hashicorp · ewbankkit · Jan 20, 2023 · Jan 20, 2023 · Jan 20, 2023 · Jan 20, 2023
@@ -0,0 +1,3 @@
+```release-note:bug
+resource/aws_api_gateway_integration: Prevent drift of `connection_type` attribute when `aws_api_gateway_deployment` `triggers` are used
+```
@@ -226,6 +226,8 @@ rules:
     paths:
       include:
         - internal/
+      exclude:
+        - internal/service/apigateway/integration.go
     patterns:
       - pattern-either:
           - pattern: |

@@ -271,6 +271,30 @@ func TestAccAPIGatewayDeployment_variables(t *testing.T) {
 	})
 }
 
+// https://github.com/hashicorp/terraform-provider-aws/issues/28997.
+func TestAccAPIGatewayDeployment_conflictingConnectionType(t *testing.T) {
+	ctx := acctest.Context(t)
+	var deployment apigateway.Deployment
+	resourceName := "aws_api_gateway_deployment.test"
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.PreCheck(t); acctest.PreCheckAPIGatewayTypeEDGE(t) },
+		ErrorCheck:               acctest.ErrorCheck(t, apigateway.EndpointsID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckDeploymentDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDeploymentConfig_conflictingConnectionType(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckDeploymentExists(ctx, resourceName, &deployment),
+				),
+				ExpectNonEmptyPlan: true,
+			},
+		},
+	})
+}
+
 func testAccCheckDeploymentExists(ctx context.Context, n string, res *apigateway.Deployment) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[n]
@@ -369,7 +393,7 @@ func testAccDeploymentImportStateIdFunc(resourceName string) resource.ImportStat
 	}
 }
 
-func testAccDeploymentBaseConfig(uri string) string {
+func testAccDeploymentConfig_base(uri string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
   name = "tf-acc-test-deployment"
@@ -401,7 +425,7 @@ resource "aws_api_gateway_integration" "test" {
   http_method = aws_api_gateway_method.test.http_method
 
   type                    = "HTTP"
-  uri                     = "%s"
+  uri                     = %[1]q
   integration_http_method = "GET"
 }
 
@@ -415,7 +439,7 @@ resource "aws_api_gateway_integration_response" "test" {
 }
 
 func testAccDeploymentConfig_triggers(description string, url string) string {
-	return testAccDeploymentBaseConfig(url) + fmt.Sprintf(`
+	return acctest.ConfigCompose(testAccDeploymentConfig_base(url), fmt.Sprintf(`
 resource "aws_api_gateway_deployment" "test" {
   description       = %[1]q
   rest_api_id       = aws_api_gateway_rest_api.test.id
@@ -430,63 +454,115 @@ resource "aws_api_gateway_deployment" "test" {
     create_before_destroy = true
   }
 }
-`, description)
+`, description))
 }
 
 func testAccDeploymentConfig_description(description string) string {
-	return testAccDeploymentBaseConfig("http://example.com") + fmt.Sprintf(`
+	return acctest.ConfigCompose(testAccDeploymentConfig_base("http://example.com"), fmt.Sprintf(`
 resource "aws_api_gateway_deployment" "test" {
   depends_on = [aws_api_gateway_integration.test]
 
-  description = %q
+  description = %[1]q
   rest_api_id = aws_api_gateway_rest_api.test.id
 }
-`, description)
+`, description))
 }
 
 func testAccDeploymentConfig_required() string {
-	return testAccDeploymentBaseConfig("http://example.com") + `
+	return acctest.ConfigCompose(testAccDeploymentConfig_base("http://example.com"), `
 resource "aws_api_gateway_deployment" "test" {
   depends_on = [aws_api_gateway_integration.test]
 
   rest_api_id = aws_api_gateway_rest_api.test.id
 }
-`
+`)
 }
 
 func testAccDeploymentConfig_stageDescription(stageDescription string) string {
-	return testAccDeploymentBaseConfig("http://example.com") + fmt.Sprintf(`
+	return acctest.ConfigCompose(testAccDeploymentConfig_base("http://example.com"), fmt.Sprintf(`
 resource "aws_api_gateway_deployment" "test" {
   depends_on = [aws_api_gateway_integration.test]
 
