From 7108e2e187c57a4b841cea1bf819c01715f50bcd Mon Sep 17 00:00:00 2001
From: Christian Tellnes <christian@tellnes.no>
Date: Sat, 22 Feb 2020 00:22:08 +0100
Subject: [PATCH 1/7] resource/aws_codebuild_project - add
 file_system_locations

Adds AWS CodeBuild support for EFS
---
 aws/resource_aws_codebuild_project.go         | 135 ++++++++++++++++--
 aws/resource_aws_codebuild_project_test.go    |  66 ++++++++-
 .../docs/r/codebuild_project.html.markdown    |  13 +-
 3 files changed, 200 insertions(+), 14 deletions(-)

diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go
index 268d0423be2..e6dee63a768 100644
--- a/aws/resource_aws_codebuild_project.go
+++ b/aws/resource_aws_codebuild_project.go
@@ -274,6 +274,36 @@ func resourceAwsCodeBuildProject() *schema.Resource {
 					},
 				},
 			},
+			"file_system_locations": {
+				Type:     schema.TypeSet,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"identifier": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"location": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"mount_options": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"mount_point": {
+							Type:     schema.TypeString,
+							Optional: true,
+						},
+						"type": {
+							Type:         schema.TypeString,
+							Optional:     true,
+							Default:      codebuild.FileSystemTypeEfs,
+							ValidateFunc: validation.StringInSlice(codebuild.FileSystemType_Values(), false),
+						},
+					},
+				},
+			},
 			"logs_config": {
 				Type:     schema.TypeList,
 				Optional: true,
@@ -659,6 +689,7 @@ func resourceAwsCodeBuildProjectCreate(d *schema.ResourceData, meta interface{})
 	projectSecondarySources := expandProjectSecondarySources(d)
 	projectLogsConfig := expandProjectLogsConfig(d)
 	projectBatchConfig := expandCodeBuildBuildBatchConfig(d)
+	projectFileSystemLocations := expandProjectFileSystemLocations(d)
 
 	if aws.StringValue(projectSource.Type) == codebuild.SourceTypeNoSource {
 		if aws.StringValue(projectSource.Buildspec) == "" {
@@ -671,15 +702,16 @@ func resourceAwsCodeBuildProjectCreate(d *schema.ResourceData, meta interface{})
 	}
 
 	params := &codebuild.CreateProjectInput{
-		Environment:        projectEnv,
-		Name:               aws.String(d.Get("name").(string)),
-		Source:             &projectSource,
-		Artifacts:          &projectArtifacts,
-		SecondaryArtifacts: projectSecondaryArtifacts,
-		SecondarySources:   projectSecondarySources,
-		LogsConfig:         projectLogsConfig,
-		BuildBatchConfig:   projectBatchConfig,
-		Tags:               tags.IgnoreAws().CodebuildTags(),
+		Environment:         projectEnv,
+		Name:                aws.String(d.Get("name").(string)),
+		Source:              &projectSource,
+		Artifacts:           &projectArtifacts,
+		SecondaryArtifacts:  projectSecondaryArtifacts,
+		SecondarySources:    projectSecondarySources,
+		LogsConfig:          projectLogsConfig,
+		BuildBatchConfig:    projectBatchConfig,
+		FileSystemLocations: projectFileSystemLocations,
+		Tags:                tags.IgnoreAws().CodebuildTags(),
 	}
 
 	if v, ok := d.GetOk("cache"); ok {
@@ -753,6 +785,47 @@ func resourceAwsCodeBuildProjectCreate(d *schema.ResourceData, meta interface{})
 	return resourceAwsCodeBuildProjectRead(d, meta)
 }
 
+func expandProjectFileSystemLocations(d *schema.ResourceData) []*codebuild.ProjectFileSystemLocation {
+	fileSystemLocations := make([]*codebuild.ProjectFileSystemLocation, 0)
+
+	configsList := d.Get("file_system_locations").(*schema.Set).List()
+
+	if len(configsList) == 0 {
+		return nil
+	}
+
+	for _, config := range configsList {
+		art := expandProjectFileSystemLocation(config.(map[string]interface{}))
+		fileSystemLocations = append(fileSystemLocations, &art)
+	}
+
+	return fileSystemLocations
+}
+
+func expandProjectFileSystemLocation(data map[string]interface{}) codebuild.ProjectFileSystemLocation {
+	projectFileSystemLocation := codebuild.ProjectFileSystemLocation{
+		Type: aws.String(data["type"].(string)),
+	}
+
+	if data["identifier"].(string) != "" {
+		projectFileSystemLocation.Identifier = aws.String(data["identifier"].(string))
+	}
+
+	if data["location"].(string) != "" {
+		projectFileSystemLocation.Location = aws.String(data["location"].(string))
+	}
+
+	if data["mount_options"].(string) != "" {
+		projectFileSystemLocation.MountOptions = aws.String(data["mount_options"].(string))
+	}
+
+	if data["mount_point"].(string) != "" {
+		projectFileSystemLocation.MountPoint = aws.String(data["mount_point"].(string))
+	}
+
+	return projectFileSystemLocation
+}
+
 func expandProjectSecondaryArtifacts(d *schema.ResourceData) []*codebuild.ProjectArtifacts {
 	artifacts := make([]*codebuild.ProjectArtifacts, 0)
 
@@ -1191,6 +1264,10 @@ func resourceAwsCodeBuildProjectRead(d *schema.ResourceData, meta interface{}) e
 		return fmt.Errorf("error setting environment: %s", err)
 	}
 
+	if err := d.Set("file_system_locations", flattenAwsCodeBuildProjectFileSystemLocations(project.FileSystemLocations)); err != nil {
+		return fmt.Errorf("error setting file_system_locations: %s", err)
+	}
+
 	if err := d.Set("cache", flattenAwsCodebuildProjectCache(project.Cache)); err != nil {
 		return fmt.Errorf("error setting cache: %s", err)
 	}
@@ -1264,6 +1341,11 @@ func resourceAwsCodeBuildProjectUpdate(d *schema.ResourceData, meta interface{})
 		params.Environment = projectEnv
 	}
 
+	if d.HasChange("file_system_locations") {
+		projectFileSystemLocations := expandProjectFileSystemLocations(d)
+		params.FileSystemLocations = projectFileSystemLocations
+	}
+
 	if d.HasChange("source") {
 		projectSource := expandProjectSource(d)
 		params.Source = &projectSource
@@ -1394,6 +1476,41 @@ func resourceAwsCodeBuildProjectDelete(d *schema.ResourceData, meta interface{})
 	return err
 }
 
+func flattenAwsCodeBuildProjectFileSystemLocations(fileSystemLocationsList []*codebuild.ProjectFileSystemLocation) *schema.Set {
+	fileSystemLocationsSet := schema.Set{}
+
+	for _, fileSystemLocation := range fileSystemLocationsList {
+		fileSystemLocationsSet.Add(flattenAwsCodeBuildProjectFileSystemLocation(*fileSystemLocation))
+	}
+	return &fileSystemLocationsSet
+}
+
+func flattenAwsCodeBuildProjectFileSystemLocation(fileSystemLocation codebuild.ProjectFileSystemLocation) map[string]interface{} {
+	values := map[string]interface{}{}
+
+	if fileSystemLocation.Identifier != nil {
+		values["identifier"] = *fileSystemLocation.Identifier
+	}
+
+	if fileSystemLocation.Location != nil {
+		values["location"] = *fileSystemLocation.Location
+	}
+
+	if fileSystemLocation.MountOptions != nil {
+		values["mount_options"] = *fileSystemLocation.MountOptions
+	}
+
+	if fileSystemLocation.MountPoint != nil {
+		values["mount_point"] = *fileSystemLocation.MountPoint
+	}
+
+	if fileSystemLocation.Type != nil {
+		values["type"] = *fileSystemLocation.Type
+	}
+
+	return values
+}
+
 func flattenAwsCodeBuildLogsConfig(logsConfig *codebuild.LogsConfig) []interface{} {
 	if logsConfig == nil {
 		return []interface{}{}
diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go
index 5762435e49f..74b24445a3d 100644
--- a/aws/resource_aws_codebuild_project_test.go
