diff --git a/.changelog/17830.txt b/.changelog/17830.txt new file mode 100644 index 00000000000..ca76c19e6fc --- /dev/null +++ b/.changelog/17830.txt @@ -0,0 +1,7 @@ +```release-note:enhancement +resource/aws_ssm_parameter: Add plan time validation to `name`, `description` and `allowed_pattern` +``` + +```release-note:enhancement +resource/aws_ssm_parameter: Tag on create +``` diff --git a/aws/resource_aws_ssm_parameter.go b/aws/resource_aws_ssm_parameter.go index 901fd3d81be..b9d6ad46a9f 100644 --- a/aws/resource_aws_ssm_parameter.go +++ b/aws/resource_aws_ssm_parameter.go @@ -32,13 +32,15 @@ func resourceAwsSsmParameter() *schema.Resource { Schema: map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringLenBetween(1, 2048), }, "description": { - Type: schema.TypeString, - Optional: true, + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringLenBetween(1, 1024), }, "tier": { Type: schema.TypeString, @@ -83,8 +85,9 @@ func resourceAwsSsmParameter() *schema.Resource { Optional: true, }, "allowed_pattern": { - Type: schema.TypeString, - Optional: true, + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringLenBetween(1, 1024), }, "version": { Type: schema.TypeInt, @@ -164,7 +167,7 @@ func resourceAwsSsmParameterRead(d *schema.ResourceData, meta interface{}) error } describeResp, err := ssmconn.DescribeParameters(describeParamsInput) if err != nil { - return fmt.Errorf("error describing SSM parameter: %s", err) + return fmt.Errorf("error describing SSM parameter: %w", err) } if describeResp == nil || len(describeResp.Parameters) == 0 || describeResp.Parameters[0] == nil { @@ -186,11 +189,11 @@ func resourceAwsSsmParameterRead(d *schema.ResourceData, meta interface{}) error tags, err := keyvaluetags.SsmListTags(ssmconn, name, ssm.ResourceTypeForTaggingParameter) if err != nil { - return fmt.Errorf("error listing tags for SSM Parameter (%s): %s", name, err) + return fmt.Errorf("error listing tags for SSM Parameter (%s): %w", name, err) } if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { - return fmt.Errorf("error setting tags: %s", err) + return fmt.Errorf("error setting tags: %w", err) } d.Set("arn", param.ARN) @@ -216,10 +219,11 @@ func resourceAwsSsmParameterDelete(d *schema.ResourceData, meta interface{}) err func resourceAwsSsmParameterPut(d *schema.ResourceData, meta interface{}) error { ssmconn := meta.(*AWSClient).ssmconn - log.Printf("[INFO] Creating SSM Parameter: %s", d.Get("name").(string)) + name := d.Get("name").(string) + log.Printf("[INFO] Creating SSM Parameter: %s", name) paramInput := &ssm.PutParameterInput{ - Name: aws.String(d.Get("name").(string)), + Name: aws.String(name), Type: aws.String(d.Get("type").(string)), Tier: aws.String(d.Get("tier").(string)), Value: aws.String(d.Get("value").(string)), @@ -240,6 +244,10 @@ func resourceAwsSsmParameterPut(d *schema.ResourceData, meta interface{}) error paramInput.SetKeyId(keyID.(string)) } + if v, ok := d.GetOk("tags"); ok && d.IsNewResource() { + paramInput.Tags = keyvaluetags.New(v.(map[string]interface{})).IgnoreAws().SsmTags() + } + log.Printf("[DEBUG] Waiting for SSM Parameter %v to be updated", d.Get("name")) _, err := ssmconn.PutParameter(paramInput) @@ -249,19 +257,18 @@ func resourceAwsSsmParameterPut(d *schema.ResourceData, meta interface{}) error } if err != nil { - return fmt.Errorf("error creating SSM parameter: %s", err) + return fmt.Errorf("error creating SSM parameter: %w", err) } - name := d.Get("name").(string) - if d.HasChange("tags") { + if !d.IsNewResource() && d.HasChange("tags") { o, n := d.GetChange("tags") if err := keyvaluetags.SsmUpdateTags(ssmconn, name, ssm.ResourceTypeForTaggingParameter, o, n); err != nil { - return fmt.Errorf("error updating SSM Parameter (%s) tags: %s", name, err) + return fmt.Errorf("error updating SSM Parameter (%s) tags: %w", name, err) } } - d.SetId(d.Get("name").(string)) + d.SetId(name) return resourceAwsSsmParameterRead(d, meta) }