From a40cccb609b98c29074e834e352a527147c56ec6 Mon Sep 17 00:00:00 2001
From: Dogers <Dogers@users.noreply.github.com>
Date: Sat, 22 Feb 2020 22:09:54 +0000
Subject: [PATCH 1/4] Add aws_imagebuilder_infrastructureconfiguration

---
 ...agebuilder_infrastructure_configuration.go | 335 ++++++++++++++++++
 1 file changed, 335 insertions(+)
 create mode 100644 aws/resource_aws_imagebuilder_infrastructure_configuration.go

diff --git a/aws/resource_aws_imagebuilder_infrastructure_configuration.go b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
new file mode 100644
index 00000000000..53557a329ca
--- /dev/null
+++ b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
@@ -0,0 +1,335 @@
+package aws
+
+import (
+	"fmt"
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/backup"
+	"github.com/aws/aws-sdk-go/service/imagebuilder"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+	"github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"
+	"log"
+)
+
+func resourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsImageBuilderInfrastructureConfigurationCreate,
+		Read:   resourceAwsImageBuilderInfrastructureConfigurationRead,
+		Update: resourceAwsImageBuilderInfrastructureConfigurationUpdate,
+		Delete: resourceAwsImageBuilderInfrastructureConfigurationDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"datecreated": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"dateupdated": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"description": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringLenBetween(1, 1024),
+			},
+			"instance_profile_name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validation.StringLenBetween(1, 1024),
+			},
+			"instance_types": {
+				Type:     schema.TypeSet,
+				Optional: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Set:      schema.HashString,
+			},
+			"key_pair": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringLenBetween(1, 1024),
+			},
+			"logging": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"s3_logs": {
+							Type:     schema.TypeList,
+							Required: true,
+							MaxItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"s3_bucket_name": {
+										Type:         schema.TypeString,
+										Required:     true,
+										ValidateFunc: validation.StringLenBetween(1, 1024),
+									},
+									"s3_key_prefix": {
+										Type:         schema.TypeString,
+										Optional:     true,
+										ValidateFunc: validation.StringLenBetween(1, 1024),
+										Default:      "/",
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"security_group_ids": {
+				Type:     schema.TypeSet,
+				Optional: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Set:      schema.HashString,
+			},
+			"sns_topic_arn": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringLenBetween(1, 1024),
+			},
+			"subnet_id": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringLenBetween(1, 1024),
+			},
+			"terminate_instance_on_failure": {
+				Type:     schema.TypeBool,
+				Optional: true,
+			},
+			"tags": tagsSchema(),
+		},
+	}
+}
+
+func resourceAwsImageBuilderInfrastructureConfigurationCreate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).imagebuilderconn
+
+	securityIdSet := d.Get("security_group_ids").(*schema.Set)
+	securityIds := expandStringList(securityIdSet.List())
+	instanceIdSet := d.Get("instance_types").(*schema.Set)
+	instanceIds := expandStringList(instanceIdSet.List())
+
+	input := &imagebuilder.CreateInfrastructureConfigurationInput{
+		ClientToken:         aws.String(resource.UniqueId()),
+		Name:                aws.String(d.Get("name").(string)),
+		InstanceProfileName: aws.String(d.Get("instance_profile_name").(string)),
+		SecurityGroupIds:    securityIds,
+		InstanceTypes:       instanceIds,
+	}
+
+	if v, ok := d.GetOk("description"); ok {
+		input.SetDescription(v.(string))
+	}
+	if v, ok := d.GetOk("key_pair"); ok {
+		input.SetKeyPair(v.(string))
+	}
+	if v, ok := d.GetOk("logging"); ok {
+		input.SetLogging(v.(*imagebuilder.Logging))
+	}
+	if v, ok := d.GetOk("sns_topic_arn"); ok {
+		input.SetSnsTopicArn(v.(string))
+	}
+	if v, ok := d.GetOk("subnet_id"); ok {
+		input.SetSubnetId(v.(string))
+	}
+	if v, ok := d.GetOk("tags"); ok {
+		input.SetTags(keyvaluetags.New(v.(map[string]interface{})).IgnoreAws().ImagebuilderTags())
+	}
+
+	log.Printf("[DEBUG] Creating Infrastructure Configuration: %#v", input)
+
+	resp, err := conn.CreateInfrastructureConfiguration(input)
+	if err != nil {
+		return fmt.Errorf("error creating Component: %s", err)
+	}
+
+	d.SetId(aws.StringValue(resp.InfrastructureConfigurationArn))
+
+	return resourceAwsImageBuilderInfrastructureConfigurationRead(d, meta)
+}
+
+func resourceAwsImageBuilderInfrastructureConfigurationRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).imagebuilderconn
+
+	resp, err := conn.GetInfrastructureConfiguration(&imagebuilder.GetInfrastructureConfigurationInput{
+		InfrastructureConfigurationArn: aws.String(d.Id()),
+	})
+
+	if isAWSErr(err, backup.ErrCodeResourceNotFoundException, "") {
+		log.Printf("[WARN] Infrastructure Configuration (%s) not found, removing from state", d.Id())
+		d.SetId("")
+		return nil
+	}
+
+	if err != nil {
+		return fmt.Errorf("error reading Infrastructure Configuration (%s): %s", d.Id(), err)
+	}
+
+	d.Set("arn", resp.InfrastructureConfiguration.Arn)
+	d.Set("datecreated", resp.InfrastructureConfiguration.DateCreated)
+	d.Set("dateupdated", resp.InfrastructureConfiguration.DateUpdated)
+	d.Set("description", resp.InfrastructureConfiguration.Description)
+	d.Set("instance_profile_name", resp.InfrastructureConfiguration.InstanceProfileName)
+	d.Set("instance_types", resp.InfrastructureConfiguration.InstanceTypes)
+	d.Set("key_pair", resp.InfrastructureConfiguration.KeyPair)
+	d.Set("logging", flattenAwsImageBuilderLogsConfig(resp.InfrastructureConfiguration.Logging))
+	d.Set("name", resp.InfrastructureConfiguration.Name)
+	d.Set("security_group_ids", resp.InfrastructureConfiguration.SecurityGroupIds)
+	d.Set("sns_topic_arn", resp.InfrastructureConfiguration.SnsTopicArn)
+	d.Set("subnet_id", resp.InfrastructureConfiguration.SubnetId)
+	d.Set("terminate_instance_on_failure", resp.InfrastructureConfiguration.TerminateInstanceOnFailure)
+
+	tags, err := keyvaluetags.ImagebuilderListTags(conn, d.Get("arn").(string))
+	if err != nil {
+		return fmt.Errorf("error listing tags for Infrastructure Configuration (%s): %s", d.Id(), err)
+	}
+	if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil {
+		return fmt.Errorf("error setting tags: %s", err)
+	}
+
+	return nil
+}
+
+func resourceAwsImageBuilderInfrastructureConfigurationUpdate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).imagebuilderconn
+
+	// Despite not being required by the API, if it's not sent then certain things get wiped to null
+	upd := imagebuilder.UpdateInfrastructureConfigurationInput{
+		InfrastructureConfigurationArn: aws.String(d.Id()),
+		InstanceProfileName:            aws.String(d.Get("instance_profile_name").(string)),
+		Description:                    aws.String(d.Get("description").(string)),
+		KeyPair:                        aws.String(d.Get("key_pair").(string)),
+		SubnetId:                       aws.String(d.Get("subnet_id").(string)),
+		Logging:                        expandAwsImageBuilderLogsConfig(d),
+	}
+
+	if d.HasChange("instance_types") {
+		if attr := d.Get("instance_types").(*schema.Set); attr.Len() > 0 {
+			upd.InstanceTypes = expandStringList(attr.List())
+		}
+	}
+	if d.HasChange("instance_profile_name") {
+		upd.InstanceProfileName = aws.String(d.Get("instance_profile_name").(string))
+	}
+	if v, ok := d.GetOk("security_group_ids"); ok {
+		if attr := v.(*schema.Set); attr.Len() > 0 {
+			upd.SecurityGroupIds = expandStringList(attr.List())
+		}
+	}
+	if d.HasChange("sns_topic_arn") {
+		upd.SnsTopicArn = aws.String(d.Get("sns_topic_arn").(string))
+	}
+	if d.HasChange("terminate_instance_on_failure") {
+		upd.TerminateInstanceOnFailure = aws.Bool(d.Get("terminate_instance_on_failure").(bool))
+	}
+
+	if d.HasChange("security_group_ids") {
+		if attr := d.Get("security_group_ids").(*schema.Set); attr.Len() > 0 {
+			upd.SecurityGroupIds = expandStringList(attr.List())
+		}
+	}
+
+	if d.HasChange("tags") {
+		o, n := d.GetChange("tags")
+		if err := keyvaluetags.ImagebuilderUpdateTags(conn, d.Get("arn").(string), o, n); err != nil {
+			return fmt.Errorf("error updating tags for Infrastructure Configuration (%s): %s", d.Id(), err)
+		}
+	}
+
+	_, err := conn.UpdateInfrastructureConfiguration(&upd)
+	if err != nil {
+		return fmt.Errorf("error updating Infrastructure Configuration (%s): %s", d.Id(), err)
+	}
+
+	return resourceAwsImageBuilderInfrastructureConfigurationRead(d, meta)
+}
+
+func resourceAwsImageBuilderInfrastructureConfigurationDelete(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).imagebuilderconn
+
+	_, err := conn.DeleteInfrastructureConfiguration(&imagebuilder.DeleteInfrastructureConfigurationInput{
+		InfrastructureConfigurationArn: aws.String(d.Id()),
+	})
+
+	if isAWSErr(err, imagebuilder.ErrCodeResourceNotFoundException, "") {
+		return nil
+	}
+
+	if err != nil {
+		return fmt.Errorf("error deleting Infrastructure Configuration (%s): %s", d.Id(), err)
+	}
+
+	return nil
+}
+
+func flattenAwsImageBuilderLogsConfig(logsConfig *imagebuilder.Logging) []interface{} {
+	if logsConfig == nil {
+		return []interface{}{}
+	}
+
+	values := map[string]interface{}{}
+
+	// If more logging options are added, add more ifs!
+	if v := logsConfig.S3Logs; v != nil {
+		values["s3_logs"] = flattenAwsImageBuilderS3Logs(v)
+	}
+
+	return []interface{}{values}
+}
+
+func flattenAwsImageBuilderS3Logs(s3LogsConfig *imagebuilder.S3Logs) []interface{} {
+	values := map[string]interface{}{}
+
+	values["s3_key_prefix"] = aws.StringValue(s3LogsConfig.S3KeyPrefix)
+	values["s3_bucket_name"] = aws.StringValue(s3LogsConfig.S3BucketName)
+
+	return []interface{}{values}
+}
+
+func expandAwsImageBuilderLogsConfig(d *schema.ResourceData) *imagebuilder.Logging {
+	logsConfig := &imagebuilder.Logging{}
+
+	if v, ok := d.GetOk("logging"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil {
+		configList := v.([]interface{})
+		data := configList[0].(map[string]interface{})
+
+		if v, ok := data["s3_logs"]; ok {
+			logsConfig.S3Logs = expandAwsImageBuilderS3LogsConfig(v.([]interface{}))
+		}
+	}
+
+	return logsConfig
+}
+
+func expandAwsImageBuilderS3LogsConfig(configList []interface{}) *imagebuilder.S3Logs {
+	if len(configList) == 0 || configList[0] == nil {
+		return nil
+	}
+
+	data := configList[0].(map[string]interface{})
+
+	s3LogsConfig := &imagebuilder.S3Logs{}
+
+	if v, ok := data["s3_bucket_name"]; ok {
+		s3LogsConfig.S3BucketName = aws.String(v.(string))
+	}
+	if v, ok := data["s3_key_prefix"]; ok {
+		s3LogsConfig.S3KeyPrefix = aws.String(v.(string))
+	}
+
+	return s3LogsConfig
+}

From e66817672f663a785013bb4c988c15a76f981344 Mon Sep 17 00:00:00 2001
From: Dogers <Dogers@users.noreply.github.com>
Date: Mon, 25 May 2020 19:58:57 +0100
Subject: [PATCH 2/4] Fix issue with infraconfig logging

---
 aws/resource_aws_imagebuilder_infrastructure_configuration.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/aws/resource_aws_imagebuilder_infrastructure_configuration.go b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
index 53557a329ca..f70edd34c55 100644
--- a/aws/resource_aws_imagebuilder_infrastructure_configuration.go
+++ b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
@@ -129,6 +129,7 @@ func resourceAwsImageBuilderInfrastructureConfigurationCreate(d *schema.Resource
 		InstanceProfileName: aws.String(d.Get("instance_profile_name").(string)),
 		SecurityGroupIds:    securityIds,
 		InstanceTypes:       instanceIds,
+		Logging:             expandAwsImageBuilderLogsConfig(d),
 	}
 
 	if v, ok := d.GetOk("description"); ok {
@@ -137,9 +138,6 @@ func resourceAwsImageBuilderInfrastructureConfigurationCreate(d *schema.Resource
 	if v, ok := d.GetOk("key_pair"); ok {
 		input.SetKeyPair(v.(string))
 	}
-	if v, ok := d.GetOk("logging"); ok {
-		input.SetLogging(v.(*imagebuilder.Logging))
-	}
 	if v, ok := d.GetOk("sns_topic_arn"); ok {
 		input.SetSnsTopicArn(v.(string))
 	}

