New Resource: aws_glue_security_configuration

[bflad]

Closes #6286

Changes proposed in this pull request:

• New Resource: aws_glue_security_configuration

Output from acceptance testing:

--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (11.83s)
--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (12.00s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (39.17s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (39.26s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (39.38s)

[tombuildsstuff]

some minor comments but this otherwise LGTM 👍

[tombuildsstuff]

I'd argue you could ditch the _encryption suffix here, since you're within encryption_configuration

[bflad]

I think we're still preferring to be consistent with the AWS API, CLI, and SDKs for now, with the hopes that maybe the service API authors had a good reason to add all the naming redundancy.

[tombuildsstuff]

I'd argue you could ditch the _encryption suffix here, since you're within encryption_configuration

[tombuildsstuff]

I'd argue you could ditch the _encryption suffix here, since you're within encryption_configuration

[tombuildsstuff]

do we want to wrap this error to give more context?

[bflad]

Yes indeed! Will update.

[bflad]

Ah, since this is a helper function, we return the raw error to allow downstream implementers to determine what context they'd like to provide. 😄

[tombuildsstuff]

IMO this should be:

Suggested change

	#### job_bookmarks_encryption Argument Reference
	---
	A `job_bookmarks_encryption` block as defined below:

[tombuildsstuff]

IMO this should be:

Suggested change

	#### s3_encryption Argument Reference
	---
	A `s3_encryption` block as defined below:

[tombuildsstuff]

Suggested change

	* `s3_encryption_mode` - (Optional) Encryption mode to use for S3 data. Valid values: `DISABLED`, `SSE-KMS`, `SSE-S3`. Default value: `DISABLED`.
	* `s3_encryption_mode` - (Optional) Encryption mode to use for S3 data. Possible values are: `DISABLED`, `SSE-KMS`, `SSE-S3`. Defaults to `DISABLED`.

[bflad]

Another style consistency thing to followup on, although we do have precedence for Valid values: and Default value: elsewhere.

[tombuildsstuff]

Suggested change

	* `job_bookmarks_encryption_mode` - (Optional) Encryption mode to use for job bookmarks data. Valid values: `CSE-KMS`, `DISABLED`. Default value: `DISABLED`.
	* `job_bookmarks_encryption_mode` - (Optional) Encryption mode to use for job bookmarks data. Possible values are `CSE-KMS`, `DISABLED`. Defaults to `DISABLED`.

[tombuildsstuff]

Suggested change

	* `cloudwatch_encryption_mode` - (Optional) Encryption mode to use for CloudWatch data. Valid values: `DISABLED`, `SSE-KMS`. Default value: `DISABLED`.
	* `cloudwatch_encryption_mode` - (Optional) Encryption mode to use for CloudWatch data. Possible values are `DISABLED`, `SSE-KMS`. Defaults to `DISABLED`.

[bflad]

Updated, passes testing, merging!

--- PASS: TestAccAWSGlueSecurityConfiguration_Basic (11.52s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSES3 (11.97s)
--- PASS: TestAccAWSGlueSecurityConfiguration_S3Encryption_S3EncryptionMode_SSEKMS (39.27s)
--- PASS: TestAccAWSGlueSecurityConfiguration_JobBookmarksEncryption_JobBookmarksEncryptionMode_CSEKMS (39.42s)
--- PASS: TestAccAWSGlueSecurityConfiguration_CloudWatchEncryption_CloudWatchEncryptionMode_SSEKMS (39.49s)

[bflad]

This has been released in version 1.42.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!