+++ b/aws/resource_aws_codebuild_project_test.go
@@ -308,6 +308,32 @@ func TestAccAWSCodeBuildProject_Description(t *testing.T) {
 	})
 }
 
+func TestAccAWSCodeBuildProject_FileSystemLocations(t *testing.T) {
+	var project codebuild.Project
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	iName := acctest.RandomWithPrefix("tf-acc-test-identifier")
+	resourceName := "aws_codebuild_project.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) },
+		ErrorCheck:   testAccErrorCheck(t, codebuild.EndpointsID, "efs"), //using efs.EndpointsID will import efs and make linters sad
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.identifier", iName),
+					testAccMatchResourceAttrRegionalHostname(resourceName, "file_system_locations.0.location", "efs", regexp.MustCompile(`[^.]+`)),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.type", codebuild.FileSystemTypeEfs),
+				),
+			},
+		},
+	})
+}
+
 func TestAccAWSCodeBuildProject_SourceVersion(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
@@ -4395,7 +4421,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_SecondarySources_CodeCommit(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -4431,7 +4457,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_BuildStatusConfig_GitHubEnterprise(rName string) string {
 	return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -4460,8 +4486,8 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_ConcurrentBuildLimit(rName string, concurrentBuildLimit int) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  concurrent_build_limit = %d
-  name                   = "%s"
+  concurrent_build_limit = %[1]d
+  name                   = %[2]q
   service_role           = aws_iam_role.test.arn
 
   artifacts {
@@ -4481,3 +4507,35 @@ resource "aws_codebuild_project" "test" {
 }
 `, concurrentBuildLimit, rName))
 }
+
+func testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName string) string {
+	return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(`
+resource "aws_efs_file_system" "test" {}
+
+resource "aws_codebuild_project" "test" {
+  name         = %[1]q
+  service_role = aws_iam_role.test.arn
+
+  artifacts {
+    type = "NO_ARTIFACTS"
+  }
+
+  environment {
+    compute_type = "BUILD_GENERAL1_SMALL"
+    image        = "2"
+    type         = "LINUX_CONTAINER"
+  }
+
+  source {
+    type     = "GITHUB"
+    location = "https://github.com/hashicorp/packer.git"
+  }
+
+  file_system_locations {
+    identifier = "test"
+    location   = aws_efs_file_system.test.dns_name
+    type       = "EFS"
+  }
+}
+`, rName)
+}
diff --git a/website/docs/r/codebuild_project.html.markdown b/website/docs/r/codebuild_project.html.markdown
index 6df6c03cff0..cdf681092f3 100755
--- a/website/docs/r/codebuild_project.html.markdown
+++ b/website/docs/r/codebuild_project.html.markdown
@@ -235,6 +235,7 @@ The following arguments are optional:
 * `cache` - (Optional) Configuration block. Detailed below.
 * `concurrent_build_limit` - (Optional) Specify a maximum number of concurrent builds for the project. The value specified must be greater than 0 and less than the account concurrent running builds limit.
 * `description` - (Optional) Short description of the project.
+* `file_system_locations` - (Optional) A set of file system locations to to mount inside the build. File system locations are documented below.
 * `encryption_key` - (Optional) AWS Key Management Service (AWS KMS) customer master key (CMK) to be used for encrypting the build project's build output artifacts.
 * `logs_config` - (Optional) Configuration block. Detailed below.
 * `queued_timeout` - (Optional) Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours.
@@ -368,6 +369,16 @@ This block is only valid when the `type` is `CODECOMMIT`, `GITHUB` or `GITHUB_EN
 * `report_build_status` - (Optional) Whether to report the status of a build's start and finish to your source provider. This option is only valid when the `type` is `BITBUCKET` or `GITHUB`.
 * `type` - (Required) Type of repository that contains the source code to be built. Valid values: `CODECOMMIT`, `CODEPIPELINE`, `GITHUB`, `GITHUB_ENTERPRISE`, `BITBUCKET`, `S3`, `NO_SOURCE`.
 
+`file_system_locations` supports the following:
+
+See [ProjectFileSystemLocation](https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ProjectFileSystemLocation.html) for more details of the fields.
+
+* `identifier` - (Optional) The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the identifier in all capital letters to CODEBUILD\_. For example, if you specify my-efs for identifier, a new environment variable is create named CODEBUILD_MY-EFS.
+* `location` - (Optional) A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path`.
+* `mount_options` - (Optional) The mount options for a file system created by AWS EFS.
+* `mount_point` - (Optional) The location in the container where you mount the file system.
+* `type` - (Optional) The type of the file system. The one supported type is `EFS`.
+
 #### source: auth
 
 * `resource` - (Optional, **Deprecated**) Resource value that applies to the specified authorization type. Use the [`aws_codebuild_source_credential` resource](codebuild_source_credential.html) instead.
@@ -400,4 +411,4 @@ CodeBuild Project can be imported using the `name`, e.g.
 
 ```
 $ terraform import aws_codebuild_project.name project-name
-```
+```
\ No newline at end of file

From 429d89ce6a258417fb20e9ecd70d6855d8a30529 Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Thu, 29 Apr 2021 13:10:09 -0400
Subject: [PATCH 2/7] Fix semgrep error 'Prefer AWS Go SDK pointer conversion
 functions for dereferencing during assignment'.

---
 aws/resource_aws_codebuild_project.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go
index e6dee63a768..b3f0cd32225 100644
--- a/aws/resource_aws_codebuild_project.go
+++ b/aws/resource_aws_codebuild_project.go
@@ -1489,23 +1489,23 @@ func flattenAwsCodeBuildProjectFileSystemLocation(fileSystemLocation codebuild.P
 	values := map[string]interface{}{}
 
 	if fileSystemLocation.Identifier != nil {
-		values["identifier"] = *fileSystemLocation.Identifier
+		values["identifier"] = aws.StringValue(fileSystemLocation.Identifier)
 	}
 
 	if fileSystemLocation.Location != nil {
-		values["location"] = *fileSystemLocation.Location
+		values["location"] = aws.StringValue(fileSystemLocation.Location)
 	}
 
 	if fileSystemLocation.MountOptions != nil {
-		values["mount_options"] = *fileSystemLocation.MountOptions
+		values["mount_options"] = aws.StringValue(fileSystemLocation.MountOptions)
 	}
 
 	if fileSystemLocation.MountPoint != nil {
-		values["mount_point"] = *fileSystemLocation.MountPoint
+		values["mount_point"] = aws.StringValue(fileSystemLocation.MountPoint)
 	}
 
 	if fileSystemLocation.Type != nil {
-		values["type"] = *fileSystemLocation.Type
+		values["type"] = aws.StringValue(fileSystemLocation.Type)
 	}
 
 	return values

From e37d9a04b1ab51c3ec39f84b00bd03c36efcb937 Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Thu, 29 Apr 2021 15:06:18 -0400
Subject: [PATCH 3/7] r/aws_codebuild_project: Fiddle with service role in an
 attempt to get EFS file system location working.