From ade62ae389377507c83ac1a3ed0028de164f7353 Mon Sep 17 00:00:00 2001
From: Jakub Kania <jakubkania@blackcat.rocks>
Date: Mon, 13 Jul 2020 00:51:25 +0200
Subject: [PATCH 3/4] [#11084] Fix the imagebuilder resource, add test and docs

---
 aws/provider.go                               |   1 +
 ...agebuilder_infrastructure_configuration.go |  51 ++-
 ...ilder_infrastructure_configuration_test.go | 355 ++++++++++++++++++
 website/allowed-subcategories.txt             |   1 +
 website/aws.erb                               |  14 +
 ...infrastructure_configuration.html.markdown |  77 ++++
 6 files changed, 479 insertions(+), 20 deletions(-)
 create mode 100644 aws/resource_aws_imagebuilder_infrastructure_configuration_test.go
 create mode 100644 website/docs/r/imagebuilder_infrastructure_configuration.html.markdown

diff --git a/aws/provider.go b/aws/provider.go
index 955f26f447c..1ce62f124df 100644
--- a/aws/provider.go
+++ b/aws/provider.go
@@ -654,6 +654,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_iam_user_ssh_key":                                    resourceAwsIamUserSshKey(),
 			"aws_iam_user":                                            resourceAwsIamUser(),
 			"aws_iam_user_login_profile":                              resourceAwsIamUserLoginProfile(),
+			"aws_imagebuilder_infrastructure_configuration":           resourceAwsImageBuilderInfrastructureConfiguration(),
 			"aws_inspector_assessment_target":                         resourceAWSInspectorAssessmentTarget(),
 			"aws_inspector_assessment_template":                       resourceAWSInspectorAssessmentTemplate(),
 			"aws_inspector_resource_group":                            resourceAWSInspectorResourceGroup(),
diff --git a/aws/resource_aws_imagebuilder_infrastructure_configuration.go b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
index f70edd34c55..5eed4f1c8a8 100644
--- a/aws/resource_aws_imagebuilder_infrastructure_configuration.go
+++ b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
@@ -27,11 +27,11 @@ func resourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"datecreated": {
+			"date_created": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
-			"dateupdated": {
+			"date_updated": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
@@ -109,6 +109,7 @@ func resourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
 			"terminate_instance_on_failure": {
 				Type:     schema.TypeBool,
 				Optional: true,
+				Default:  false,
 			},
 			"tags": tagsSchema(),
 		},
@@ -162,6 +163,7 @@ func resourceAwsImageBuilderInfrastructureConfigurationCreate(d *schema.Resource
 
 func resourceAwsImageBuilderInfrastructureConfigurationRead(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).imagebuilderconn
+	ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig
 
 	resp, err := conn.GetInfrastructureConfiguration(&imagebuilder.GetInfrastructureConfigurationInput{
 		InfrastructureConfigurationArn: aws.String(d.Id()),
@@ -178,8 +180,8 @@ func resourceAwsImageBuilderInfrastructureConfigurationRead(d *schema.ResourceDa
 	}
 
 	d.Set("arn", resp.InfrastructureConfiguration.Arn)
-	d.Set("datecreated", resp.InfrastructureConfiguration.DateCreated)
-	d.Set("dateupdated", resp.InfrastructureConfiguration.DateUpdated)
+	d.Set("date_created", resp.InfrastructureConfiguration.DateCreated)
+	d.Set("date_updated", resp.InfrastructureConfiguration.DateUpdated)
 	d.Set("description", resp.InfrastructureConfiguration.Description)
 	d.Set("instance_profile_name", resp.InfrastructureConfiguration.InstanceProfileName)
 	d.Set("instance_types", resp.InfrastructureConfiguration.InstanceTypes)
@@ -195,7 +197,7 @@ func resourceAwsImageBuilderInfrastructureConfigurationRead(d *schema.ResourceDa
 	if err != nil {
 		return fmt.Errorf("error listing tags for Infrastructure Configuration (%s): %s", d.Id(), err)
 	}
-	if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil {
+	if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil {
 		return fmt.Errorf("error setting tags: %s", err)
 	}
 
@@ -209,30 +211,41 @@ func resourceAwsImageBuilderInfrastructureConfigurationUpdate(d *schema.Resource
 	upd := imagebuilder.UpdateInfrastructureConfigurationInput{
 		InfrastructureConfigurationArn: aws.String(d.Id()),
 		InstanceProfileName:            aws.String(d.Get("instance_profile_name").(string)),
-		Description:                    aws.String(d.Get("description").(string)),
-		KeyPair:                        aws.String(d.Get("key_pair").(string)),
-		SubnetId:                       aws.String(d.Get("subnet_id").(string)),
 		Logging:                        expandAwsImageBuilderLogsConfig(d),
 	}
 
-	if d.HasChange("instance_types") {
-		if attr := d.Get("instance_types").(*schema.Set); attr.Len() > 0 {
-			upd.InstanceTypes = expandStringList(attr.List())
-		}
+	if description, ok := d.GetOk("description"); ok {
+		upd.Description = aws.String(description.(string))
+	}
+
+	if key_pair, ok := d.GetOk("key_pair"); ok {
+		upd.KeyPair = aws.String(key_pair.(string))
+	}
+
+	if subnet_id, ok := d.GetOk("subnet_id"); ok {
+		upd.SubnetId = aws.String(subnet_id.(string))
+	}
+
+	if attr := d.Get("instance_types").(*schema.Set); attr.Len() > 0 {
+		upd.InstanceTypes = expandStringList(attr.List())
 	}
+
 	if d.HasChange("instance_profile_name") {
 		upd.InstanceProfileName = aws.String(d.Get("instance_profile_name").(string))
 	}
+
 	if v, ok := d.GetOk("security_group_ids"); ok {
 		if attr := v.(*schema.Set); attr.Len() > 0 {
 			upd.SecurityGroupIds = expandStringList(attr.List())
 		}
 	}
-	if d.HasChange("sns_topic_arn") {
-		upd.SnsTopicArn = aws.String(d.Get("sns_topic_arn").(string))
+
+	if sns_topic_arn, ok := d.GetOk("sns_topic_arn"); ok {
+		upd.SnsTopicArn = aws.String(sns_topic_arn.(string))
 	}
-	if d.HasChange("terminate_instance_on_failure") {
-		upd.TerminateInstanceOnFailure = aws.Bool(d.Get("terminate_instance_on_failure").(bool))
+
+	if terminate_instance_on_failure, ok := d.GetOk("terminate_instance_on_failure"); ok {
+		upd.TerminateInstanceOnFailure = aws.Bool(terminate_instance_on_failure.(bool))
 	}
 
 	if d.HasChange("security_group_ids") {
@@ -275,16 +288,14 @@ func resourceAwsImageBuilderInfrastructureConfigurationDelete(d *schema.Resource
 }
 
 func flattenAwsImageBuilderLogsConfig(logsConfig *imagebuilder.Logging) []interface{} {
-	if logsConfig == nil {
+	if logsConfig == nil || logsConfig.S3Logs == nil {
 		return []interface{}{}
 	}
 
 	values := map[string]interface{}{}
 
 	// If more logging options are added, add more ifs!
-	if v := logsConfig.S3Logs; v != nil {
-		values["s3_logs"] = flattenAwsImageBuilderS3Logs(v)
-	}
+	values["s3_logs"] = flattenAwsImageBuilderS3Logs(logsConfig.S3Logs)
 