   rest_api_id       = aws_api_gateway_rest_api.test.id
-  stage_description = %q
+  stage_description = %[1]q
   stage_name        = "tf-acc-test"
 }
-`, stageDescription)
+`, stageDescription))
 }
 
 func testAccDeploymentConfig_stageName(stageName string) string {
-	return testAccDeploymentBaseConfig("http://example.com") + fmt.Sprintf(`
+	return acctest.ConfigCompose(testAccDeploymentConfig_base("http://example.com"), fmt.Sprintf(`
 resource "aws_api_gateway_deployment" "test" {
   depends_on = [aws_api_gateway_integration.test]
 
   rest_api_id = aws_api_gateway_rest_api.test.id
-  stage_name  = %q
+  stage_name  = %[1]q
 }
-`, stageName)
+`, stageName))
 }
 
 func testAccDeploymentConfig_variables(key1, value1 string) string {
-	return testAccDeploymentBaseConfig("http://example.com") + fmt.Sprintf(`
+	return acctest.ConfigCompose(testAccDeploymentConfig_base("http://example.com"), fmt.Sprintf(`
 resource "aws_api_gateway_deployment" "test" {
   depends_on = [aws_api_gateway_integration.test]
 
   rest_api_id = aws_api_gateway_rest_api.test.id
 
   variables = {
-    %q = %q
+    %[1]q = %[2]q
+  }
+}
+`, key1, value1))
+}
+
+func testAccDeploymentConfig_conflictingConnectionType(rName string) string {
+	return acctest.ConfigCompose(acctest.ConfigLambdaBase(rName, rName, rName), fmt.Sprintf(`
+resource "aws_api_gateway_rest_api" "test" {
+  name = %[1]q
+}
+
+resource "aws_api_gateway_resource" "test" {
+  rest_api_id = aws_api_gateway_rest_api.test.id
+  parent_id   = aws_api_gateway_rest_api.test.root_resource_id
+  path_part   = "test"
+}
+
+resource "aws_api_gateway_method" "test" {
+  rest_api_id   = aws_api_gateway_rest_api.test.id
+  resource_id   = aws_api_gateway_resource.test.id
+  http_method   = "GET"
+  authorization = "NONE"
+}
+resource "aws_api_gateway_deployment" "test" {
+  description = "The deployment"
+  rest_api_id = aws_api_gateway_rest_api.test.id
+  triggers = {
+    redeployment = sha1(join(",", tolist([
+      jsonencode(aws_api_gateway_integration.test),
+    ])))
   }
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
+resource "aws_api_gateway_integration" "test" {
+  rest_api_id = aws_api_gateway_rest_api.test.id
+  resource_id = aws_api_gateway_resource.test.id
+  http_method = aws_api_gateway_method.test.http_method
+
+  integration_http_method = "POST"
+  type                    = "AWS_PROXY"
+  uri                     = aws_lambda_function.test.invoke_arn
+}
+
+resource "aws_lambda_function" "test" {
+  filename      = "test-fixtures/lambdatest.zip"
+  function_name = %[1]q
+  role          = aws_iam_role.iam_for_lambda.arn
+  handler       = "index.handler"
+  runtime       = "nodejs16.x"
 }
-`, key1, value1)
+`, rName))
 }
@@ -279,7 +279,9 @@ func resourceIntegrationRead(ctx context.Context, d *schema.ResourceData, meta i
 	d.Set("cache_namespace", integration.CacheNamespace)
 	d.Set("connection_id", integration.ConnectionId)
 	d.Set("connection_type", apigateway.ConnectionTypeInternet)
-	d.Set("connection_type", integration.ConnectionType)
+	if integration.ConnectionType != nil {
+		d.Set("connection_type", integration.ConnectionType)
+	}
 	d.Set("content_handling", integration.ContentHandling)
 	d.Set("credentials", integration.Credentials)
 	d.Set("integration_http_method", integration.HttpMethod)