---
 aws/resource_aws_codebuild_project_test.go | 28 +++++++++++++++++-----
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go
index 74b24445a3d..0245535a9f9 100644
--- a/aws/resource_aws_codebuild_project_test.go
+++ b/aws/resource_aws_codebuild_project_test.go
@@ -326,7 +326,7 @@ func TestAccAWSCodeBuildProject_FileSystemLocations(t *testing.T) {
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "file_system_locations.#", "1"),
 					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.identifier", iName),
-					testAccMatchResourceAttrRegionalHostname(resourceName, "file_system_locations.0.location", "efs", regexp.MustCompile(`[^.]+`)),
+					resource.TestCheckResourceAttrSet(resourceName, "file_system_locations.0.location"),
 					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.type", codebuild.FileSystemTypeEfs),
 				),
 			},
@@ -2475,6 +2475,22 @@ resource "aws_iam_role_policy" "test" {
         "s3:*"
       ],
       "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "codebuild:*",
+        "iam:PassRole"
+      ],
+      "Resource": "*"
+    }
+	,
+    {
+      "Effect": "Allow",
+      "Action": [
+        "efs:*"
+      ],
+      "Resource": "*"
     }
   ]
 }
@@ -4455,7 +4471,7 @@ resource "aws_codebuild_project" "test" {
 }
 
 func testAccAWSCodeBuildProjectConfig_Source_BuildStatusConfig_GitHubEnterprise(rName string) string {
-	return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(`
+	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4480,7 +4496,7 @@ resource "aws_codebuild_project" "test" {
     }
   }
 }
-`, rName)
+`, rName))
 }
 
 func testAccAWSCodeBuildProjectConfig_ConcurrentBuildLimit(rName string, concurrentBuildLimit int) string {
@@ -4509,7 +4525,7 @@ resource "aws_codebuild_project" "test" {
 }
 
 func testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName string) string {
-	return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(`
+	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_efs_file_system" "test" {}
 
 resource "aws_codebuild_project" "test" {
@@ -4533,9 +4549,9 @@ resource "aws_codebuild_project" "test" {
 
   file_system_locations {
     identifier = "test"
-    location   = aws_efs_file_system.test.dns_name
+    location   = "${aws_efs_file_system.test.dns_name}:/directory-path"
     type       = "EFS"
   }
 }
-`, rName)
+`, rName))
 }

From 1ec75c2e7377065a6c778d9d099d93ac6503e0b2 Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Fri, 30 Apr 2021 09:53:35 -0400
Subject: [PATCH 4/7] Add CHANGELOG entry.

---
 .changelog/12130.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .changelog/12130.txt

diff --git a/.changelog/12130.txt b/.changelog/12130.txt
new file mode 100644
index 00000000000..8a47d1df19f
--- /dev/null
+++ b/.changelog/12130.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_codebuild_project: Add `file_system_locations` argument
+```
\ No newline at end of file

From 5783bc9d0a2887ed2f1080e40e58837f6ab0d570 Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Fri, 30 Apr 2021 11:06:17 -0400
Subject: [PATCH 5/7] r/aws_codebuild_project_test: Tidy up acceptance test
 configurations.

---
 aws/resource_aws_codebuild_project_test.go | 515 ++++++++++++---------
 1 file changed, 294 insertions(+), 221 deletions(-)

diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go
index 0245535a9f9..3c3fa68f18f 100644
--- a/aws/resource_aws_codebuild_project_test.go
+++ b/aws/resource_aws_codebuild_project_test.go
@@ -314,6 +314,8 @@ func TestAccAWSCodeBuildProject_FileSystemLocations(t *testing.T) {
 	iName := acctest.RandomWithPrefix("tf-acc-test-identifier")
 	resourceName := "aws_codebuild_project.test"
 
+	t.Skip("FileSystemLocations not yet working")
+
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) },
 		ErrorCheck:   testAccErrorCheck(t, codebuild.EndpointsID, "efs"), //using efs.EndpointsID will import efs and make linters sad
@@ -527,7 +529,6 @@ func TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Value(t *testing
 func TestAccAWSCodeBuildProject_Environment_Certificate(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	oName := "certificate.pem"
 	resourceName := "aws_codebuild_project.test"
 
@@ -538,10 +539,10 @@ func TestAccAWSCodeBuildProject_Environment_Certificate(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodeBuildProjectConfig_Environment_Certificate(rName, bName, oName),
+				Config: testAccAWSCodeBuildProjectConfig_Environment_Certificate(rName, oName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
-					testAccCheckAWSCodeBuildProjectCertificate(&project, fmt.Sprintf("%s/%s", bName, oName)),
+					testAccCheckAWSCodeBuildProjectCertificate(&project, fmt.Sprintf("%s/%s", rName, oName)),
 				),
 			},
 			{
@@ -601,7 +602,6 @@ func TestAccAWSCodeBuildProject_LogsConfig_CloudWatchLogs(t *testing.T) {
 func TestAccAWSCodeBuildProject_LogsConfig_S3Logs(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -611,25 +611,25 @@ func TestAccAWSCodeBuildProject_LogsConfig_S3Logs(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, codebuild.LogsConfigStatusTypeEnabled, bName+"/build-log", false),
+				Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, codebuild.LogsConfigStatusTypeEnabled, rName+"/build-log", false),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", codebuild.LogsConfigStatusTypeEnabled),
-					resource.TestMatchResourceAttr(resourceName, "logs_config.0.s3_logs.0.location", regexp.MustCompile(`tf-acc-test-bucket-[0-9]+/build-log$`)),
+					resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.location", rName+"/build-log"),
 					resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.encryption_disabled", "false"),
 				),
 			},
 			{
-				Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, codebuild.LogsConfigStatusTypeEnabled, bName+"/build-log", true),
+				Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, codebuild.LogsConfigStatusTypeEnabled, rName+"/build-log", true),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", codebuild.LogsConfigStatusTypeEnabled),
-					resource.TestMatchResourceAttr(resourceName, "logs_config.0.s3_logs.0.location", regexp.MustCompile(`tf-acc-test-bucket-[0-9]+/build-log$`)),
+					resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.location", rName+"/build-log"),
 					resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.encryption_disabled", "true"),
 				),
 			},
 			{
-				Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, codebuild.LogsConfigStatusTypeDisabled, "", false),
+				Config: testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, codebuild.LogsConfigStatusTypeDisabled, "", false),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "logs_config.0.s3_logs.0.status", codebuild.LogsConfigStatusTypeDisabled),
@@ -1460,7 +1460,6 @@ func TestAccAWSCodeBuildProject_ARMContainer(t *testing.T) {
 func TestAccAWSCodeBuildProject_Artifacts_ArtifactIdentifier(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	artifactIdentifier1 := "artifactIdentifier1"
@@ -1473,7 +1472,7 @@ func TestAccAWSCodeBuildProject_Artifacts_ArtifactIdentifier(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_ArtifactIdentifier(rName, bName, artifactIdentifier1),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_ArtifactIdentifier(rName, artifactIdentifier1),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1486,7 +1485,7 @@ func TestAccAWSCodeBuildProject_Artifacts_ArtifactIdentifier(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_ArtifactIdentifier(rName, bName, artifactIdentifier2),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_ArtifactIdentifier(rName, artifactIdentifier2),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1500,7 +1499,6 @@ func TestAccAWSCodeBuildProject_Artifacts_ArtifactIdentifier(t *testing.T) {
 func TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -1510,7 +1508,7 @@ func TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_EncryptionDisabled(rName, bName, true),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_EncryptionDisabled(rName, true),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1523,7 +1521,7 @@ func TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_EncryptionDisabled(rName, bName, false),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_EncryptionDisabled(rName, false),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1536,9 +1534,8 @@ func TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled(t *testing.T) {
 
 func TestAccAWSCodeBuildProject_Artifacts_Location(t *testing.T) {
 	var project codebuild.Project
-	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
-	bName2 := acctest.RandomWithPrefix("tf-acc-test-bucket2")
+	rName1 := acctest.RandomWithPrefix("tf-acc-test")
+	rName2 := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -1548,11 +1545,11 @@ func TestAccAWSCodeBuildProject_Artifacts_Location(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_Location(rName, bName),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_Location(rName1, rName1),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "artifacts.0.location", bName),