 	return []interface{}{values}
 }
diff --git a/aws/resource_aws_imagebuilder_infrastructure_configuration_test.go b/aws/resource_aws_imagebuilder_infrastructure_configuration_test.go
new file mode 100644
index 00000000000..2d9958b9fa1
--- /dev/null
+++ b/aws/resource_aws_imagebuilder_infrastructure_configuration_test.go
@@ -0,0 +1,355 @@
+package aws
+
+import (
+	"errors"
+	"fmt"
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/imagebuilder"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+)
+
+//Check the minimal configuration
+func TestAccAWSImageBuilderInfrastructureConfiguration_basic(t *testing.T) {
+	var conf imagebuilder.InfrastructureConfiguration
+	RandomString := fmt.Sprintf("tf-test-%d", acctest.RandInt())
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+	resource.ParallelTest(t, resource.TestCase{
+		IDRefreshName: resourceName,
+		Providers:     testAccProviders,
+		CheckDestroy:  testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSImageBuilderInfrastructureConfiguration_basic(RandomString),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
+					resource.TestCheckResourceAttrSet(resourceName, "instance_profile_name"),
+					resource.TestCheckResourceAttrSet(resourceName, "name"),
+				),
+			},
+		},
+	})
+}
+
+//Check the configuration with everything
+func TestAccAWSImageBuilderInfrastructureConfiguration_advanced(t *testing.T) {
+	var conf imagebuilder.InfrastructureConfiguration
+	RandomString := fmt.Sprintf("tf-test-%d", acctest.RandInt())
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		IDRefreshName: resourceName,
+		Providers:     testAccProviders,
+		CheckDestroy:  testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSImageBuilderInfrastructureConfiguration_advanced(RandomString),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
+					resource.TestCheckResourceAttr(resourceName, "instance_profile_name", RandomString),
+					resource.TestCheckResourceAttr(resourceName, "name", RandomString),
+					resource.TestCheckResourceAttr(resourceName, "description", "example desc"),
+					resource.TestCheckResourceAttr(resourceName, "key_pair", RandomString),
+					resource.TestCheckResourceAttrSet(resourceName, "sns_topic_arn"),
+					resource.TestCheckResourceAttrSet(resourceName, "subnet_id"),
+					resource.TestCheckResourceAttr(resourceName, "terminate_instance_on_failure", "false"),
+					resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "instance_types.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.0.s3_bucket_name", RandomString),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.0.s3_key_prefix", "logs"),
+				),
+			},
+		},
+	})
+}
+
+//Test the tags work
+func TestAccAWSImageBuilderInfrastructureConfiguration_tags(t *testing.T) {
+	var conf imagebuilder.InfrastructureConfiguration
+	RandomString := fmt.Sprintf("tf-test-%d", acctest.RandInt())
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		IDRefreshName: resourceName,
+		Providers:     testAccProviders,
+		CheckDestroy:  testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSImageBuilderInfrastructureConfiguration_tags1(RandomString),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
+					resource.TestCheckResourceAttrSet(resourceName, "instance_profile_name"),
+					resource.TestCheckResourceAttrSet(resourceName, "name"),
+					resource.TestCheckResourceAttr(resourceName, "tags.%", "1"),
+				),
+			},
+			{
+				Config: testAccAWSImageBuilderInfrastructureConfiguration_tags2(RandomString),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
+					resource.TestCheckResourceAttrSet(resourceName, "instance_profile_name"),
+					resource.TestCheckResourceAttrSet(resourceName, "name"),
+					resource.TestCheckResourceAttr(resourceName, "tags.%", "2"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAWSImageBuilderInfrastructureConfigurationExist(n string, res *imagebuilder.InfrastructureConfiguration) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return errors.New("No ImageBuilderInfrastructureConfiguration ID is set")
+		}
+
+		conn := testAccProvider.Meta().(*AWSClient).imagebuilderconn
+
+		resp, err := conn.GetInfrastructureConfiguration(&imagebuilder.GetInfrastructureConfigurationInput{
+			InfrastructureConfigurationArn: aws.String(rs.Primary.Attributes["arn"]),
+		})
+
+		if err != nil {
+			return err
+		}
+
+		if resp == nil || resp.InfrastructureConfiguration == nil {
+			return fmt.Errorf("Infrastructure configuration (%s) not found", rs.Primary.Attributes["name"])
+		}
+		*res = *resp.InfrastructureConfiguration
+		return nil
+	}
+}
+
+func testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy(s *terraform.State) error {
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_imagebuilder_infrastructure_configuration" {
+			continue
+		}
+
+		conn := testAccProvider.Meta().(*AWSClient).imagebuilderconn
+
+		resp, err := conn.GetInfrastructureConfiguration(&imagebuilder.GetInfrastructureConfigurationInput{
+			InfrastructureConfigurationArn: aws.String(rs.Primary.Attributes["arn"]),
+		})
+
+		if err == nil {
+			if resp.InfrastructureConfiguration != nil {
+				return fmt.Errorf("ImageBuilderInfrastructureConfiguration %q still exists", rs.Primary.ID)
+			}
+		}
+
+		// Verify the error
+		if awsErr, ok := err.(awserr.Error); ok {
+			if awsErr.Code() == "ResourceNotFoundException" {
+				return nil
+			}
+		}
+		return err
+	}
+
+	return nil
+}
+
+func testAccAWSImageBuilderInfrastructureConfiguration_basic(ConfigurationName string) string {
+	return fmt.Sprintf(`
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test_profile.name
+  name = "%[1]s"
+}
+
+resource "aws_iam_instance_profile" "test_profile" {
+  name = "%[1]s"
+  role = aws_iam_role.role.name
+}
+
+resource "aws_iam_role" "role" {
+  name = "%[1]s"
+  path = "/"
+
+  assume_role_policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+       {
+            "Action": "sts:AssumeRole",
+            "Principal": {
+               "Service": "ec2.amazonaws.com"
+            },
+            "Effect": "Allow",
+            "Sid": ""
+        }
+    ]
+}
+EOF
+}
+`, ConfigurationName)
+}
+
+func testAccAWSImageBuilderInfrastructureConfiguration_advanced(ConfigurationName string) string {
+	return fmt.Sprintf(`
+resource "aws_key_pair" "test" {
+  key_name   = "%[1]s"
+  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 example@example.com"
+}
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test_profile.name
+  name = "%[1]s"
+  description = "example desc"
+  instance_types = ["t3.micro"]
+  key_pair = aws_key_pair.test.key_name
+  logging  {
+    s3_logs  {
+      s3_bucket_name = aws_s3_bucket.example.bucket
+      s3_key_prefix = "logs"
+    }
+  }
+  security_group_ids = [aws_security_group.example.id]
+  sns_topic_arn = aws_sns_topic.example.arn
+  subnet_id = aws_subnet.main.id
+  terminate_instance_on_failure = false
+}
+
+resource "aws_iam_instance_profile" "test_profile" {
+  name = "%[1]s"
+  role = aws_iam_role.role.name
+}
+
+resource "aws_iam_role" "role" {
+  name = "%[1]s"
+  path = "/"
+
+  assume_role_policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+       {
+            "Action": "sts:AssumeRole",
+            "Principal": {
+               "Service": "ec2.amazonaws.com"
+            },
+            "Effect": "Allow",
+            "Sid": ""
+        }
+    ]
+}
+EOF
+}
+
+resource "aws_sns_topic" "example" {
+  name = "%[1]s"
+}
+
+
+resource "aws_subnet" "main" {
+  vpc_id     = aws_vpc.main.id
+  cidr_block = "10.0.1.0/24"
+}
+
+
+resource "aws_vpc" "main" {
+  cidr_block = "10.0.0.0/16"
+}
+
+resource "aws_security_group" "example" {
+  name        = "%[1]s"
+  vpc_id      = aws_vpc.main.id
+}
+
+resource "aws_s3_bucket" "example" {
+  bucket = %[1]q
+  acl    = "private"
+}
+
+`, ConfigurationName)
+}
+
+func testAccAWSImageBuilderInfrastructureConfiguration_tags1(ConfigurationName string) string {
+	return fmt.Sprintf(`
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test_profile.name
+  name = "%[1]s"
+  tags = {
+    Name = "tf-test",
+  }
+}
+
+resource "aws_iam_instance_profile" "test_profile" {
+  name = "%[1]s"
+  role = aws_iam_role.role.name
+}
+
+resource "aws_iam_role" "role" {
+  name = "%[1]s"
+  path = "/"
+
+  assume_role_policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+       {
+            "Action": "sts:AssumeRole",
+            "Principal": {
+               "Service": "ec2.amazonaws.com"
+            },
+            "Effect": "Allow",
+            "Sid": ""
+        }
+    ]
+}
+EOF
+}
+`, ConfigurationName)
+}
+
+func testAccAWSImageBuilderInfrastructureConfiguration_tags2(ConfigurationName string) string {
+	return fmt.Sprintf(`
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test_profile.name
+  name = "%[1]s"
+  tags = {
+    Name = "tf-test",
+    ExtraName = "tf-test"
+  }
+}
+
+resource "aws_iam_instance_profile" "test_profile" {
+  name = "%[1]s"
+  role = aws_iam_role.role.name
+}
+
+resource "aws_iam_role" "role" {
+  name = "%[1]s"
+  path = "/"
+
+  assume_role_policy = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+       {
+            "Action": "sts:AssumeRole",
+            "Principal": {
+               "Service": "ec2.amazonaws.com"
+            },
+            "Effect": "Allow",
+            "Sid": ""
+        }
+    ]
+}
+EOF
+}
+`, ConfigurationName)
+}
diff --git a/website/allowed-subcategories.txt b/website/allowed-subcategories.txt
index 15d8db21d04..57c6dfeb35b 100644
--- a/website/allowed-subcategories.txt
+++ b/website/allowed-subcategories.txt
@@ -57,6 +57,7 @@ Global Accelerator
 Glue
 GuardDuty
 IAM
+Image Builder
 Inspector
 IoT
 KMS
diff --git a/website/aws.erb b/website/aws.erb
index a9fff231091..07cbe20b6c9 100644
--- a/website/aws.erb
+++ b/website/aws.erb
@@ -1971,6 +1971,20 @@
                         </li>
                     </ul>
                 </li>
+                <li>
+                    <a href="#">Image Builder</a>
+                    <ul class="nav">
+                        <li>
+                            <a href="#">Resources</a>
+                            <ul class="nav nav-auto-expand">
+                                <li>
+                                    <a href="/docs/providers/aws/r/imagebuilder_infrastructure_configuration.html">aws_imagebuilder_infrastructure_configuration</a>
+                                </li>
+                            </ul>
+                        </li>
+                    </ul>
+                </li>
+                <li>
                 <li>
                     <a href="#">IoT</a>
                     <ul class="nav">
diff --git a/website/docs/r/imagebuilder_infrastructure_configuration.html.markdown b/website/docs/r/imagebuilder_infrastructure_configuration.html.markdown
new file mode 100644
index 00000000000..a848ae8303f
--- /dev/null
+++ b/website/docs/r/imagebuilder_infrastructure_configuration.html.markdown
@@ -0,0 +1,77 @@
+---
+subcategory: "Image Builder"
+layout: "aws"
+page_title: "AWS: aws_imagebuilder_infrastructure_configuration"
+description: |-
+  Provides AWS Image Builder infrasctracture configuration 
+---
+
+# Resource: aws_imagebuilder_infrastructure_configuration
+Provides AWS Image Builder infrasctracture configuration
+
+## Example Usage
+
+```hcl
+# Create new infrastructure configuration
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test_profile.name
+  name                  = "example"
+  description           = "example desc"
+  instance_types        = ["t2.nano", "t3.micro"]
+  key_pair              = aws_key_pair.example.key_name
+  logging {
+    s3_logs {
+      s3_bucket_name = aws_s3_bucket.example.bucket
+      s3_key_prefix  = "logs"
+    }
+  }
+  security_group_ids            = [aws_security_group.example.id]
+  sns_topic_arn                 = aws_sns_topic.example.arn
+  subnet_id                     = aws_subnet.main.id
+  terminate_instance_on_failure = true
+  tags = {
+    foo = "bar"
+  }
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `instance_profile_name` - (Required) The name of iam instance profile.
+* `name` - (Required) The name of the imgage builder infrastructure configuration.
+* `description` - (Optional) The description of the imgage builder infrastructure configuration.
+* `instance_types` - (Optional) A list of instance to use.
+* `key_pair` - (Optional) The name of your key pair
+* `logging` - (Optional) The logging configuration, see below for details.
+* `security_group_ids` - (Optional) A list of security groups to assign to resource, mandatory if subnet provider.
+* `sns_topic_arn` - (Optional) The ARN of sns topic to use.
+* `subnet_id` - (Optional) The id of subnet to use, if provided requires that security groups also be provided. 
+* `tags` - (Optional) A map of tags to assign to the resource.
+* `terminate_instance_on_failure` - (Optional) should the instance be terminated when the pipeline fails (Default: false).
+
+### Logging
+The logging object support the following blocks:
+* s3_logs
+
+The s3_logs block supports the following arguments:
+* `s3_bucket_name` - (Required) The name of the bucket to use.
+* `s3_key_prefix` - (Optional) The prefix to use for logs (Default: "/").
+
+## Attributes Reference
+
+The following attributes are exported in addition to the arguments listed above:
+
+* `id` - The ARN of the configuration (matches `arn`).
+* `arn` - The ARN of the configuration  (matches `id`).
+* `date_created` - The timestamp when the configuration was created.
+* `date_updated` - The timestamp when the configuration was updated.
+
+## Import
+
+Infrastructure configuration can be imported using the ARN , e.g.
+
+```
+$ terraform import aws_imagebuilder_infrastructure_configuration.test '<ARN>'
+```

From c6ef22539e65568b49552120f8e214c80e539429 Mon Sep 17 00:00:00 2001
From: Brian Flad <bflad417@gmail.com>
Date: Fri, 13 Nov 2020 14:58:03 -0500
Subject: [PATCH 4/4] New Resource:
 aws_imagebuilder_infrastructure_configuration

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/11084
Reference: https://github.com/hashicorp/terraform-provider-aws/pull/13485
Reference: https://github.com/hashicorp/terraform-provider-aws/pull/14347

Changes:

```
* **New Data Source:** `aws_imagebuilder_infrastructure_configuration`
* **New Resource:** `aws_imagebuilder_infrastructure_configuration`
```

Output from acceptance testing in AWS Commercial:

```
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_basic (47.25s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Description (56.76s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_disappears (34.25s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_InstanceProfileName (75.52s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_InstanceTypes (63.65s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_KeyPair (63.67s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Logging_S3Logs_S3BucketName (82.86s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Logging_S3Logs_S3KeyPrefix (76.12s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_ResourceTags (62.22s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_SecurityGroupIds (76.90s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_SnsTopicArn (69.00s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_SubnetId (76.21s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Tags (74.09s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_TerminateInstanceOnFailure (62.45s)

--- PASS: TestAccAwsImageBuilderInfrastructureConfigurationDataSource_Arn (26.62s)
```

Output from acceptance testing in AWS GovCloud (US):

```
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_basic (51.08s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Description (66.77s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_disappears (44.79s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_InstanceProfileName (76.02s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_InstanceTypes (71.91s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_KeyPair (73.11s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Logging_S3Logs_S3BucketName (88.93s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Logging_S3Logs_S3KeyPrefix (84.10s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_ResourceTags (71.55s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_SecurityGroupIds (81.06s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_SnsTopicArn (69.43s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_SubnetId (83.06s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_Tags (87.65s)
--- PASS: TestAccAwsImageBuilderInfrastructureConfiguration_TerminateInstanceOnFailure (71.96s)

--- PASS: TestAccAwsImageBuilderInfrastructureConfigurationDataSource_Arn (33.51s)
```

Output from sweeper in AWS Commercial:

```
2020/11/13 14:24:06 [DEBUG] Running Sweepers for region (us-west-2):
2020/11/13 14:24:06 [DEBUG] Running Sweeper (aws_imagebuilder_infrastructure_configuration) in region (us-west-2)
2020/11/13 14:24:09 Sweeper Tests ran successfully:
  - aws_imagebuilder_infrastructure_configuration
2020/11/13 14:24:09 [DEBUG] Running Sweepers for region (us-east-1):
2020/11/13 14:24:09 [DEBUG] Running Sweeper (aws_imagebuilder_infrastructure_configuration) in region (us-east-1)
2020/11/13 14:24:11 Sweeper Tests ran successfully:
  - aws_imagebuilder_infrastructure_configuration
ok    github.com/terraform-providers/terraform-provider-aws/aws 7.692s
```
Output from sweeper in AWS GovCloud (US):

```
2020/11/13 14:24:10 [DEBUG] Running Sweepers for region (us-gov-west-1):
2020/11/13 14:24:10 [DEBUG] Running Sweeper (aws_imagebuilder_infrastructure_configuration) in region (us-gov-west-1)
2020/11/13 14:24:12 Sweeper Tests ran successfully:
  - aws_imagebuilder_infrastructure_configuration
ok    github.com/terraform-providers/terraform-provider-aws/aws 4.976s
```
---
 ...agebuilder_infrastructure_configuration.go |  142 +++
 ...ilder_infrastructure_configuration_test.go |   78 ++
 aws/provider.go                               |    1 +
 ...agebuilder_infrastructure_configuration.go |  352 ++++--
 ...ilder_infrastructure_configuration_test.go | 1104 +++++++++++++----
 ...infrastructure_configuration.html.markdown |   47 +
 ...infrastructure_configuration.html.markdown |   90 +-
 7 files changed, 1424 insertions(+), 390 deletions(-)
 create mode 100644 aws/data_source_aws_imagebuilder_infrastructure_configuration.go
 create mode 100644 aws/data_source_aws_imagebuilder_infrastructure_configuration_test.go
 create mode 100644 website/docs/d/imagebuilder_infrastructure_configuration.html.markdown

