, - - "elb": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["elb_endpoint"], - }, - "es": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["es_endpoint"], - }, - "kinesis": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["kinesis_endpoint"], - }, - "kinesis_analytics": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["kinesis_analytics_endpoint"], - }, - "kms": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["kms_endpoint"], - }, - "lambda": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["lambda_endpoint"], - }, - "r53": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["r53_endpoint"], - }, - "rds": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["rds_endpoint"], - }, - "s3": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["s3_endpoint"], - }, - "s3control": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["s3control_endpoint"], - }, - "sns": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["sns_endpoint"], - }, - "sqs": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["sqs_endpoint"], - }, - "sts": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["sts_endpoint"], - }, - "ssm": { - Type: schema.TypeString, - Optional: true, - Default: "", - Description: descriptions["ssm_endpoint"], - }, - }, + Schema: endpointsAttributes, }, - Set: endpointsToHash, } } - -func endpointsToHash(v interface{}) int { - var buf bytes.Buffer - m := v.(map[string]interface{}) - buf.WriteString(fmt.Sprintf("%s-", m["apigateway"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["cloudwatch"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["cloudwatchevents"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["cloudwatchlogs"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["cloudformation"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["devicefarm"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["dynamodb"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["iam"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["ec2"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["autoscaling"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["efs"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["elb"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["kinesis"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["kms"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["lambda"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["rds"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["s3"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["sns"].(string))) - buf.WriteString(fmt.Sprintf("%s-", m["sqs"].(string))) - - return hashcode.String(buf.String()) -} diff --git a/aws/resource_aws_organizations_unit_test.go b/aws/resource_aws_organizations_unit_test.go index 0984aeb28459..720aa4127e2b 100644 --- a/aws/resource_aws_organizations_unit_test.go +++ b/aws/resource_aws_organizations_unit_test.go @@ -10,6 +10,27 @@ import ( "github.com/hashicorp/terraform/terraform" ) +func testAccAwsOrganizationsUnit_importBasic(t *testing.T) { + resourceName := "aws_organizations_unit.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsOrganizationsUnitDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsOrganizationsUnitConfig("foo"), + }, + + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func testAccAwsOrganizationsUnit_basic(t *testing.T) { var unit organizations.OrganizationalUnit @@ -78,6 +99,15 @@ func testAccCheckAwsOrganizationsUnitDestroy(s *terraform.State) error { continue } + exists, err := existsOrganization(conn) + if err != nil { + return fmt.Errorf("failed to check for the existance of an AWS Organization: %v", err) + } + + if !exists { + continue + } + params := &organizations.DescribeOrganizationalUnitInput{ OrganizationalUnitId: &rs.Primary.ID, } @@ -100,6 +130,18 @@ func testAccCheckAwsOrganizationsUnitDestroy(s *terraform.State) error { } +func existsOrganization(client *organizations.Organizations) (ok bool, err error) { + _, err = client.DescribeOrganization(&organizations.DescribeOrganizationInput{}) + if err != nil { + if isAWSErr(err, organizations.ErrCodeAWSOrganizationsNotInUseException, "") { + err = nil + } + return + } + ok = true + return +} + func testAccCheckAwsOrganizationsUnitExists(n string, ou *organizations.OrganizationalUnit) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] @@ -130,12 +172,11 @@ func testAccCheckAwsOrganizationsUnitExists(n string, ou *organizations.Organiza func testAccAwsOrganizationsUnitConfig(name string) string { return fmt.Sprintf(` -data "aws_organizations_unit" "root" { - root = true +resource "aws_organizations_organization" "org" { } resource "aws_organizations_unit" "test" { - parent_id = "${data.aws_organizations_unit.root.id}" + parent_id = "${aws_organizations_organization.org.roots.0.id}" name = "%s" } `, name) diff --git a/website/aws.erb b/website/aws.erb index 9245370d7019..5b06eb6e587e 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -1,692 +1,763 @@ <% wrap_layout :inner do %> <% content_for :sidebar do %> <% end %> <%= yield %> -<% end %> +<% end %> \ No newline at end of file diff --git a/website/docs/r/organizations_account.html.markdown b/website/docs/r/organizations_account.html.markdown index fd150903d696..a2d93b32fd8e 100644 --- a/website/docs/r/organizations_account.html.markdown +++ b/website/docs/r/organizations_account.html.markdown @@ -6,7 +6,7 @@ description: |- Provides a resource to create a member account in the current AWS Organization. --- -# aws_organizations_account +# Resource: aws_organizations_account Provides a resource to create a member account in the current organization. From 206cd66cf3b50dd4439118e0f2d61b6b97d8509f Mon Sep 17 00:00:00 2001 From: Bryan Alexander Date: Tue, 7 May 2019 22:23:04 -0500 Subject: [PATCH 08/10] updates aws_organizations_unit resource on website, removing data source dependency --- website/docs/r/organizations_unit.html.markdown | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/website/docs/r/organizations_unit.html.markdown b/website/docs/r/organizations_unit.html.markdown index 53a3d647deeb..7c7cfb255db8 100644 --- a/website/docs/r/organizations_unit.html.markdown +++ b/website/docs/r/organizations_unit.html.markdown @@ -13,12 +13,11 @@ Provides a resource to create an organizational unit. ## Example Usage: ```hcl -data "aws_organizations_unit" "root" { - root = true +resource "aws_organizations_organization" "org" { } resource "aws_organizations_unit" "tenants" { - parent_id = "${data.aws_organizations_unit.root.id}" + parent_id = "${aws_organizations_organization.roots.0.id}" name = "tenants" } ``` From fd0b5c2ba693b2f5c5636931a0b74c42f9ee896f Mon Sep 17 00:00:00 2001 From: Bryan Alexander Date: Tue, 7 May 2019 22:45:12 -0500 Subject: [PATCH 09/10] resolves two pointer derefs inside resource_aws_organizations_unit_test.go --- aws/resource_aws_organizations_unit_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_organizations_unit_test.go b/aws/resource_aws_organizations_unit_test.go index 720aa4127e2b..a2bd01f9dd1e 100644 --- a/aws/resource_aws_organizations_unit_test.go +++ b/aws/resource_aws_organizations_unit_test.go @@ -121,7 +121,7 @@ func testAccCheckAwsOrganizationsUnitDestroy(s *terraform.State) error { return err } - if resp == nil && resp.OrganizationalUnit != nil { + if resp != nil && resp.OrganizationalUnit != nil { return fmt.Errorf("Bad: Organizational Unit still exists: %q", rs.Primary.ID) } } @@ -160,7 +160,7 @@ func testAccCheckAwsOrganizationsUnitExists(n string, ou *organizations.Organiza return err } - if resp == nil || resp.OrganizationalUnit == nil { + if resp != nil || resp.OrganizationalUnit == nil { return fmt.Errorf("Organizational Unit %q does not exist", rs.Primary.ID) } From 6ab939b27b186054f21c5aa9ca8fa2f92d98487e Mon Sep 17 00:00:00 2001 From: Bryan Alexander Date: Tue, 7 May 2019 22:55:07 -0500 Subject: [PATCH 10/10] adds additional error check for OU not found --- aws/resource_aws_organizations_unit_test.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_organizations_unit_test.go b/aws/resource_aws_organizations_unit_test.go index a2bd01f9dd1e..adc904f6619b 100644 --- a/aws/resource_aws_organizations_unit_test.go +++ b/aws/resource_aws_organizations_unit_test.go @@ -157,11 +157,14 @@ func testAccCheckAwsOrganizationsUnitExists(n string, ou *organizations.Organiza resp, err := conn.DescribeOrganizationalUnit(params) if err != nil { + if isAWSErr(err, organizations.ErrCodeOrganizationalUnitNotFoundException, "") { + return fmt.Errorf("Organizational Unit %q does not exist", rs.Primary.ID) + } return err } - if resp != nil || resp.OrganizationalUnit == nil { - return fmt.Errorf("Organizational Unit %q does not exist", rs.Primary.ID) + if resp == nil { + return fmt.Errorf("failed to DescribeOrganizationalUnit %q, response was nil", rs.Primary.ID) } ou = resp.OrganizationalUnit