+					resource.TestCheckResourceAttr(resourceName, "artifacts.0.location", rName1),
 				),
 			},
 			{
@@ -1561,11 +1558,11 @@ func TestAccAWSCodeBuildProject_Artifacts_Location(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_Location(rName, bName2),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_Location(rName1, rName2),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "artifacts.0.location", bName2),
+					resource.TestCheckResourceAttr(resourceName, "artifacts.0.location", rName2),
 				),
 			},
 		},
@@ -1575,7 +1572,6 @@ func TestAccAWSCodeBuildProject_Artifacts_Location(t *testing.T) {
 func TestAccAWSCodeBuildProject_Artifacts_Name(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	name1 := "name1"
@@ -1588,7 +1584,7 @@ func TestAccAWSCodeBuildProject_Artifacts_Name(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_Name(rName, bName, name1),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_Name(rName, name1),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1601,7 +1597,7 @@ func TestAccAWSCodeBuildProject_Artifacts_Name(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_Name(rName, bName, name2),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_Name(rName, name2),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1651,7 +1647,6 @@ func TestAccAWSCodeBuildProject_Artifacts_NamespaceType(t *testing.T) {
 func TestAccAWSCodeBuildProject_Artifacts_OverrideArtifactName(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -1661,7 +1656,7 @@ func TestAccAWSCodeBuildProject_Artifacts_OverrideArtifactName(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_OverrideArtifactName(rName, bName, true),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_OverrideArtifactName(rName, true),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1674,7 +1669,7 @@ func TestAccAWSCodeBuildProject_Artifacts_OverrideArtifactName(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_OverrideArtifactName(rName, bName, false),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_OverrideArtifactName(rName, false),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1760,7 +1755,6 @@ func TestAccAWSCodeBuildProject_Artifacts_Path(t *testing.T) {
 func TestAccAWSCodeBuildProject_Artifacts_Type(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	type1 := codebuild.ArtifactsTypeS3
@@ -1773,7 +1767,7 @@ func TestAccAWSCodeBuildProject_Artifacts_Type(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_Type(rName, bName, type1),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_Type(rName, type1),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1786,7 +1780,7 @@ func TestAccAWSCodeBuildProject_Artifacts_Type(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_Artifacts_Type(rName, bName, type2),
+				Config: testAccAWSCodebuildProjectConfig_Artifacts_Type(rName, type2),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "artifacts.#", "1"),
@@ -1800,7 +1794,6 @@ func TestAccAWSCodeBuildProject_Artifacts_Type(t *testing.T) {
 func TestAccAWSCodeBuildProject_SecondaryArtifacts(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -1810,7 +1803,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts(rName, bName),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts(rName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "2"),
@@ -1822,7 +1815,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_none(rName, bName),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_none(rName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "0"),
@@ -1835,7 +1828,6 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts(t *testing.T) {
 func TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	artifactIdentifier1 := "artifactIdentifier1"
@@ -1848,7 +1840,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier(t *testing
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName, bName, artifactIdentifier1),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName, artifactIdentifier1),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -1863,7 +1855,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier(t *testing
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName, bName, artifactIdentifier2),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName, artifactIdentifier2),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -1879,7 +1871,6 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_ArtifactIdentifier(t *testing
 func TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -1889,7 +1880,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName(t *testi
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName, bName, true),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName, true),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -1904,7 +1895,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName(t *testi
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName, bName, false),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName, false),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -1920,7 +1911,6 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_OverrideArtifactName(t *testi
 func TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -1930,7 +1920,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled(t *testing
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName, bName, true),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName, true),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -1945,7 +1935,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled(t *testing
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName, bName, false),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName, false),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -1960,9 +1950,8 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_EncryptionDisabled(t *testing
 
 func TestAccAWSCodeBuildProject_SecondaryArtifacts_Location(t *testing.T) {
 	var project codebuild.Project
-	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
-	bName2 := acctest.RandomWithPrefix("tf-acc-test-bucket2")
+	rName1 := acctest.RandomWithPrefix("tf-acc-test")
+	rName2 := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -1972,12 +1961,12 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Location(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName, bName),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName1, rName1),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
 					resource.TestCheckTypeSetElemNestedAttrs(resourceName, "secondary_artifacts.*", map[string]string{
-						"location": bName,
+						"location": rName1,
 					}),
 				),
 			},
@@ -1987,12 +1976,12 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Location(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName, bName2),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName1, rName2),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
 					resource.TestCheckTypeSetElemNestedAttrs(resourceName, "secondary_artifacts.*", map[string]string{
-						"location": bName2,
+						"location": rName2,
 					}),
 				),
 			},
@@ -2005,7 +1994,6 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Name(t *testing.T) {
 
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	name1 := "name1"
@@ -2018,7 +2006,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Name(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Name(rName, bName, name1),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Name(rName, name1),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -2033,7 +2021,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Name(t *testing.T) {
 				ImportStateVerify: true,
 			},
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Name(rName, bName, name2),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Name(rName, name2),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -2172,7 +2160,6 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Path(t *testing.T) {
 func TestAccAWSCodeBuildProject_SecondaryArtifacts_Type(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	bName := acctest.RandomWithPrefix("tf-acc-test-bucket")
 	resourceName := "aws_codebuild_project.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -2182,7 +2169,7 @@ func TestAccAWSCodeBuildProject_SecondaryArtifacts_Type(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Type(rName, bName, codebuild.ArtifactsTypeS3),
+				Config: testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Type(rName, codebuild.ArtifactsTypeS3),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "secondary_artifacts.#", "1"),
@@ -2408,37 +2395,27 @@ func testAccPreCheckAWSCodeBuild(t *testing.T) {
 	}
 }
 
-func testAccAWSCodeBuildProjectConfig_Base_Bucket(rName string) string {
-	return fmt.Sprintf(`