diff --git a/aws/data_source_aws_imagebuilder_infrastructure_configuration.go b/aws/data_source_aws_imagebuilder_infrastructure_configuration.go
new file mode 100644
index 00000000000..37d4a108415
--- /dev/null
+++ b/aws/data_source_aws_imagebuilder_infrastructure_configuration.go
@@ -0,0 +1,142 @@
+package aws
+
+import (
+	"fmt"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/imagebuilder"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"
+)
+
+func datasourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
+	return &schema.Resource{
+		Read: datasourceAwsImageBuilderInfrastructureConfigurationRead,
+
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validateArn,
+			},
+			"date_created": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"date_updated": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"description": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"instance_profile_name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"instance_types": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+			"key_pair": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"logging": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"s3_logs": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"s3_bucket_name": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"s3_key_prefix": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+			"name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"resource_tags": tagsSchemaComputed(),
+			"security_group_ids": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+			"sns_topic_arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"subnet_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"tags": tagsSchemaComputed(),
+			"terminate_instance_on_failure": {
+				Type:     schema.TypeBool,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func datasourceAwsImageBuilderInfrastructureConfigurationRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).imagebuilderconn
+	ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig
+
+	input := &imagebuilder.GetInfrastructureConfigurationInput{}
+
+	if v, ok := d.GetOk("arn"); ok {
+		input.InfrastructureConfigurationArn = aws.String(v.(string))
+	}
+
+	output, err := conn.GetInfrastructureConfiguration(input)
+
+	if err != nil {
+		return fmt.Errorf("error getting Image Builder Infrastructure Configuration (%s): %w", d.Id(), err)
+	}
+
+	if output == nil || output.InfrastructureConfiguration == nil {
+		return fmt.Errorf("error getting Image Builder Infrastructure Configuration (%s): empty response", d.Id())
+	}
+
+	infrastructureConfiguration := output.InfrastructureConfiguration
+
+	d.SetId(aws.StringValue(infrastructureConfiguration.Arn))
+	d.Set("arn", infrastructureConfiguration.Arn)
+	d.Set("date_created", infrastructureConfiguration.DateCreated)
+	d.Set("date_updated", infrastructureConfiguration.DateUpdated)
+	d.Set("description", infrastructureConfiguration.Description)
+	d.Set("instance_profile_name", infrastructureConfiguration.InstanceProfileName)
+	d.Set("instance_types", aws.StringValueSlice(infrastructureConfiguration.InstanceTypes))
+	d.Set("key_pair", infrastructureConfiguration.KeyPair)
+	if infrastructureConfiguration.Logging != nil {
+		d.Set("logging", []interface{}{flattenImageBuilderLogging(infrastructureConfiguration.Logging)})
+	} else {
+		d.Set("logging", nil)
+	}
+	d.Set("name", infrastructureConfiguration.Name)
+	d.Set("resource_tags", keyvaluetags.ImagebuilderKeyValueTags(infrastructureConfiguration.ResourceTags).Map())
+	d.Set("security_group_ids", aws.StringValueSlice(infrastructureConfiguration.SecurityGroupIds))
+	d.Set("sns_topic_arn", infrastructureConfiguration.SnsTopicArn)
+	d.Set("subnet_id", infrastructureConfiguration.SubnetId)
+	d.Set("tags", keyvaluetags.ImagebuilderKeyValueTags(infrastructureConfiguration.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map())
+	d.Set("terminate_instance_on_failure", infrastructureConfiguration.TerminateInstanceOnFailure)
+
+	return nil
+}
diff --git a/aws/data_source_aws_imagebuilder_infrastructure_configuration_test.go b/aws/data_source_aws_imagebuilder_infrastructure_configuration_test.go
new file mode 100644
index 00000000000..3b7d31c8e80
--- /dev/null
+++ b/aws/data_source_aws_imagebuilder_infrastructure_configuration_test.go
@@ -0,0 +1,78 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccAwsImageBuilderInfrastructureConfigurationDataSource_Arn(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	dataSourceName := "data.aws_imagebuilder_infrastructure_configuration.test"
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationDataSourceConfigArn(rName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrPair(dataSourceName, "arn", resourceName, "arn"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "date_created", resourceName, "date_created"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "date_updated", resourceName, "date_updated"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "description", resourceName, "description"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "instance_profile_name", resourceName, "instance_profile_name"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "instance_types.#", resourceName, "instance_types.#"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "key_pair", resourceName, "key_pair"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "logging.#", resourceName, "logging.#"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "name", resourceName, "name"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "resource_tags.%", resourceName, "resource_tags.%"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "security_group_ids.#", resourceName, "security_group_ids.#"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "sns_topic_arn", resourceName, "sns_topic_arn"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "subnet_id", resourceName, "subnet_id"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "tags.%", resourceName, "tags.%"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "terminate_instance_on_failure", resourceName, "terminate_instance_on_failure"),
+				),
+			},
+		},
+	})
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationDataSourceConfigArn(rName string) string {
+	return fmt.Sprintf(`
+data "aws_partition" "current" {}
+
+resource "aws_iam_instance_profile" "test" {
+  name = aws_iam_role.role.name
+  role = aws_iam_role.role.name
+}
+
+resource "aws_iam_role" "role" {
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [{
+      Action = "sts:AssumeRole"
+      Effect = "Allow"
+      Principal = {
+        Service = "ec2.${data.aws_partition.current.dns_suffix}"
+      }
+      Sid = ""
+    }]
+  })
+  name = %[1]q
+}
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+}
+
+data "aws_imagebuilder_infrastructure_configuration" "test" {
+  arn = aws_imagebuilder_infrastructure_configuration.test.arn
+}
+`, rName)
+}
diff --git a/aws/provider.go b/aws/provider.go
index 1487e8da29f..66cc09379ea 100644
--- a/aws/provider.go
+++ b/aws/provider.go
@@ -266,6 +266,7 @@ func Provider() *schema.Provider {
 			"aws_iam_role":                                   dataSourceAwsIAMRole(),
 			"aws_iam_server_certificate":                     dataSourceAwsIAMServerCertificate(),
 			"aws_iam_user":                                   dataSourceAwsIAMUser(),
+			"aws_imagebuilder_infrastructure_configuration":  datasourceAwsImageBuilderInfrastructureConfiguration(),
 			"aws_internet_gateway":                           dataSourceAwsInternetGateway(),
 			"aws_iot_endpoint":                               dataSourceAwsIotEndpoint(),
 			"aws_inspector_rules_packages":                   dataSourceAwsInspectorRulesPackages(),
diff --git a/aws/resource_aws_imagebuilder_infrastructure_configuration.go b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
index 5eed4f1c8a8..e0b3148f4c0 100644
--- a/aws/resource_aws_imagebuilder_infrastructure_configuration.go
+++ b/aws/resource_aws_imagebuilder_infrastructure_configuration.go
@@ -2,14 +2,17 @@ package aws
 
 import (
 	"fmt"
+	"log"
+
 	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/service/backup"
 	"github.com/aws/aws-sdk-go/service/imagebuilder"
-	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
-	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
-	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+	"github.com/hashicorp/aws-sdk-go-base/tfawserr"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"
-	"log"
+	iamwaiter "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/iam/waiter"
+	"github.com/terraform-providers/terraform-provider-aws/aws/internal/tfresource"
 )
 
 func resourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
@@ -90,6 +93,7 @@ func resourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
+			"resource_tags": tagsSchema(),
 			"security_group_ids": {
 				Type:     schema.TypeSet,
 				Optional: true,
@@ -99,19 +103,19 @@ func resourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
 			"sns_topic_arn": {
 				Type:         schema.TypeString,
 				Optional:     true,
-				ValidateFunc: validation.StringLenBetween(1, 1024),
+				ValidateFunc: validateArn,
 			},
 			"subnet_id": {
 				Type:         schema.TypeString,
 				Optional:     true,
 				ValidateFunc: validation.StringLenBetween(1, 1024),
 			},
+			"tags": tagsSchema(),
 			"terminate_instance_on_failure": {
 				Type:     schema.TypeBool,
 				Optional: true,
 				Default:  false,
 			},
-			"tags": tagsSchema(),
 		},
 	}
 }
@@ -119,44 +123,88 @@ func resourceAwsImageBuilderInfrastructureConfiguration() *schema.Resource {
 func resourceAwsImageBuilderInfrastructureConfigurationCreate(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).imagebuilderconn
 
-	securityIdSet := d.Get("security_group_ids").(*schema.Set)
-	securityIds := expandStringList(securityIdSet.List())
-	instanceIdSet := d.Get("instance_types").(*schema.Set)
-	instanceIds := expandStringList(instanceIdSet.List())
-
 	input := &imagebuilder.CreateInfrastructureConfigurationInput{
-		ClientToken:         aws.String(resource.UniqueId()),
-		Name:                aws.String(d.Get("name").(string)),
-		InstanceProfileName: aws.String(d.Get("instance_profile_name").(string)),
-		SecurityGroupIds:    securityIds,
-		InstanceTypes:       instanceIds,
-		Logging:             expandAwsImageBuilderLogsConfig(d),
+		ClientToken: aws.String(resource.UniqueId()),
 	}
 
 	if v, ok := d.GetOk("description"); ok {
-		input.SetDescription(v.(string))
+		input.Description = aws.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("instance_profile_name"); ok {
+		input.InstanceProfileName = aws.String(v.(string))
 	}
+
+	if v, ok := d.GetOk("instance_types"); ok && v.(*schema.Set).Len() > 0 {
+		input.InstanceTypes = expandStringSet(v.(*schema.Set))
+	}
+
 	if v, ok := d.GetOk("key_pair"); ok {
-		input.SetKeyPair(v.(string))
+		input.KeyPair = aws.String(v.(string))
 	}
+
+	if v, ok := d.GetOk("name"); ok {
+		input.Name = aws.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("logging"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil {
+		input.Logging = expandImageBuilderLogging(v.([]interface{})[0].(map[string]interface{}))
+	}
+
+	if v, ok := d.GetOk("resource_tags"); ok && len(v.(map[string]interface{})) > 0 {
+		input.ResourceTags = keyvaluetags.New(v.(map[string]interface{})).ImagebuilderTags()
+	}
+
+	if v, ok := d.GetOk("security_group_ids"); ok && v.(*schema.Set).Len() > 0 {
+		input.SecurityGroupIds = expandStringSet(v.(*schema.Set))
+	}
+
 	if v, ok := d.GetOk("sns_topic_arn"); ok {
-		input.SetSnsTopicArn(v.(string))
+		input.SnsTopicArn = aws.String(v.(string))
 	}
+
 	if v, ok := d.GetOk("subnet_id"); ok {
-		input.SetSubnetId(v.(string))
+		input.SubnetId = aws.String(v.(string))
 	}
-	if v, ok := d.GetOk("tags"); ok {
-		input.SetTags(keyvaluetags.New(v.(map[string]interface{})).IgnoreAws().ImagebuilderTags())
+
+	if v, ok := d.GetOk("tags"); ok && len(v.(map[string]interface{})) > 0 {
+		input.Tags = keyvaluetags.New(v.(map[string]interface{})).IgnoreAws().ImagebuilderTags()
 	}
 
-	log.Printf("[DEBUG] Creating Infrastructure Configuration: %#v", input)
+	if v, ok := d.GetOk("terminate_instance_on_failure"); ok {
+		input.TerminateInstanceOnFailure = aws.Bool(v.(bool))
+	}
+
+	var output *imagebuilder.CreateInfrastructureConfigurationOutput
+	err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError {
+		var err error
+
+		output, err = conn.CreateInfrastructureConfiguration(input)
+
+		if tfawserr.ErrMessageContains(err, imagebuilder.ErrCodeInvalidParameterValueException, "instance profile does not exist") {
+			return resource.RetryableError(err)
+		}
+
+		if err != nil {
+			return resource.NonRetryableError(err)
+		}
+
+		return nil
+	})
+
+	if tfresource.TimedOut(err) {
+		output, err = conn.CreateInfrastructureConfiguration(input)
+	}
 
-	resp, err := conn.CreateInfrastructureConfiguration(input)
 	if err != nil {
-		return fmt.Errorf("error creating Component: %s", err)
+		return fmt.Errorf("error creating Image Builder Infrastructure Configuration: %w", err)
 	}
 
-	d.SetId(aws.StringValue(resp.InfrastructureConfigurationArn))
+	if output == nil {
+		return fmt.Errorf("error creating Image Builder Infrastructure Configuration: empty response")
+	}
+
+	d.SetId(aws.StringValue(output.InfrastructureConfigurationArn))
 
 	return resourceAwsImageBuilderInfrastructureConfigurationRead(d, meta)
 }
@@ -165,41 +213,47 @@ func resourceAwsImageBuilderInfrastructureConfigurationRead(d *schema.ResourceDa
 	conn := meta.(*AWSClient).imagebuilderconn
 	ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig
 