-resource "aws_s3_bucket" "test" {
-  bucket        = "%s"
-  force_destroy = true
-}
-`, rName)
-}
-
 func testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_iam_role" "test" {
-  name = "%s"
+  name = %[1]q
 
   assume_role_policy = <<EOF
 {
   "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Principal": {
-        "Service": "codebuild.amazonaws.com"
-      },
-      "Action": "sts:AssumeRole"
-    }
-  ]
+  "Statement": [{
+    "Effect": "Allow",
+    "Principal": {
+      "Service": "codebuild.amazonaws.com"
+    },
+    "Action": "sts:AssumeRole"
+  }]
 }
 EOF
 }
 
 resource "aws_iam_role_policy" "test" {
+  name = %[1]q
   role = aws_iam_role.test.name
 
   policy = <<POLICY
@@ -2447,9 +2424,7 @@ resource "aws_iam_role_policy" "test" {
   "Statement": [
     {
       "Effect": "Allow",
-      "Resource": [
-        "*"
-      ],
+      "Resource": "*",
       "Action": [
         "logs:CreateLogGroup",
         "logs:CreateLogStream",
@@ -2458,39 +2433,39 @@ resource "aws_iam_role_policy" "test" {
     },
     {
       "Effect": "Allow",
+      "Resource": "*",
       "Action": [
-        "ec2:CreateNetworkInterface",
-        "ec2:DescribeDhcpOptions",
-        "ec2:DescribeNetworkInterfaces",
-        "ec2:DeleteNetworkInterface",
-        "ec2:DescribeSubnets",
-        "ec2:DescribeSecurityGroups",
-        "ec2:DescribeVpcs"
-      ],
-      "Resource": "*"
+        "s3:PutObject",
+        "s3:GetObject",
+        "s3:GetObjectVersion",
+        "s3:GetBucketAcl",
+        "s3:GetBucketLocation"
+      ]
     },
     {
       "Effect": "Allow",
+      "Resource": "*",
       "Action": [
-        "s3:*"
-      ],
-      "Resource": "*"
+        "codebuild:CreateReportGroup",
+        "codebuild:CreateReport",
+        "codebuild:UpdateReport",
+        "codebuild:BatchPutTestCases",
+        "codebuild:BatchPutCodeCoverages"
+      ]
     },
     {
       "Effect": "Allow",
+      "Resource": "*",
       "Action": [
-        "codebuild:*",
-        "iam:PassRole"
-      ],
-      "Resource": "*"
-    }
-	,
-    {
-      "Effect": "Allow",
-      "Action": [
-        "efs:*"
-      ],
-      "Resource": "*"
+        "ec2:CreateNetworkInterface",
+        "ec2:CreateNetworkInterfacePermission",
+        "ec2:DescribeDhcpOptions",
+        "ec2:DescribeNetworkInterfaces",
+        "ec2:DeleteNetworkInterface",
+        "ec2:DescribeSubnets",
+        "ec2:DescribeSecurityGroups",
+        "ec2:DescribeVpcs"
+      ]
     }
   ]
 }
@@ -2502,7 +2477,7 @@ POLICY
 func testAccAWSCodeBuildProjectConfig_basic(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2516,7 +2491,7 @@ resource "aws_codebuild_project" "test" {
   }
 
   source {
-    location = "%s"
+    location = %[2]q
     type     = "GITHUB"
   }
 }
@@ -2526,8 +2501,8 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodebuildProjectConfig_BadgeEnabled(rName string, badgeEnabled bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  badge_enabled = %t
-  name          = "%s"
+  badge_enabled = %[1]t
+  name          = %[2]q
   service_role  = aws_iam_role.test.arn
 
   artifacts {
@@ -2551,8 +2526,8 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_BuildTimeout(rName string, buildTimeout int) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  build_timeout = %d
-  name          = "%s"
+  build_timeout = %[1]d
+  name          = %[2]q
   service_role  = aws_iam_role.test.arn
 
   artifacts {
@@ -2576,8 +2551,8 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_QueuedTimeout(rName string, queuedTimeout int) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  queued_timeout = %d
-  name           = "%s"
+  queued_timeout = %[1]d
+  name           = %[2]q
   service_role   = aws_iam_role.test.arn
 
   artifacts {
@@ -2601,7 +2576,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Cache(rName, cacheLocation, cacheType string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2609,8 +2584,8 @@ resource "aws_codebuild_project" "test" {
   }
 
   cache {
-    location = "%s"
-    type     = "%s"
+    location = %[2]q
+    type     = %[3]q
   }
 
   environment {
@@ -2630,7 +2605,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_LocalCache(rName, modeType string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2639,7 +2614,7 @@ resource "aws_codebuild_project" "test" {
 
   cache {
     type  = "LOCAL"
-    modes = ["%s"]
+    modes = [%[2]q]
   }
 
   environment {
@@ -2659,8 +2634,8 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Description(rName, description string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  description  = "%s"
-  name         = "%s"
+  description  = %[1]q
+  name         = %[2]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2684,7 +2659,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_SourceVersion(rName, sourceVersion string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2697,7 +2672,7 @@ resource "aws_codebuild_project" "test" {
     type         = "LINUX_CONTAINER"
   }
 
-  source_version = "%s"
+  source_version = %[2]q
 
   source {
     type     = "GITHUB"
@@ -2710,13 +2685,13 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_EncryptionKey(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_kms_key" "test" {
-  description             = "Terraform acc test"
+  description             = %[1]q
   deletion_window_in_days = 7
 }
 
 resource "aws_codebuild_project" "test" {
   encryption_key = aws_kms_key.test.arn
-  name           = "%s"
+  name           = %[1]q
   service_role   = aws_iam_role.test.arn
 
   artifacts {
@@ -2827,7 +2802,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Environment_EnvironmentVariable_Type(rName, environmentVariableType string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2847,7 +2822,7 @@ resource "aws_codebuild_project" "test" {
     environment_variable {
       name  = "SOME_KEY2"
       value = "SOME_VALUE2"
-      type  = "%s"
+      type  = %[2]q
     }
   }
 
@@ -2859,19 +2834,23 @@ resource "aws_codebuild_project" "test" {
 `, rName, environmentVariableType))
 }
 
-func testAccAWSCodeBuildProjectConfig_Environment_Certificate(rName string, bName string, oName string) string {
+func testAccAWSCodeBuildProjectConfig_Environment_Certificate(rName string, oName string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[2]q
+  force_destroy = true
+}
+
 resource "aws_s3_bucket_object" "test" {
   bucket  = aws_s3_bucket.test.bucket
-  key     = "%s"
-  content = "foo"
+  key     = %[1]q
+  content = "test"
 }
 
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[2]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2976,7 +2955,7 @@ resource "aws_secretsmanager_secret_version" "test" {
 func testAccAWSCodeBuildProjectConfig_LogsConfig_CloudWatchLogs(rName, status, gName, sName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -2996,9 +2975,9 @@ resource "aws_codebuild_project" "test" {
 
   logs_config {
     cloudwatch_logs {
-      status      = %q
-      group_name  = %q
-      stream_name = %q
+      status      = %[2]q
+      group_name  = %[3]q
+      stream_name = %[4]q
     }
   }
 }
@@ -3041,13 +3020,17 @@ resource "aws_codebuild_project" "test" {
 `, rName, combineArtifacts, computeTypesAllowed, maximumBuildsAllowed, timeoutInMins))
 }
 
-func testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, bName, status, location string, encryptionDisabled bool) string {
+func testAccAWSCodeBuildProjectConfig_LogsConfig_S3Logs(rName, status, location string, encryptionDisabled bool) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3067,9 +3050,9 @@ resource "aws_codebuild_project" "test" {
 
   logs_config {
     s3_logs {
-      status              = %q
-      location            = %q
-      encryption_disabled = %t
+      status              = %[2]q
+      location            = %[3]q
+      encryption_disabled = %[4]t
     }
   }
 }
@@ -3079,7 +3062,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_GitCloneDepth(rName string, gitCloneDepth int) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3093,7 +3076,7 @@ resource "aws_codebuild_project" "test" {
   }
 
   source {
-    git_clone_depth = %d
+    git_clone_depth = %[2]d
     location        = "https://github.com/hashicorp/packer.git"
     type            = "GITHUB"
   }
@@ -3104,7 +3087,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_CodeCommit(rName string, fetchSubmodules bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3122,7 +3105,7 @@ resource "aws_codebuild_project" "test" {
     type     = "CODECOMMIT"
 
     git_submodules_config {
-      fetch_submodules = %t
+      fetch_submodules = %[2]t
     }
   }
 }
@@ -3132,7 +3115,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHub(rName string, fetchSubmodules bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3150,7 +3133,7 @@ resource "aws_codebuild_project" "test" {
     type     = "GITHUB"
 
     git_submodules_config {
-      fetch_submodules = %t
+      fetch_submodules = %[2]t
     }
   }
 }
@@ -3160,7 +3143,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_GitSubmodulesConfig_GitHubEnterprise(rName string, fetchSubmodules bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3178,7 +3161,7 @@ resource "aws_codebuild_project" "test" {
     type     = "GITHUB_ENTERPRISE"
 
     git_submodules_config {
-      fetch_submodules = %t
+      fetch_submodules = %[2]t
     }
   }
 }
@@ -3188,7 +3171,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_CodeCommit(rName string, fetchSubmodules bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%[1]s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3236,7 +3219,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_SecondarySources_none(rName string, fetchSubmodules bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%[1]s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3264,7 +3247,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHub(rName string, fetchSubmodules bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%[1]s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3312,7 +3295,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_SecondarySources_GitSubmodulesConfig_GitHubEnterprise(rName string, fetchSubmodules bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%[1]s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3360,7 +3343,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_InsecureSSL(rName string, insecureSSL bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3374,7 +3357,7 @@ resource "aws_codebuild_project" "test" {
   }
 
   source {
-    insecure_ssl = %t
+    insecure_ssl = %[2]t
     location     = "https://github.com/hashicorp/packer.git"
     type         = "GITHUB"
   }
@@ -3385,7 +3368,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_Bitbucket(rName string, reportBuildStatus bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3400,7 +3383,7 @@ resource "aws_codebuild_project" "test" {
 
   source {
     location            = "https://terraform@bitbucket.org/terraform/aws-test.git"
-    report_build_status = %t
+    report_build_status = %[2]t
     type                = "BITBUCKET"
   }
 }
@@ -3410,7 +3393,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHub(rName string, reportBuildStatus bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3425,7 +3408,7 @@ resource "aws_codebuild_project" "test" {
 
   source {
     location            = "https://github.com/hashicorp/packer.git"
-    report_build_status = %t
+    report_build_status = %[2]t
     type                = "GITHUB"
   }
 }
@@ -3435,7 +3418,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_ReportBuildStatus_GitHubEnterprise(rName string, reportBuildStatus bool) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3450,7 +3433,7 @@ resource "aws_codebuild_project" "test" {
 
   source {
     location            = "https://example.com/organization/repository.git"
-    report_build_status = %t
+    report_build_status = %[2]t
     type                = "GITHUB_ENTERPRISE"
   }
 }
@@ -3460,7 +3443,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_Type_Bitbucket(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3474,7 +3457,7 @@ resource "aws_codebuild_project" "test" {
   }
 
   source {
-    location = %q
+    location = %[2]q
     type     = "BITBUCKET"
   }
 }
@@ -3484,7 +3467,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_Type_CodeCommit(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3508,7 +3491,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_Type_CodePipeline(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3531,7 +3514,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_Type_GitHubEnterprise(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3589,7 +3572,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Source_Type_NoSource(rName string, rLocation string, rBuildspec string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = %q
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3604,8 +3587,8 @@ resource "aws_codebuild_project" "test" {
 
   source {
     type      = "NO_SOURCE"
-    location  = "%s"
-    buildspec = %q
+    location  = %[2]q
+    buildspec = %[3]q
   }
 }
 `, rName, rLocation, rBuildspec))
@@ -3614,7 +3597,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_Tags(rName, tagKey, tagValue string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3635,7 +3618,7 @@ resource "aws_codebuild_project" "test" {
   tags = {
     tag1 = "tag1value"
 
-    %s = "%s"
+    %[2]s = %[3]q
   }
 }
 `, rName, tagKey, tagValue))
@@ -3648,6 +3631,10 @@ func testAccAWSCodeBuildProjectConfig_VpcConfig1(rName string) string {
 		fmt.Sprintf(`
 resource "aws_vpc" "test" {
   cidr_block = "10.0.0.0/16"
+
+  tags = {
+    Name = %[1]q
+  }
 }
 
 resource "aws_subnet" "test" {
@@ -3658,16 +3645,17 @@ resource "aws_subnet" "test" {
   vpc_id            = aws_vpc.test.id
 
   tags = {
-    Name = "tf-acc-codebuild-project"
+    Name = %[1]q
   }
 }
 
 resource "aws_security_group" "test" {
+  name   = %[1]q
   vpc_id = aws_vpc.test.id
 }
 
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3701,6 +3689,10 @@ func testAccAWSCodeBuildProjectConfig_VpcConfig2(rName string) string {
 		fmt.Sprintf(`
 resource "aws_vpc" "test" {
   cidr_block = "10.0.0.0/16"
+
+  tags = {
+    Name = %[1]q
+  }
 }
 
 resource "aws_subnet" "test" {
@@ -3711,16 +3703,17 @@ resource "aws_subnet" "test" {
   vpc_id            = aws_vpc.test.id
 
   tags = {
-    Name = "tf-acc-codebuild-project"
+    Name = %[1]q
   }
 }
 
 resource "aws_security_group" "test" {
+  name   = %[1]q
   vpc_id = aws_vpc.test.id
 }
 
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3750,7 +3743,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_WindowsServer2019Container(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3764,7 +3757,7 @@ resource "aws_codebuild_project" "test" {
   }
 
   source {
-    location = "%s"
+    location = %[2]q
     type     = "GITHUB"
   }
 }
@@ -3774,7 +3767,7 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodeBuildProjectConfig_ARMContainer(rName string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -3788,18 +3781,22 @@ resource "aws_codebuild_project" "test" {
   }
 
   source {
-    location = "%s"
+    location = %[2]q
     type     = "GITHUB"
   }
 }
 `, rName, testAccAWSCodeBuildGitHubSourceLocationFromEnv()))
 }
 
-func testAccAWSCodebuildProjectConfig_Artifacts_ArtifactIdentifier(rName string, bName string, artifactIdentifier string) string {
+func testAccAWSCodebuildProjectConfig_Artifacts_ArtifactIdentifier(rName string, artifactIdentifier string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -3824,17 +3821,21 @@ resource "aws_codebuild_project" "test" {
 `, rName, artifactIdentifier))
 }
 
-func testAccAWSCodebuildProjectConfig_Artifacts_EncryptionDisabled(rName string, bName string, encryptionDisabled bool) string {
+func testAccAWSCodebuildProjectConfig_Artifacts_EncryptionDisabled(rName string, encryptionDisabled bool) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
-    encryption_disabled = %t
+    encryption_disabled = %[2]t
     location            = aws_s3_bucket.test.bucket
     type                = "S3"
   }
@@ -3853,11 +3854,15 @@ resource "aws_codebuild_project" "test" {
 `, rName, encryptionDisabled))
 }
 
-func testAccAWSCodebuildProjectConfig_Artifacts_Location(rName, bName string) string {
+func testAccAWSCodebuildProjectConfig_Artifacts_Location(rName, bucketName string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[2]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -3878,14 +3883,18 @@ resource "aws_codebuild_project" "test" {
     location = "https://github.com/hashicorp/packer.git"
   }
 }
-`, rName))
+`, rName, bucketName))
 }
 
-func testAccAWSCodebuildProjectConfig_Artifacts_Name(rName string, bName string, name string) string {
+func testAccAWSCodebuildProjectConfig_Artifacts_Name(rName string, name string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -3913,8 +3922,12 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodebuildProjectConfig_Artifacts_NamespaceType(rName, namespaceType string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(rName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -3939,17 +3952,21 @@ resource "aws_codebuild_project" "test" {
 `, rName, namespaceType))
 }
 
-func testAccAWSCodebuildProjectConfig_Artifacts_OverrideArtifactName(rName string, bName string, overrideArtifactName bool) string {
+func testAccAWSCodebuildProjectConfig_Artifacts_OverrideArtifactName(rName string, overrideArtifactName bool) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
-    override_artifact_name = %t
+    override_artifact_name = %[2]t
     location               = aws_s3_bucket.test.bucket
     type                   = "S3"
   }