-	resp, err := conn.GetInfrastructureConfiguration(&imagebuilder.GetInfrastructureConfigurationInput{
+	input := &imagebuilder.GetInfrastructureConfigurationInput{
 		InfrastructureConfigurationArn: aws.String(d.Id()),
-	})
+	}
+
+	output, err := conn.GetInfrastructureConfiguration(input)
 
-	if isAWSErr(err, backup.ErrCodeResourceNotFoundException, "") {
-		log.Printf("[WARN] Infrastructure Configuration (%s) not found, removing from state", d.Id())
+	if !d.IsNewResource() && tfawserr.ErrCodeEquals(err, imagebuilder.ErrCodeResourceNotFoundException) {
+		log.Printf("[WARN] Image Builder Infrastructure Configuration (%s) not found, removing from state", d.Id())
 		d.SetId("")
 		return nil
 	}
 
 	if err != nil {
-		return fmt.Errorf("error reading Infrastructure Configuration (%s): %s", d.Id(), err)
-	}
-
-	d.Set("arn", resp.InfrastructureConfiguration.Arn)
-	d.Set("date_created", resp.InfrastructureConfiguration.DateCreated)
-	d.Set("date_updated", resp.InfrastructureConfiguration.DateUpdated)
-	d.Set("description", resp.InfrastructureConfiguration.Description)
-	d.Set("instance_profile_name", resp.InfrastructureConfiguration.InstanceProfileName)
-	d.Set("instance_types", resp.InfrastructureConfiguration.InstanceTypes)
-	d.Set("key_pair", resp.InfrastructureConfiguration.KeyPair)
-	d.Set("logging", flattenAwsImageBuilderLogsConfig(resp.InfrastructureConfiguration.Logging))
-	d.Set("name", resp.InfrastructureConfiguration.Name)
-	d.Set("security_group_ids", resp.InfrastructureConfiguration.SecurityGroupIds)
-	d.Set("sns_topic_arn", resp.InfrastructureConfiguration.SnsTopicArn)
-	d.Set("subnet_id", resp.InfrastructureConfiguration.SubnetId)
-	d.Set("terminate_instance_on_failure", resp.InfrastructureConfiguration.TerminateInstanceOnFailure)
-
-	tags, err := keyvaluetags.ImagebuilderListTags(conn, d.Get("arn").(string))
-	if err != nil {
-		return fmt.Errorf("error listing tags for Infrastructure Configuration (%s): %s", d.Id(), err)
+		return fmt.Errorf("error getting Image Builder Infrastructure Configuration (%s): %w", d.Id(), err)
 	}
-	if err := d.Set("tags", tags.IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil {
-		return fmt.Errorf("error setting tags: %s", err)
+
+	if output == nil || output.InfrastructureConfiguration == nil {
+		return fmt.Errorf("error getting Image Builder Infrastructure Configuration (%s): empty response", d.Id())
+	}
+
+	infrastructureConfiguration := output.InfrastructureConfiguration
+
+	d.Set("arn", infrastructureConfiguration.Arn)
+	d.Set("date_created", infrastructureConfiguration.DateCreated)
+	d.Set("date_updated", infrastructureConfiguration.DateUpdated)
+	d.Set("description", infrastructureConfiguration.Description)
+	d.Set("instance_profile_name", infrastructureConfiguration.InstanceProfileName)
+	d.Set("instance_types", aws.StringValueSlice(infrastructureConfiguration.InstanceTypes))
+	d.Set("key_pair", infrastructureConfiguration.KeyPair)
+	if infrastructureConfiguration.Logging != nil {
+		d.Set("logging", []interface{}{flattenImageBuilderLogging(infrastructureConfiguration.Logging)})
+	} else {
+		d.Set("logging", nil)
 	}
+	d.Set("name", infrastructureConfiguration.Name)
+	d.Set("resource_tags", keyvaluetags.ImagebuilderKeyValueTags(infrastructureConfiguration.ResourceTags).Map())
+	d.Set("security_group_ids", aws.StringValueSlice(infrastructureConfiguration.SecurityGroupIds))
+	d.Set("sns_topic_arn", infrastructureConfiguration.SnsTopicArn)
+	d.Set("subnet_id", infrastructureConfiguration.SubnetId)
+	d.Set("tags", keyvaluetags.ImagebuilderKeyValueTags(infrastructureConfiguration.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map())
+	d.Set("terminate_instance_on_failure", infrastructureConfiguration.TerminateInstanceOnFailure)
 
 	return nil
 }
@@ -207,63 +261,91 @@ func resourceAwsImageBuilderInfrastructureConfigurationRead(d *schema.ResourceDa
 func resourceAwsImageBuilderInfrastructureConfigurationUpdate(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).imagebuilderconn
 
-	// Despite not being required by the API, if it's not sent then certain things get wiped to null
-	upd := imagebuilder.UpdateInfrastructureConfigurationInput{
-		InfrastructureConfigurationArn: aws.String(d.Id()),
-		InstanceProfileName:            aws.String(d.Get("instance_profile_name").(string)),
-		Logging:                        expandAwsImageBuilderLogsConfig(d),
-	}
+	if d.HasChanges(
+		"description",
+		"instance_profile_name",
+		"instance_types",
+		"key_pair",
+		"logging",
+		"resource_tags",
+		"security_group_ids",
+		"sns_topic_arn",
+		"subnet_id",
+		"terminate_instance_on_failure",
+	) {
+		input := &imagebuilder.UpdateInfrastructureConfigurationInput{
+			InfrastructureConfigurationArn: aws.String(d.Id()),
+		}
 
-	if description, ok := d.GetOk("description"); ok {
-		upd.Description = aws.String(description.(string))
-	}
+		if v, ok := d.GetOk("description"); ok {
+			input.Description = aws.String(v.(string))
+		}
 
-	if key_pair, ok := d.GetOk("key_pair"); ok {
-		upd.KeyPair = aws.String(key_pair.(string))
-	}
+		if v, ok := d.GetOk("instance_profile_name"); ok {
+			input.InstanceProfileName = aws.String(v.(string))
+		}
 
-	if subnet_id, ok := d.GetOk("subnet_id"); ok {
-		upd.SubnetId = aws.String(subnet_id.(string))
-	}
+		if v, ok := d.GetOk("instance_types"); ok && v.(*schema.Set).Len() > 0 {
+			input.InstanceTypes = expandStringSet(v.(*schema.Set))
+		}
 
-	if attr := d.Get("instance_types").(*schema.Set); attr.Len() > 0 {
-		upd.InstanceTypes = expandStringList(attr.List())
-	}
+		if v, ok := d.GetOk("key_pair"); ok {
+			input.KeyPair = aws.String(v.(string))
+		}
 
-	if d.HasChange("instance_profile_name") {
-		upd.InstanceProfileName = aws.String(d.Get("instance_profile_name").(string))
-	}
+		if v, ok := d.GetOk("logging"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil {
+			input.Logging = expandImageBuilderLogging(v.([]interface{})[0].(map[string]interface{}))
+		}
 
-	if v, ok := d.GetOk("security_group_ids"); ok {
-		if attr := v.(*schema.Set); attr.Len() > 0 {
-			upd.SecurityGroupIds = expandStringList(attr.List())
+		if v, ok := d.GetOk("resource_tags"); ok && len(v.(map[string]interface{})) > 0 {
+			input.ResourceTags = keyvaluetags.New(v.(map[string]interface{})).ImagebuilderTags()
 		}
-	}
 
-	if sns_topic_arn, ok := d.GetOk("sns_topic_arn"); ok {
-		upd.SnsTopicArn = aws.String(sns_topic_arn.(string))
-	}
+		if v, ok := d.GetOk("security_group_ids"); ok && v.(*schema.Set).Len() > 0 {
+			input.SecurityGroupIds = expandStringSet(v.(*schema.Set))
+		}
 
-	if terminate_instance_on_failure, ok := d.GetOk("terminate_instance_on_failure"); ok {
-		upd.TerminateInstanceOnFailure = aws.Bool(terminate_instance_on_failure.(bool))
-	}
+		if v, ok := d.GetOk("sns_topic_arn"); ok {
+			input.SnsTopicArn = aws.String(v.(string))
+		}
+
+		if v, ok := d.GetOk("subnet_id"); ok {
+			input.SubnetId = aws.String(v.(string))
+		}
+
+		if v, ok := d.GetOk("terminate_instance_on_failure"); ok {
+			input.TerminateInstanceOnFailure = aws.Bool(v.(bool))
+		}
+
+		err := resource.Retry(iamwaiter.PropagationTimeout, func() *resource.RetryError {
+			_, err := conn.UpdateInfrastructureConfiguration(input)
+
+			if tfawserr.ErrMessageContains(err, imagebuilder.ErrCodeInvalidParameterValueException, "instance profile does not exist") {
+				return resource.RetryableError(err)
+			}
+
+			if err != nil {
+				return resource.NonRetryableError(err)
+			}
+
+			return nil
+		})
 
-	if d.HasChange("security_group_ids") {
-		if attr := d.Get("security_group_ids").(*schema.Set); attr.Len() > 0 {
-			upd.SecurityGroupIds = expandStringList(attr.List())
+		if tfresource.TimedOut(err) {
+			_, err = conn.UpdateInfrastructureConfiguration(input)
+		}
+
+		if err != nil {
+			return fmt.Errorf("error updating Image Builder Infrastructure Configuration (%s): %w", d.Id(), err)
 		}
 	}
 
 	if d.HasChange("tags") {
 		o, n := d.GetChange("tags")
-		if err := keyvaluetags.ImagebuilderUpdateTags(conn, d.Get("arn").(string), o, n); err != nil {
-			return fmt.Errorf("error updating tags for Infrastructure Configuration (%s): %s", d.Id(), err)
-		}
-	}
 
-	_, err := conn.UpdateInfrastructureConfiguration(&upd)
-	if err != nil {
-		return fmt.Errorf("error updating Infrastructure Configuration (%s): %s", d.Id(), err)
+		if err := keyvaluetags.ImagebuilderUpdateTags(conn, d.Id(), o, n); err != nil {
+			return fmt.Errorf("error updating tags for Image Builder Infrastructure Configuration (%s): %w", d.Id(), err)
+		}
 	}
 
 	return resourceAwsImageBuilderInfrastructureConfigurationRead(d, meta)
@@ -272,73 +354,83 @@ func resourceAwsImageBuilderInfrastructureConfigurationUpdate(d *schema.Resource
 func resourceAwsImageBuilderInfrastructureConfigurationDelete(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).imagebuilderconn
 
-	_, err := conn.DeleteInfrastructureConfiguration(&imagebuilder.DeleteInfrastructureConfigurationInput{
+	input := &imagebuilder.DeleteInfrastructureConfigurationInput{
 		InfrastructureConfigurationArn: aws.String(d.Id()),
-	})
+	}
+
+	_, err := conn.DeleteInfrastructureConfiguration(input)
 
-	if isAWSErr(err, imagebuilder.ErrCodeResourceNotFoundException, "") {
+	if tfawserr.ErrCodeEquals(err, imagebuilder.ErrCodeResourceNotFoundException) {
 		return nil
 	}
 
 	if err != nil {
-		return fmt.Errorf("error deleting Infrastructure Configuration (%s): %s", d.Id(), err)
+		return fmt.Errorf("error deleting Image Builder Infrastructure Configuration (%s): %w", d.Id(), err)
 	}
 
 	return nil
 }
 
-func flattenAwsImageBuilderLogsConfig(logsConfig *imagebuilder.Logging) []interface{} {
-	if logsConfig == nil || logsConfig.S3Logs == nil {
-		return []interface{}{}
+func expandImageBuilderLogging(tfMap map[string]interface{}) *imagebuilder.Logging {
+	if tfMap == nil {
+		return nil
 	}
 
-	values := map[string]interface{}{}
+	apiObject := &imagebuilder.Logging{}
 
-	// If more logging options are added, add more ifs!
-	values["s3_logs"] = flattenAwsImageBuilderS3Logs(logsConfig.S3Logs)
+	if v, ok := tfMap["s3_logs"].([]interface{}); ok && len(v) > 0 && v[0] != nil {
+		apiObject.S3Logs = expandImageBuilderS3Logs(v[0].(map[string]interface{}))
+	}
 
-	return []interface{}{values}
+	return apiObject
 }
 
-func flattenAwsImageBuilderS3Logs(s3LogsConfig *imagebuilder.S3Logs) []interface{} {
-	values := map[string]interface{}{}
+func expandImageBuilderS3Logs(tfMap map[string]interface{}) *imagebuilder.S3Logs {
+	if tfMap == nil {
+		return nil
+	}
+
+	apiObject := &imagebuilder.S3Logs{}
+
+	if v, ok := tfMap["s3_bucket_name"].(string); ok && v != "" {
+		apiObject.S3BucketName = aws.String(v)
+	}
 