@@ -3971,8 +3988,12 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodebuildProjectConfig_Artifacts_Packaging(rName, packaging string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(rName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4000,8 +4021,12 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodebuildProjectConfig_Artifacts_Path(rName, path string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(rName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4026,11 +4051,15 @@ resource "aws_codebuild_project" "test" {
 `, rName, path))
 }
 
-func testAccAWSCodebuildProjectConfig_Artifacts_Type(rName string, bName string, artifactType string) string {
+func testAccAWSCodebuildProjectConfig_Artifacts_Type(rName string, artifactType string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4054,13 +4083,17 @@ resource "aws_codebuild_project" "test" {
 `, rName, artifactType))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts(rName string, bName string) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts(rName string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -4094,13 +4127,17 @@ resource "aws_codebuild_project" "test" {
 `, rName))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_none(rName string, bName string) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_none(rName string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -4122,11 +4159,15 @@ resource "aws_codebuild_project" "test" {
 `, rName))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName string, bName string, artifactIdentifier string) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_ArtifactIdentifier(rName string, artifactIdentifier string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4156,13 +4197,17 @@ resource "aws_codebuild_project" "test" {
 `, rName, artifactIdentifier))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName string, bName string, encryptionDisabled bool) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_EncryptionDisabled(rName string, encryptionDisabled bool) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -4172,7 +4217,7 @@ resource "aws_codebuild_project" "test" {
 
   secondary_artifacts {
     artifact_identifier = "secondaryArtifact1"
-    encryption_disabled = %t
+    encryption_disabled = %[2]t
     location            = aws_s3_bucket.test.bucket
     type                = "S3"
   }
@@ -4191,11 +4236,15 @@ resource "aws_codebuild_project" "test" {
 `, rName, encryptionDisabled))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName, bName string) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Location(rName, bucketName string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[2]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4222,14 +4271,18 @@ resource "aws_codebuild_project" "test" {
     location = "https://github.com/hashicorp/packer.git"
   }
 }
-`, rName))
+`, rName, bucketName))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Name(rName string, bName string, name string) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Name(rName string, name string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4263,8 +4316,12 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_NamespaceType(rName, namespaceType string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(rName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4295,13 +4352,17 @@ resource "aws_codebuild_project" "test" {
 `, rName, namespaceType))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName string, bName string, overrideArtifactName bool) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_OverrideArtifactName(rName string, overrideArtifactName bool) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
-  name         = "%s"
+  name         = %[1]q
   service_role = aws_iam_role.test.arn
 
   artifacts {
@@ -4311,7 +4372,7 @@ resource "aws_codebuild_project" "test" {
 
   secondary_artifacts {
     artifact_identifier    = "secondaryArtifact1"
-    override_artifact_name = %t
+    override_artifact_name = %[2]t
     location               = aws_s3_bucket.test.bucket
     type                   = "S3"
   }
@@ -4333,8 +4394,12 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Packaging(rName, packaging string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(rName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4368,8 +4433,12 @@ resource "aws_codebuild_project" "test" {
 func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Path(rName, path string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(rName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -4400,11 +4469,15 @@ resource "aws_codebuild_project" "test" {
 `, rName, path))
 }
 
-func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Type(rName string, bName string, artifactType string) string {
+func testAccAWSCodebuildProjectConfig_SecondaryArtifacts_Type(rName string, artifactType string) string {
 	return composeConfig(
 		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
-		testAccAWSCodeBuildProjectConfig_Base_Bucket(bName),
 		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket        = %[1]q
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn

From fda4f42ae0f59faba0dd276a06dbb0a100106b1f Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Fri, 30 Apr 2021 12:10:14 -0400
Subject: [PATCH 6/7] r/aws_codebuild_project_test: Get `file_system_locations`
 working.

Acceptance test output:

% make testacc TEST=./aws TESTARGS='-run=TestAccAWSCodeBuildProject_FileSystemLocations'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSCodeBuildProject_FileSystemLocations -timeout 180m
=== RUN   TestAccAWSCodeBuildProject_FileSystemLocations
=== PAUSE TestAccAWSCodeBuildProject_FileSystemLocations
=== CONT  TestAccAWSCodeBuildProject_FileSystemLocations
--- PASS: TestAccAWSCodeBuildProject_FileSystemLocations (251.73s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	254.516s
---
 aws/resource_aws_codebuild_project.go      |  49 ++++---
 aws/resource_aws_codebuild_project_test.go | 163 +++++++++++++++++++--
 2 files changed, 181 insertions(+), 31 deletions(-)

diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go
index b3f0cd32225..ac1a15326cf 100644
--- a/aws/resource_aws_codebuild_project.go
+++ b/aws/resource_aws_codebuild_project.go
@@ -1476,39 +1476,52 @@ func resourceAwsCodeBuildProjectDelete(d *schema.ResourceData, meta interface{})
 	return err
 }
 
-func flattenAwsCodeBuildProjectFileSystemLocations(fileSystemLocationsList []*codebuild.ProjectFileSystemLocation) *schema.Set {
-	fileSystemLocationsSet := schema.Set{}
+func flattenAwsCodeBuildProjectFileSystemLocations(apiObjects []*codebuild.ProjectFileSystemLocation) []interface{} {
+	if len(apiObjects) == 0 {
+		return nil
+	}
+
+	var tfList []interface{}
 
-	for _, fileSystemLocation := range fileSystemLocationsList {
-		fileSystemLocationsSet.Add(flattenAwsCodeBuildProjectFileSystemLocation(*fileSystemLocation))
+	for _, apiObject := range apiObjects {
+		if apiObject == nil {
+			continue
+		}
+
+		tfList = append(tfList, flattenAwsCodeBuildProjectFileSystemLocation(apiObject))
 	}
-	return &fileSystemLocationsSet
+
+	return tfList
 }
 
-func flattenAwsCodeBuildProjectFileSystemLocation(fileSystemLocation codebuild.ProjectFileSystemLocation) map[string]interface{} {
-	values := map[string]interface{}{}
+func flattenAwsCodeBuildProjectFileSystemLocation(apiObject *codebuild.ProjectFileSystemLocation) map[string]interface{} {
+	if apiObject == nil {
+		return nil
+	}
 
-	if fileSystemLocation.Identifier != nil {
-		values["identifier"] = aws.StringValue(fileSystemLocation.Identifier)
+	tfMap := map[string]interface{}{}
+
+	if v := apiObject.Identifier; v != nil {
+		tfMap["identifier"] = aws.StringValue(v)
 	}
 
-	if fileSystemLocation.Location != nil {
-		values["location"] = aws.StringValue(fileSystemLocation.Location)
+	if v := apiObject.Location; v != nil {
+		tfMap["location"] = aws.StringValue(v)
 	}
 
-	if fileSystemLocation.MountOptions != nil {
-		values["mount_options"] = aws.StringValue(fileSystemLocation.MountOptions)
+	if v := apiObject.MountOptions; v != nil {
+		tfMap["mount_options"] = aws.StringValue(v)
 	}
 
-	if fileSystemLocation.MountPoint != nil {
-		values["mount_point"] = aws.StringValue(fileSystemLocation.MountPoint)
+	if v := apiObject.MountPoint; v != nil {
+		tfMap["mount_point"] = aws.StringValue(v)
 	}
 
-	if fileSystemLocation.Type != nil {
-		values["type"] = aws.StringValue(fileSystemLocation.Type)
+	if v := apiObject.Type; v != nil {
+		tfMap["type"] = aws.StringValue(v)
 	}
 
-	return values
+	return tfMap
 }
 
 func flattenAwsCodeBuildLogsConfig(logsConfig *codebuild.LogsConfig) []interface{} {
diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go
index 3c3fa68f18f..4533efac8e0 100644
--- a/aws/resource_aws_codebuild_project_test.go
+++ b/aws/resource_aws_codebuild_project_test.go
@@ -311,11 +311,8 @@ func TestAccAWSCodeBuildProject_Description(t *testing.T) {