-	values["s3_key_prefix"] = aws.StringValue(s3LogsConfig.S3KeyPrefix)
-	values["s3_bucket_name"] = aws.StringValue(s3LogsConfig.S3BucketName)
+	if v, ok := tfMap["s3_key_prefix"].(string); ok && v != "" {
+		apiObject.S3KeyPrefix = aws.String(v)
+	}
 
-	return []interface{}{values}
+	return apiObject
 }
 
-func expandAwsImageBuilderLogsConfig(d *schema.ResourceData) *imagebuilder.Logging {
-	logsConfig := &imagebuilder.Logging{}
+func flattenImageBuilderLogging(apiObject *imagebuilder.Logging) map[string]interface{} {
+	if apiObject == nil {
+		return nil
+	}
 
-	if v, ok := d.GetOk("logging"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil {
-		configList := v.([]interface{})
-		data := configList[0].(map[string]interface{})
+	tfMap := map[string]interface{}{}
 
-		if v, ok := data["s3_logs"]; ok {
-			logsConfig.S3Logs = expandAwsImageBuilderS3LogsConfig(v.([]interface{}))
-		}
+	if v := apiObject.S3Logs; v != nil {
+		tfMap["s3_logs"] = []interface{}{flattenImageBuilderS3Logs(v)}
 	}
 
-	return logsConfig
+	return tfMap
 }
 
-func expandAwsImageBuilderS3LogsConfig(configList []interface{}) *imagebuilder.S3Logs {
-	if len(configList) == 0 || configList[0] == nil {
+func flattenImageBuilderS3Logs(apiObject *imagebuilder.S3Logs) map[string]interface{} {
+	if apiObject == nil {
 		return nil
 	}
 
-	data := configList[0].(map[string]interface{})
+	tfMap := map[string]interface{}{}
 
-	s3LogsConfig := &imagebuilder.S3Logs{}
-
-	if v, ok := data["s3_bucket_name"]; ok {
-		s3LogsConfig.S3BucketName = aws.String(v.(string))
+	if v := apiObject.S3BucketName; v != nil {
+		tfMap["s3_bucket_name"] = aws.StringValue(v)
 	}
-	if v, ok := data["s3_key_prefix"]; ok {
-		s3LogsConfig.S3KeyPrefix = aws.String(v.(string))
+
+	if v := apiObject.S3KeyPrefix; v != nil {
+		tfMap["s3_key_prefix"] = aws.StringValue(v)
 	}
 
-	return s3LogsConfig
+	return tfMap
 }
diff --git a/aws/resource_aws_imagebuilder_infrastructure_configuration_test.go b/aws/resource_aws_imagebuilder_infrastructure_configuration_test.go
index 2d9958b9fa1..607f4bb46cc 100644
--- a/aws/resource_aws_imagebuilder_infrastructure_configuration_test.go
+++ b/aws/resource_aws_imagebuilder_infrastructure_configuration_test.go
@@ -1,355 +1,1015 @@
 package aws
 
 import (
-	"errors"
 	"fmt"
-	"github.com/aws/aws-sdk-go/aws/awserr"
+	"log"
 	"testing"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/imagebuilder"
-	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
-	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
-	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+	"github.com/hashicorp/aws-sdk-go-base/tfawserr"
+	"github.com/hashicorp/go-multierror"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
 )
 
-//Check the minimal configuration
-func TestAccAWSImageBuilderInfrastructureConfiguration_basic(t *testing.T) {
-	var conf imagebuilder.InfrastructureConfiguration
-	RandomString := fmt.Sprintf("tf-test-%d", acctest.RandInt())
+func init() {
+	resource.AddTestSweepers("aws_imagebuilder_infrastructure_configuration", &resource.Sweeper{
+		Name: "aws_imagebuilder_infrastructure_configuration",
+		F:    testSweepImageBuilderInfrastructureConfigurations,
+	})
+}
+
+func testSweepImageBuilderInfrastructureConfigurations(region string) error {
+	client, err := sharedClientForRegion(region)
+	if err != nil {
+		return fmt.Errorf("error getting client: %s", err)
+	}
+	conn := client.(*AWSClient).imagebuilderconn
+
+	var sweeperErrs *multierror.Error
+
+	input := &imagebuilder.ListInfrastructureConfigurationsInput{}
+
+	err = conn.ListInfrastructureConfigurationsPages(input, func(page *imagebuilder.ListInfrastructureConfigurationsOutput, lastPage bool) bool {
+		if page == nil {
+			return !lastPage
+		}
+
+		for _, infrastructureConfigurationSummary := range page.InfrastructureConfigurationSummaryList {
+			if infrastructureConfigurationSummary == nil {
+				continue
+			}
+
+			arn := aws.StringValue(infrastructureConfigurationSummary.Arn)
+
+			r := resourceAwsImageBuilderInfrastructureConfiguration()
+			d := r.Data(nil)
+			d.SetId(arn)
+
+			err := r.Delete(d, client)
+
+			if err != nil {
+				sweeperErr := fmt.Errorf("error deleting Image Builder Infrastructure Configuration (%s): %w", arn, err)
+				log.Printf("[ERROR] %s", sweeperErr)
+				sweeperErrs = multierror.Append(sweeperErrs, sweeperErr)
+				continue
+			}
+		}
+
+		return !lastPage
+	})
+
+	if testSweepSkipSweepError(err) {
+		log.Printf("[WARN] Skipping Image Builder Infrastructure Configuration sweep for %s: %s", region, err)
+		return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors
+	}
+
+	if err != nil {
+		sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error listing Image Builder Infrastructure Configurations: %w", err))
+	}
+
+	return sweeperErrs.ErrorOrNil()
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_basic(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	iamInstanceProfileResourceName := "aws_iam_instance_profile.test"
 	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
 	resource.ParallelTest(t, resource.TestCase{
-		IDRefreshName: resourceName,
-		Providers:     testAccProviders,
-		CheckDestroy:  testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy,
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSImageBuilderInfrastructureConfiguration_basic(RandomString),
-				Check: resource.ComposeAggregateTestCheckFunc(
-					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
-					resource.TestCheckResourceAttrSet(resourceName, "instance_profile_name"),
-					resource.TestCheckResourceAttrSet(resourceName, "name"),
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigName(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRegionalARN(resourceName, "arn", "imagebuilder", fmt.Sprintf("infrastructure-configuration/%s", rName)),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_created"),
+					resource.TestCheckResourceAttr(resourceName, "date_updated", ""),
+					resource.TestCheckResourceAttr(resourceName, "description", ""),
+					resource.TestCheckResourceAttrPair(resourceName, "instance_profile_name", iamInstanceProfileResourceName, "name"),
+					resource.TestCheckResourceAttr(resourceName, "instance_types.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "key_pair", ""),
+					resource.TestCheckResourceAttr(resourceName, "logging.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "name", rName),
+					resource.TestCheckResourceAttr(resourceName, "resource_tags.%", "0"),
+					resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "sns_topic_arn", ""),
+					resource.TestCheckResourceAttr(resourceName, "subnet_id", ""),
+					resource.TestCheckResourceAttr(resourceName, "tags.%", "0"),
+					resource.TestCheckResourceAttr(resourceName, "terminate_instance_on_failure", "false"),
 				),
 			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
 
-//Check the configuration with everything
-func TestAccAWSImageBuilderInfrastructureConfiguration_advanced(t *testing.T) {
-	var conf imagebuilder.InfrastructureConfiguration
-	RandomString := fmt.Sprintf("tf-test-%d", acctest.RandInt())
+func TestAccAwsImageBuilderInfrastructureConfiguration_disappears(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
 
 	resource.ParallelTest(t, resource.TestCase{
-		IDRefreshName: resourceName,
-		Providers:     testAccProviders,
-		CheckDestroy:  testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy,
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSImageBuilderInfrastructureConfiguration_advanced(RandomString),
-				Check: resource.ComposeAggregateTestCheckFunc(
-					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
-					resource.TestCheckResourceAttr(resourceName, "instance_profile_name", RandomString),
-					resource.TestCheckResourceAttr(resourceName, "name", RandomString),
-					resource.TestCheckResourceAttr(resourceName, "description", "example desc"),
-					resource.TestCheckResourceAttr(resourceName, "key_pair", RandomString),
-					resource.TestCheckResourceAttrSet(resourceName, "sns_topic_arn"),
-					resource.TestCheckResourceAttrSet(resourceName, "subnet_id"),
-					resource.TestCheckResourceAttr(resourceName, "terminate_instance_on_failure", "false"),
-					resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", "1"),
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigName(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceDisappears(testAccProvider, resourceAwsImageBuilderInfrastructureConfiguration(), resourceName),
+				),
+				ExpectNonEmptyPlan: true,
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_Description(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigDescription(rName, "description1"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "description", "description1"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigDescription(rName, "description2"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttr(resourceName, "description", "description2"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_InstanceProfileName(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	iamInstanceProfileResourceName := "aws_iam_instance_profile.test"
+	iamInstanceProfileResourceName2 := "aws_iam_instance_profile.test2"
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceProfileName1(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttrPair(resourceName, "instance_profile_name", iamInstanceProfileResourceName, "name"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceProfileName2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttrPair(resourceName, "instance_profile_name", iamInstanceProfileResourceName2, "name"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_InstanceTypes(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceTypes1(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "instance_types.#", "1"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceTypes2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
 					resource.TestCheckResourceAttr(resourceName, "instance_types.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.0.s3_bucket_name", RandomString),
-					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.0.s3_key_prefix", "logs"),
 				),
 			},
 		},
 	})
 }
 
-//Test the tags work
-func TestAccAWSImageBuilderInfrastructureConfiguration_tags(t *testing.T) {
-	var conf imagebuilder.InfrastructureConfiguration
-	RandomString := fmt.Sprintf("tf-test-%d", acctest.RandInt())
+func TestAccAwsImageBuilderInfrastructureConfiguration_KeyPair(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	keyPairResourceName := "aws_key_pair.test"
+	keyPairResourceName2 := "aws_key_pair.test2"
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigKeyPair1(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttrPair(resourceName, "key_pair", keyPairResourceName, "key_name"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigKeyPair2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttrPair(resourceName, "key_pair", keyPairResourceName2, "key_name"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_Logging_S3Logs_S3BucketName(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	s3BucketResourceName := "aws_s3_bucket.test"
+	s3BucketResourceName2 := "aws_s3_bucket.test2"
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigLoggingS3LogsS3BucketName1(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "logging.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.#", "1"),
+					resource.TestCheckResourceAttrPair(resourceName, "logging.0.s3_logs.0.s3_bucket_name", s3BucketResourceName, "bucket"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigLoggingS3LogsS3BucketName2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttr(resourceName, "logging.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.#", "1"),
+					resource.TestCheckResourceAttrPair(resourceName, "logging.0.s3_logs.0.s3_bucket_name", s3BucketResourceName2, "bucket"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_Logging_S3Logs_S3KeyPrefix(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigLoggingS3LogsS3KeyPrefix(rName, "/prefix1/"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "logging.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.0.s3_key_prefix", "/prefix1/"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigLoggingS3LogsS3KeyPrefix(rName, "/prefix2/"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttr(resourceName, "logging.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "logging.0.s3_logs.0.s3_key_prefix", "/prefix2/"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_ResourceTags(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigResourceTags(rName, "key1", "value1"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "resource_tags.%", "1"),
+					resource.TestCheckResourceAttr(resourceName, "resource_tags.key1", "value1"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigResourceTags(rName, "key2", "value2"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttr(resourceName, "resource_tags.%", "1"),
+					resource.TestCheckResourceAttr(resourceName, "resource_tags.key2", "value2"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_SecurityGroupIds(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	securityGroupResourceName := "aws_security_group.test"
+	securityGroupResourceName2 := "aws_security_group.test2"
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigSecurityGroupIds1(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", "1"),
+					resource.TestCheckTypeSetElemAttrPair(resourceName, "security_group_ids.*", securityGroupResourceName, "id"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigSecurityGroupIds2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttr(resourceName, "security_group_ids.#", "1"),
+					resource.TestCheckTypeSetElemAttrPair(resourceName, "security_group_ids.*", securityGroupResourceName2, "id"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_SnsTopicArn(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	snsTopicResourceName := "aws_sns_topic.test"
+	snsTopicResourceName2 := "aws_sns_topic.test2"
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigSnsTopicArn1(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttrPair(resourceName, "sns_topic_arn", snsTopicResourceName, "arn"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigSnsTopicArn2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttrPair(resourceName, "sns_topic_arn", snsTopicResourceName2, "arn"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_SubnetId(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	subnetResourceName := "aws_subnet.test"
+	subnetResourceName2 := "aws_subnet.test2"
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigSubnetId1(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttrPair(resourceName, "subnet_id", subnetResourceName, "id"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigSubnetId2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttrPair(resourceName, "subnet_id", subnetResourceName2, "id"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAwsImageBuilderInfrastructureConfiguration_Tags(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
 
 	resource.ParallelTest(t, resource.TestCase{
-		IDRefreshName: resourceName,
-		Providers:     testAccProviders,
-		CheckDestroy:  testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy,
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSImageBuilderInfrastructureConfiguration_tags1(RandomString),
-				Check: resource.ComposeAggregateTestCheckFunc(
-					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
-					resource.TestCheckResourceAttrSet(resourceName, "instance_profile_name"),
-					resource.TestCheckResourceAttrSet(resourceName, "name"),
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigTags1(rName, "key1", "value1"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "tags.%", "1"),
+					resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"),
 				),
 			},
 			{
-				Config: testAccAWSImageBuilderInfrastructureConfiguration_tags2(RandomString),
-				Check: resource.ComposeAggregateTestCheckFunc(
-					testAccCheckAWSImageBuilderInfrastructureConfigurationExist(resourceName, &conf),
-					resource.TestCheckResourceAttrSet(resourceName, "instance_profile_name"),
-					resource.TestCheckResourceAttrSet(resourceName, "name"),
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigTags2(rName, "key1", "value1updated", "key2", "value2"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "tags.%", "2"),
+					resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"),
+					resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"),
+				),
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigTags1(rName, "key2", "value2"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "tags.%", "1"),
+					resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"),
 				),
 			},
 		},
 	})
 }
 
-func testAccCheckAWSImageBuilderInfrastructureConfigurationExist(n string, res *imagebuilder.InfrastructureConfiguration) resource.TestCheckFunc {
-	return func(s *terraform.State) error {
-		rs, ok := s.RootModule().Resources[n]
-		if !ok {
-			return fmt.Errorf("Not found: %s", n)
+func TestAccAwsImageBuilderInfrastructureConfiguration_TerminateInstanceOnFailure(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:          func() { testAccPreCheck(t) },
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigTerminateInstanceOnFailure(rName, true),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "terminate_instance_on_failure", "true"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAwsImageBuilderInfrastructureConfigurationConfigTerminateInstanceOnFailure(rName, false),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName),
+					testAccCheckResourceAttrRfc3339(resourceName, "date_updated"),
+					resource.TestCheckResourceAttr(resourceName, "terminate_instance_on_failure", "false"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAwsImageBuilderInfrastructureConfigurationDestroy(s *terraform.State) error {
+	conn := testAccProvider.Meta().(*AWSClient).imagebuilderconn
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_imagebuilder_infrastructure_configuration" {
+			continue
 		}
 
-		if rs.Primary.ID == "" {
-			return errors.New("No ImageBuilderInfrastructureConfiguration ID is set")
+		input := &imagebuilder.GetInfrastructureConfigurationInput{
+			InfrastructureConfigurationArn: aws.String(rs.Primary.ID),
 		}
 
-		conn := testAccProvider.Meta().(*AWSClient).imagebuilderconn
+		output, err := conn.GetInfrastructureConfiguration(input)
 
-		resp, err := conn.GetInfrastructureConfiguration(&imagebuilder.GetInfrastructureConfigurationInput{
-			InfrastructureConfigurationArn: aws.String(rs.Primary.Attributes["arn"]),
-		})
+		if tfawserr.ErrCodeEquals(err, imagebuilder.ErrCodeResourceNotFoundException) {
+			continue
+		}
 
 		if err != nil {
-			return err
+			return fmt.Errorf("error getting Image Builder Infrastructure Configuration (%s): %w", rs.Primary.ID, err)
 		}
 
-		if resp == nil || resp.InfrastructureConfiguration == nil {
-			return fmt.Errorf("Infrastructure configuration (%s) not found", rs.Primary.Attributes["name"])
+		if output != nil {
+			return fmt.Errorf("Image Builder Infrastructure Configuration (%s) still exists", rs.Primary.ID)
 		}
-		*res = *resp.InfrastructureConfiguration
-		return nil
 	}
-}
 
-func testAccCheckAWSImageBuilderInfrastructureConfigurationDestroy(s *terraform.State) error {
+	return nil
+}
 
-	for _, rs := range s.RootModule().Resources {
-		if rs.Type != "aws_imagebuilder_infrastructure_configuration" {
-			continue
+func testAccCheckAwsImageBuilderInfrastructureConfigurationExists(resourceName string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[resourceName]
+		if !ok {
+			return fmt.Errorf("resource not found: %s", resourceName)
 		}
 
 		conn := testAccProvider.Meta().(*AWSClient).imagebuilderconn
 
-		resp, err := conn.GetInfrastructureConfiguration(&imagebuilder.GetInfrastructureConfigurationInput{
-			InfrastructureConfigurationArn: aws.String(rs.Primary.Attributes["arn"]),
-		})
-
-		if err == nil {
-			if resp.InfrastructureConfiguration != nil {
-				return fmt.Errorf("ImageBuilderInfrastructureConfiguration %q still exists", rs.Primary.ID)
-			}
+		input := &imagebuilder.GetInfrastructureConfigurationInput{
+			InfrastructureConfigurationArn: aws.String(rs.Primary.ID),
 		}
 
-		// Verify the error
-		if awsErr, ok := err.(awserr.Error); ok {
-			if awsErr.Code() == "ResourceNotFoundException" {
-				return nil
-			}
+		_, err := conn.GetInfrastructureConfiguration(input)
+
+		if err != nil {
+			return fmt.Errorf("error getting Image Builder Infrastructure Configuration (%s): %w", rs.Primary.ID, err)
 		}
-		return err
-	}
 
-	return nil
+		return nil
+	}
 }
 
-func testAccAWSImageBuilderInfrastructureConfiguration_basic(ConfigurationName string) string {
+func testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName string) string {
 	return fmt.Sprintf(`
+data "aws_partition" "current" {}
+
+resource "aws_iam_instance_profile" "test" {
+  name = aws_iam_role.role.name
+  role = aws_iam_role.role.name
+}
 
+resource "aws_iam_role" "role" {
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [{
+      Action = "sts:AssumeRole"
+      Effect = "Allow"
+      Principal = {
+        Service = "ec2.${data.aws_partition.current.dns_suffix}"
+      }
+      Sid = ""
+    }]
+  })
+  name = %[1]q
+}
+`, rName)
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigDescription(rName string, description string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
 resource "aws_imagebuilder_infrastructure_configuration" "test" {
-  instance_profile_name = aws_iam_instance_profile.test_profile.name
-  name = "%[1]s"
+  description           = %[2]q
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+}
+`, rName, description))
 }
 
-resource "aws_iam_instance_profile" "test_profile" {
-  name = "%[1]s"
-  role = aws_iam_role.role.name
+func testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceProfileName1(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+}
+`, rName))
 }
 
-resource "aws_iam_role" "role" {
-  name = "%[1]s"
-  path = "/"
+func testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceProfileName2(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_iam_instance_profile" "test2" {
+  name = aws_iam_role.role2.name
+  role = aws_iam_role.role2.name
+}
 
-  assume_role_policy = <<EOF
-{
-    "Version": "2012-10-17",
-    "Statement": [
-       {
-            "Action": "sts:AssumeRole",
-            "Principal": {
-               "Service": "ec2.amazonaws.com"
-            },
-            "Effect": "Allow",
-            "Sid": ""
-        }
-    ]
+resource "aws_iam_role" "role2" {
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [{
+      Action = "sts:AssumeRole"
+      Effect = "Allow"
+      Principal = {
+        Service = "ec2.${data.aws_partition.current.dns_suffix}"
+      }
+      Sid = ""
+    }]
+  })
+  name = "%[1]s-2"
 }
-EOF
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test2.name
+  name                  = %[1]q
 }
-`, ConfigurationName)
+`, rName))
 }
 
-func testAccAWSImageBuilderInfrastructureConfiguration_advanced(ConfigurationName string) string {
-	return fmt.Sprintf(`
+func testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceTypes1(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		testAccAvailableEc2InstanceTypeForRegion("t3.medium", "t2.medium"),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_types        = [data.aws_ec2_instance_type_offering.available.instance_type]
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+}
+`, rName))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigInstanceTypes2(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		testAccAvailableEc2InstanceTypeForRegion("t3.large", "t2.large"),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_types        = [data.aws_ec2_instance_type_offering.available.instance_type]
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+}
+`, rName))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigKeyPair1(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
 resource "aws_key_pair" "test" {
-  key_name   = "%[1]s"
+  key_name   = %[1]q
+  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 example@example.com"
+}
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  key_pair              = aws_key_pair.test.key_name
+  name                  = %[1]q
+}
+`, rName))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigKeyPair2(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_key_pair" "test2" {
+  key_name   = "%[1]s-2"
   public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 example@example.com"
 }
 
 resource "aws_imagebuilder_infrastructure_configuration" "test" {
-  instance_profile_name = aws_iam_instance_profile.test_profile.name
-  name = "%[1]s"
-  description = "example desc"
-  instance_types = ["t3.micro"]
-  key_pair = aws_key_pair.test.key_name
-  logging  {
-    s3_logs  {
-      s3_bucket_name = aws_s3_bucket.example.bucket
-      s3_key_prefix = "logs"
+  instance_profile_name = aws_iam_instance_profile.test.name
+  key_pair              = aws_key_pair.test2.key_name
+  name                  = %[1]q
+}
+`, rName))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigLoggingS3LogsS3BucketName1(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket = %[1]q
+}
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+
+  logging {
+    s3_logs {
+      s3_bucket_name = aws_s3_bucket.test.bucket
     }
   }
-  security_group_ids = [aws_security_group.example.id]
-  sns_topic_arn = aws_sns_topic.example.arn
-  subnet_id = aws_subnet.main.id
-  terminate_instance_on_failure = false
+}
+`, rName))
 }
 
-resource "aws_iam_instance_profile" "test_profile" {
-  name = "%[1]s"
-  role = aws_iam_role.role.name
+func testAccAwsImageBuilderInfrastructureConfigurationConfigLoggingS3LogsS3BucketName2(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_s3_bucket" "test2" {
+  bucket = "%[1]s-2"
 }
 
-resource "aws_iam_role" "role" {
-  name = "%[1]s"
-  path = "/"
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
 
-  assume_role_policy = <<EOF
-{
-    "Version": "2012-10-17",
-    "Statement": [
-       {
-            "Action": "sts:AssumeRole",
-            "Principal": {
-               "Service": "ec2.amazonaws.com"
-            },
-            "Effect": "Allow",
-            "Sid": ""
-        }
-    ]
+  logging {
+    s3_logs {
+      s3_bucket_name = aws_s3_bucket.test2.bucket
+    }
+  }
 }
-EOF
+`, rName))
 }
 
-resource "aws_sns_topic" "example" {
-  name = "%[1]s"
+func testAccAwsImageBuilderInfrastructureConfigurationConfigLoggingS3LogsS3KeyPrefix(rName string, s3KeyPrefix string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_s3_bucket" "test" {
+  bucket = %[1]q
 }
 
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
 
-resource "aws_subnet" "main" {
-  vpc_id     = aws_vpc.main.id
-  cidr_block = "10.0.1.0/24"
+  logging {
+    s3_logs {
+      s3_bucket_name = aws_s3_bucket.test.bucket
+      s3_key_prefix  = %[2]q
+    }
+  }
+}
+`, rName, s3KeyPrefix))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigName(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
 }
+`, rName))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigResourceTags(rName string, resourceTagKey string, resourceTagValue string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
 
+  resource_tags = {
+    %[2]q = %[3]q
+  }
+}
+`, rName, resourceTagKey, resourceTagValue))
+}
 
-resource "aws_vpc" "main" {
+func testAccAwsImageBuilderInfrastructureConfigurationConfigSecurityGroupIds1(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_vpc" "test" {
   cidr_block = "10.0.0.0/16"
 }
 
-resource "aws_security_group" "example" {
-  name        = "%[1]s"
-  vpc_id      = aws_vpc.main.id
+resource "aws_security_group" "test" {
+  vpc_id = aws_vpc.test.id
 }
 
-resource "aws_s3_bucket" "example" {
-  bucket = %[1]q
-  acl    = "private"
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+  security_group_ids    = [aws_security_group.test.id]
+}
+`, rName))
 }
 
-`, ConfigurationName)
+func testAccAwsImageBuilderInfrastructureConfigurationConfigSecurityGroupIds2(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_vpc" "test" {
+  cidr_block = "10.0.0.0/16"
 }
 
-func testAccAWSImageBuilderInfrastructureConfiguration_tags1(ConfigurationName string) string {
-	return fmt.Sprintf(`
+resource "aws_security_group" "test2" {
+  vpc_id = aws_vpc.test.id
+}
 
 resource "aws_imagebuilder_infrastructure_configuration" "test" {
-  instance_profile_name = aws_iam_instance_profile.test_profile.name
-  name = "%[1]s"
-  tags = {
-    Name = "tf-test",
-  }
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+  security_group_ids    = [aws_security_group.test2.id]
+}
+`, rName))
 }
 