 func TestAccAWSCodeBuildProject_FileSystemLocations(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
-	iName := acctest.RandomWithPrefix("tf-acc-test-identifier")
 	resourceName := "aws_codebuild_project.test"
 
-	t.Skip("FileSystemLocations not yet working")
-
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) },
 		ErrorCheck:   testAccErrorCheck(t, codebuild.EndpointsID, "efs"), //using efs.EndpointsID will import efs and make linters sad
@@ -323,12 +320,37 @@ func TestAccAWSCodeBuildProject_FileSystemLocations(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName),
+				Config: testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName, "/mount1"),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
+					resource.TestCheckResourceAttr(resourceName, "environment.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "environment.0.compute_type", codebuild.ComputeTypeBuildGeneral1Small),
+					resource.TestCheckResourceAttr(resourceName, "environment.0.environment_variable.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "environment.0.image", "2"),
+					resource.TestCheckResourceAttr(resourceName, "environment.0.privileged_mode", "true"),
+					resource.TestCheckResourceAttr(resourceName, "environment.0.type", codebuild.EnvironmentTypeLinuxContainer),
 					resource.TestCheckResourceAttr(resourceName, "file_system_locations.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.identifier", iName),
-					resource.TestCheckResourceAttrSet(resourceName, "file_system_locations.0.location"),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.identifier", "test"),
+					resource.TestMatchResourceAttr(resourceName, "file_system_locations.0.location", regexp.MustCompile(`/directory-path$`)),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.mount_options", "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=450,retrans=3"),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.mount_point", "/mount1"),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.type", codebuild.FileSystemTypeEfs),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName, "/mount2"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.identifier", "test"),
+					resource.TestMatchResourceAttr(resourceName, "file_system_locations.0.location", regexp.MustCompile(`/directory-path$`)),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.mount_options", "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=450,retrans=3"),
+					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.mount_point", "/mount2"),
 					resource.TestCheckResourceAttr(resourceName, "file_system_locations.0.type", codebuild.FileSystemTypeEfs),
 				),
 			},
@@ -4597,9 +4619,114 @@ resource "aws_codebuild_project" "test" {
 `, concurrentBuildLimit, rName))
 }
 
-func testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName string) string {
-	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
-resource "aws_efs_file_system" "test" {}
+func testAccAWSCodeBuildProjectConfig_FileSystemLocations(rName, mountPoint string) string {
+	return composeConfig(
+		testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName),
+		testAccAvailableAZsNoOptInConfig(),
+		fmt.Sprintf(`
+resource "aws_efs_file_system" "test" {
+  tags = {
+    Name = %[1]q
+  }
+}
+
+resource "aws_vpc" "test" {
+  cidr_block = "10.0.0.0/16"
+
+  tags = {
+    Name = %[1]q
+  }
+}
+
+resource "aws_internet_gateway" "test" {
+  vpc_id = aws_vpc.test.id
+
+  tags = {
+    Name = %[1]q
+  }
+}
+
+resource "aws_subnet" "public" {
+  availability_zone = data.aws_availability_zones.available.names[0]
+  cidr_block        = "10.0.0.0/24"
+  vpc_id            = aws_vpc.test.id
+
+  tags = {
+    Name = "%[1]s-public"
+  }
+}
+
+resource "aws_route_table" "public" {
+  vpc_id = aws_vpc.test.id
+
+  tags = {
+    Name = "%[1]s-public"
+  }
+}
+
+resource "aws_route_table_association" "public" {
+  route_table_id = aws_route_table.public.id
+  subnet_id      = aws_subnet.public.id
+}
+
+resource "aws_route" "public" {
+  route_table_id         = aws_route_table.public.id
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id             = aws_internet_gateway.test.id
+}
+
+resource "aws_subnet" "private" {
+  availability_zone = data.aws_availability_zones.available.names[0]
+  cidr_block        = "10.0.1.0/24"
+  vpc_id            = aws_vpc.test.id
+
+  tags = {
+    Name = "%[1]s-private"
+  }
+}
+
+resource "aws_eip" "test" {
+  vpc = true
+
+  tags = {
+    Name = %[1]q
+  }
+}
+
+resource "aws_nat_gateway" "test" {
+  allocation_id = aws_eip.test.id
+  subnet_id     = aws_subnet.public.id
+
+  tags = {
+    Name = %[1]q
+  }
+
+  depends_on = [aws_route.public]
+}
+
+resource "aws_route_table" "private" {
+  vpc_id = aws_vpc.test.id
+
+  tags = {
+    Name = "%[1]s-private"
+  }
+}
+
+resource "aws_route_table_association" "private" {
+  route_table_id = aws_route.private.route_table_id
+  subnet_id      = aws_subnet.private.id
+}
+
+resource "aws_route" "private" {
+  route_table_id         = aws_route_table.private.id
+  destination_cidr_block = "0.0.0.0/0"
+  nat_gateway_id         = aws_nat_gateway.test.id
+}
+
+resource "aws_security_group" "test" {
+  name   = %[1]q
+  vpc_id = aws_vpc.test.id
+}
 
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
@@ -4613,6 +4740,8 @@ resource "aws_codebuild_project" "test" {
     compute_type = "BUILD_GENERAL1_SMALL"
     image        = "2"
     type         = "LINUX_CONTAINER"
+
+    privileged_mode = true
   }
 
   source {
@@ -4620,11 +4749,19 @@ resource "aws_codebuild_project" "test" {
     location = "https://github.com/hashicorp/packer.git"
   }
 
+  vpc_config {
+    security_group_ids = [aws_security_group.test.id]
+    subnets            = [aws_subnet.private.id]
+    vpc_id             = aws_vpc.test.id
+  }
+
   file_system_locations {
-    identifier = "test"
-    location   = "${aws_efs_file_system.test.dns_name}:/directory-path"
-    type       = "EFS"
+    identifier    = "test"
+    location      = "${aws_efs_file_system.test.dns_name}:/directory-path"
+    type          = "EFS"
+    mount_point   = %[2]q
+    mount_options = "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=450,retrans=3"
   }
 }
-`, rName))
+`, rName, mountPoint))
 }

From cbe9491e578dc084e9d36ef7916e5accfd9061c8 Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Fri, 30 Apr 2021 12:30:20 -0400
Subject: [PATCH 7/7] Fix GovCloud acceptance test failure:
 'TestAccAWSCodeBuildProject_Cache'.

---
 aws/resource_aws_codebuild_project_test.go | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go
index 4533efac8e0..9fd5d51380a 100644
--- a/aws/resource_aws_codebuild_project_test.go
+++ b/aws/resource_aws_codebuild_project_test.go
@@ -203,6 +203,8 @@ func TestAccAWSCodeBuildProject_Cache(t *testing.T) {
 	var project codebuild.Project
 	rName := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_codebuild_project.test"
+	s3Location1 := rName + "-1"
+	s3Location2 := rName + "-2"
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) },
@@ -236,20 +238,20 @@ func TestAccAWSCodeBuildProject_Cache(t *testing.T) {
 				),
 			},
 			{
-				Config: testAccAWSCodeBuildProjectConfig_Cache(rName, "some-bucket", "S3"),
+				Config: testAccAWSCodeBuildProjectConfig_Cache(rName, s3Location1, "S3"),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "cache.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "cache.0.location", "some-bucket"),
+					resource.TestCheckResourceAttr(resourceName, "cache.0.location", s3Location1),
 					resource.TestCheckResourceAttr(resourceName, "cache.0.type", "S3"),
 				),
 			},
 			{
-				Config: testAccAWSCodeBuildProjectConfig_Cache(rName, "some-new-bucket", "S3"),
+				Config: testAccAWSCodeBuildProjectConfig_Cache(rName, s3Location2, "S3"),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 					resource.TestCheckResourceAttr(resourceName, "cache.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "cache.0.location", "some-new-bucket"),
+					resource.TestCheckResourceAttr(resourceName, "cache.0.location", s3Location2),
 					resource.TestCheckResourceAttr(resourceName, "cache.0.type", "S3"),
 				),
 			},
@@ -2597,6 +2599,16 @@ resource "aws_codebuild_project" "test" {
 
 func testAccAWSCodeBuildProjectConfig_Cache(rName, cacheLocation, cacheType string) string {
 	return composeConfig(testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName), fmt.Sprintf(`
+resource "aws_s3_bucket" "test1" {
+  bucket        = "%[1]s-1"
+  force_destroy = true
+}
+
+resource "aws_s3_bucket" "test2" {
+  bucket        = "%[1]s-2"
+  force_destroy = true
+}
+
 resource "aws_codebuild_project" "test" {
   name         = %[1]q
   service_role = aws_iam_role.test.arn
@@ -2620,6 +2632,8 @@ resource "aws_codebuild_project" "test" {
     type     = "GITHUB"
     location = "https://github.com/hashicorp/packer.git"
   }
+
+  depends_on = [aws_s3_bucket.test1, aws_s3_bucket.test2]
 }
 `, rName, cacheLocation, cacheType))
 }