-resource "aws_iam_instance_profile" "test_profile" {
-  name = "%[1]s"
-  role = aws_iam_role.role.name
+func testAccAwsImageBuilderInfrastructureConfigurationConfigSubnetId1(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_vpc" "test" {
+  cidr_block = "10.0.0.0/16"
 }
 
-resource "aws_iam_role" "role" {
-  name = "%[1]s"
-  path = "/"
+resource "aws_security_group" "test" {
+  vpc_id = aws_vpc.test.id
+}
 
-  assume_role_policy = <<EOF
-{
-    "Version": "2012-10-17",
-    "Statement": [
-       {
-            "Action": "sts:AssumeRole",
-            "Principal": {
-               "Service": "ec2.amazonaws.com"
-            },
-            "Effect": "Allow",
-            "Sid": ""
-        }
-    ]
+resource "aws_subnet" "test" {
+  cidr_block = cidrsubnet(aws_vpc.test.cidr_block, 2, 0)
+  vpc_id     = aws_vpc.test.id
 }
-EOF
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+  security_group_ids    = [aws_security_group.test.id] # Required with subnet_id
+  subnet_id             = aws_subnet.test.id
 }
-`, ConfigurationName)
+`, rName))
 }
 
-func testAccAWSImageBuilderInfrastructureConfiguration_tags2(ConfigurationName string) string {
-	return fmt.Sprintf(`
+func testAccAwsImageBuilderInfrastructureConfigurationConfigSubnetId2(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_vpc" "test" {
+  cidr_block = "10.0.0.0/16"
+}
+
+resource "aws_security_group" "test" {
+  vpc_id = aws_vpc.test.id
+}
+
+resource "aws_subnet" "test2" {
+  cidr_block = cidrsubnet(aws_vpc.test.cidr_block, 2, 2)
+  vpc_id     = aws_vpc.test.id
+}
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+  security_group_ids    = [aws_security_group.test.id] # Required with subnet_id
+  subnet_id             = aws_subnet.test2.id
+}
+`, rName))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigSnsTopicArn1(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_sns_topic" "test" {
+  name = %[1]q
+}
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+  sns_topic_arn         = aws_sns_topic.test.arn
+}
+`, rName))
+}
+
+func testAccAwsImageBuilderInfrastructureConfigurationConfigSnsTopicArn2(rName string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_sns_topic" "test2" {
+  name = "%[1]s-2"
+}
+
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+  sns_topic_arn         = aws_sns_topic.test2.arn
+}
+`, rName))
+}
 
+func testAccAwsImageBuilderInfrastructureConfigurationConfigTags1(rName string, tagKey1 string, tagValue1 string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
 resource "aws_imagebuilder_infrastructure_configuration" "test" {
-  instance_profile_name = aws_iam_instance_profile.test_profile.name
-  name = "%[1]s"
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+
   tags = {
-    Name = "tf-test",
-    ExtraName = "tf-test"
+    %[2]q = %[3]q
   }
 }
+`, rName, tagKey1, tagValue1))
+}
 
-resource "aws_iam_instance_profile" "test_profile" {
-  name = "%[1]s"
-  role = aws_iam_role.role.name
+func testAccAwsImageBuilderInfrastructureConfigurationConfigTags2(rName string, tagKey1 string, tagValue1 string, tagKey2 string, tagValue2 string) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+
+  tags = {
+    %[2]q = %[3]q
+    %[4]q = %[5]q
+  }
+}
+`, rName, tagKey1, tagValue1, tagKey2, tagValue2))
 }
 
-resource "aws_iam_role" "role" {
-  name = "%[1]s"
-  path = "/"
-
-  assume_role_policy = <<EOF
-{
-    "Version": "2012-10-17",
-    "Statement": [
-       {
-            "Action": "sts:AssumeRole",
-            "Principal": {
-               "Service": "ec2.amazonaws.com"
-            },
-            "Effect": "Allow",
-            "Sid": ""
-        }
-    ]
-}
-EOF
-}
-`, ConfigurationName)
+func testAccAwsImageBuilderInfrastructureConfigurationConfigTerminateInstanceOnFailure(rName string, terminateInstanceOnFailure bool) string {
+	return composeConfig(
+		testAccAwsImageBuilderInfrastructureConfigurationConfigBase(rName),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name         = aws_iam_instance_profile.test.name
+  name                          = %[1]q
+  terminate_instance_on_failure = %[2]t
+}
+`, rName, terminateInstanceOnFailure))
 }
diff --git a/website/docs/d/imagebuilder_infrastructure_configuration.html.markdown b/website/docs/d/imagebuilder_infrastructure_configuration.html.markdown
new file mode 100644
index 00000000000..a7e81dbd3c0
--- /dev/null
+++ b/website/docs/d/imagebuilder_infrastructure_configuration.html.markdown
@@ -0,0 +1,47 @@
+---
+subcategory: "Image Builder"
+layout: "aws"
+page_title: "AWS: aws_imagebuilder_infrastructure_configuration"
+description: |-
+    Provides details about an Image Builder Infrastructure Configuration
+---
+
+# Data Source: aws_imagebuilder_infrastructure_configuration
+
+Provides details about an Image Builder Infrastructure Configuration.
+
+## Example Usage
+
+```hcl
+data "aws_imagebuilder_infrastructure_configuration" "example" {
+  arn = "arn:aws:imagebuilder:us-west-2:aws:infrastructure-configuration/example"
+}
+```
+
+## Argument Reference
+
+The following arguments are required:
+
+* `arn` - (Required) Amazon Resource Name (ARN) of the infrastructure configuration.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `date_created` - Date the infrastructure configuration was created.
+* `date_created` - Date the infrastructure configuration was updated.
+* `description` - Description of the infrastructure configuration.
+* `instance_profile_name` - Name of the IAM Instance Profile associated with the configuration.
+* `instance_types` - Set of EC2 Instance Types associated with the configuration.
+* `key_pair` - Name of the EC2 Key Pair associated with the configuration.
+* `logging` - Nested list of logging settings.
+    * `s3_logs` - Nested list of S3 logs settings.
+        * `s3_bucket_name` - Name of the S3 Bucket for logging.
+        * `s3_key_prefix` - Key prefix for S3 Bucket logging.
+* `name` - Name of the infrastructure configuration.
+* `resource_tags` - Key-value map of resource tags for the infrastructure created by the infrastructure configuration.
+* `security_group_ids` - Set of EC2 Security Group identifiers associated with the configuration.
+* `sns_topic_arn` - Amazon Resource Name (ARN) of the SNS Topic associated with the configuration.
+* `subnet_id` - Identifier of the EC2 Subnet associated with the configuration.
+* `tags` - Key-value map of resource tags for the infrastructure configuration.
+* `terminate_instance_on_failure` - Whether instances are terminated on failure.
diff --git a/website/docs/r/imagebuilder_infrastructure_configuration.html.markdown b/website/docs/r/imagebuilder_infrastructure_configuration.html.markdown
index a848ae8303f..b83cdf3979e 100644
--- a/website/docs/r/imagebuilder_infrastructure_configuration.html.markdown
+++ b/website/docs/r/imagebuilder_infrastructure_configuration.html.markdown
@@ -3,32 +3,34 @@ subcategory: "Image Builder"
 layout: "aws"
 page_title: "AWS: aws_imagebuilder_infrastructure_configuration"
 description: |-
-  Provides AWS Image Builder infrasctracture configuration 
+  Manages an Image Builder Infrastructure Configuration
 ---
 
 # Resource: aws_imagebuilder_infrastructure_configuration
-Provides AWS Image Builder infrasctracture configuration
+
+Manages an Image Builder Infrastructure Configuration.
 
 ## Example Usage
 
 ```hcl
-# Create new infrastructure configuration
-resource "aws_imagebuilder_infrastructure_configuration" "test" {
-  instance_profile_name = aws_iam_instance_profile.test_profile.name
-  name                  = "example"
-  description           = "example desc"
-  instance_types        = ["t2.nano", "t3.micro"]
-  key_pair              = aws_key_pair.example.key_name
+resource "aws_imagebuilder_infrastructure_configuration" "example" {
+  description                   = "example description"
+  instance_profile_name         = aws_iam_instance_profile.example.name
+  instance_types                = ["t2.nano", "t3.micro"]
+  key_pair                      = aws_key_pair.example.key_name
+  name                          = "example"
+  security_group_ids            = [aws_security_group.example.id]
+  sns_topic_arn                 = aws_sns_topic.example.arn
+  subnet_id                     = aws_subnet.main.id
+  terminate_instance_on_failure = true
+
   logging {
     s3_logs {
       s3_bucket_name = aws_s3_bucket.example.bucket
       s3_key_prefix  = "logs"
     }
   }
-  security_group_ids            = [aws_security_group.example.id]
-  sns_topic_arn                 = aws_sns_topic.example.arn
-  subnet_id                     = aws_subnet.main.id
-  terminate_instance_on_failure = true
+
   tags = {
     foo = "bar"
   }
@@ -37,41 +39,53 @@ resource "aws_imagebuilder_infrastructure_configuration" "test" {
 
 ## Argument Reference
 
-The following arguments are supported:
+The following arguments are required:
+
+* `instance_profile_name` - (Required) Name of IAM Instance Profile.
+* `name` - (Required) Name for the configuration.
+
+The following arguments are optional:
+
+* `description` - (Optional) Description for the configuration.
+* `instance_types` - (Optional) Set of EC2 Instance Types.
+* `key_pair` - (Optional) Name of EC2 Key Pair.
+* `logging` - (Optional) Configuration block with logging settings. Detailed below.
+* `resource_tags` - (Optional) Key-value map of resource tags to assign to infrastructure created by the configuration.
+* `security_group_ids` - (Optional) Set of EC2 Security Group identifiers.
+* `sns_topic_arn` - (Optional) Amazon Resource Name (ARN) of SNS Topic.
+* `subnet_id` - (Optional) EC2 Subnet identifier. Also requires `security_group_ids` argument.
+* `tags` - (Optional) Key-value map of resource tags to assign to the configuration.
+* `terminate_instance_on_failure` - (Optional) Enable if the instance should be terminated when the pipeline fails. Defaults to `false`.
+
+### logging
+
+The following arguments are required:
+
+* `s3_logs` - (Required) Configuration block with S3 logging settings. Detailed below.
+
+### s3_logs
+
+The following arguments are required:
 
-* `instance_profile_name` - (Required) The name of iam instance profile.
-* `name` - (Required) The name of the imgage builder infrastructure configuration.
-* `description` - (Optional) The description of the imgage builder infrastructure configuration.
-* `instance_types` - (Optional) A list of instance to use.
-* `key_pair` - (Optional) The name of your key pair
-* `logging` - (Optional) The logging configuration, see below for details.
-* `security_group_ids` - (Optional) A list of security groups to assign to resource, mandatory if subnet provider.
-* `sns_topic_arn` - (Optional) The ARN of sns topic to use.
-* `subnet_id` - (Optional) The id of subnet to use, if provided requires that security groups also be provided. 
-* `tags` - (Optional) A map of tags to assign to the resource.
-* `terminate_instance_on_failure` - (Optional) should the instance be terminated when the pipeline fails (Default: false).
+* `s3_bucket_name` - (Required) Name of the S3 Bucket.
 
-### Logging
-The logging object support the following blocks:
-* s3_logs
+The following arguments are optional:
 
-The s3_logs block supports the following arguments:
-* `s3_bucket_name` - (Required) The name of the bucket to use.
-* `s3_key_prefix` - (Optional) The prefix to use for logs (Default: "/").
+* `s3_key_prefix` - (Optional) Prefix to use for S3 logs. Defaults to `/`.
 
 ## Attributes Reference
 
-The following attributes are exported in addition to the arguments listed above:
+In addition to all arguments above, the following attributes are exported:
 
-* `id` - The ARN of the configuration (matches `arn`).
-* `arn` - The ARN of the configuration  (matches `id`).
-* `date_created` - The timestamp when the configuration was created.
-* `date_updated` - The timestamp when the configuration was updated.
+* `id` - Amazon Resource Name (ARN) of the configuration.
+* `arn` - Amazon Resource Name (ARN) of the configuration.
+* `date_created` - Date when the configuration was created.
+* `date_updated` - Date when the configuration was updated.
 
 ## Import
 
-Infrastructure configuration can be imported using the ARN , e.g.
+`aws_imagebuilder_infrastructure_configuration` can be imported using the Amazon Resource Name (ARN), e.g.
 
 ```
-$ terraform import aws_imagebuilder_infrastructure_configuration.test '<ARN>'
+$ terraform import aws_imagebuilder_infrastructure_configuration.example arn:aws:imagebuilder:us-east-1:123456789012:infrastructure-component/example
 ```