@@ -441,7 +441,7 @@ func testAccIntegrationImportStateIdFunc(resourceName string) resource.ImportSta
 func testAccIntegrationConfig_basic(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = "%s"
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -488,7 +488,7 @@ resource "aws_api_gateway_integration" "test" {
 func testAccIntegrationConfig_update(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = "%s"
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -536,7 +536,7 @@ resource "aws_api_gateway_integration" "test" {
 func testAccIntegrationConfig_updateURI(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = "%s"
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -584,7 +584,7 @@ resource "aws_api_gateway_integration" "test" {
 func testAccIntegrationConfig_updateContentHandling(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = "%s"
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -632,7 +632,7 @@ resource "aws_api_gateway_integration" "test" {
 func testAccIntegrationConfig_removeContentHandling(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = "%s"
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -679,7 +679,7 @@ resource "aws_api_gateway_integration" "test" {
 func testAccIntegrationConfig_updateNoTemplates(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = "%s"
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -717,7 +717,7 @@ resource "aws_api_gateway_integration" "test" {
 func testAccIntegrationConfig_cacheKeyParameters(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = "%s"
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -771,36 +771,9 @@ resource "aws_api_gateway_integration" "test" {
 }
 
 func testAccIntegrationConfig_IntegrationTypeBase(rName string) string {
-	return fmt.Sprintf(`
-variable "name" {
-  default = "%s"
-}
-
-data "aws_availability_zones" "test" {
-  state = "available"
-
-  filter {
-    name   = "opt-in-status"
-    values = ["opt-in-not-required"]
-  }
-}
-
-resource "aws_vpc" "test" {
-  cidr_block = "10.10.0.0/16"
-
-  tags = {
-    Name = var.name
-  }
-}
-
-resource "aws_subnet" "test" {
-  vpc_id            = aws_vpc.test.id
-  cidr_block        = "10.10.0.0/24"
-  availability_zone = data.aws_availability_zones.test.names[0]
-}
-
+	return acctest.ConfigCompose(acctest.ConfigVPCWithSubnets(rName, 1), fmt.Sprintf(`
 resource "aws_api_gateway_rest_api" "test" {
-  name = var.name
+  name = %[1]q
 }
 
 resource "aws_api_gateway_resource" "test" {
@@ -821,21 +794,21 @@ resource "aws_api_gateway_method" "test" {
 }
 
 resource "aws_lb" "test" {
-  name               = var.name
+  name               = %[1]q
   internal           = true
   load_balancer_type = "network"
-  subnets            = [aws_subnet.test.id]
+  subnets            = aws_subnet.test[*].id
 }
 
 resource "aws_api_gateway_vpc_link" "test" {
-  name        = var.name
+  name        = %[1]q
   target_arns = [aws_lb.test.arn]
 }
-`, rName)
+`, rName))
 }
 
 func testAccIntegrationConfig_typeVPCLink(rName string) string {
-	return testAccIntegrationConfig_IntegrationTypeBase(rName) + `
+	return acctest.ConfigCompose(testAccIntegrationConfig_IntegrationTypeBase(rName), `
 resource "aws_api_gateway_integration" "test" {
   rest_api_id = aws_api_gateway_rest_api.test.id
   resource_id = aws_api_gateway_resource.test.id
@@ -850,11 +823,11 @@ resource "aws_api_gateway_integration" "test" {
   connection_type = "VPC_LINK"
   connection_id   = aws_api_gateway_vpc_link.test.id
 }
-`
+`)
 }
 
 func testAccIntegrationConfig_typeInternet(rName string) string {
-	return testAccIntegrationConfig_IntegrationTypeBase(rName) + `
+	return acctest.ConfigCompose(testAccIntegrationConfig_IntegrationTypeBase(rName), `
 resource "aws_api_gateway_integration" "test" {
   rest_api_id = aws_api_gateway_rest_api.test.id
   resource_id = aws_api_gateway_resource.test.id
@@ -866,7 +839,7 @@ resource "aws_api_gateway_integration" "test" {
   passthrough_behavior    = "WHEN_NO_MATCH"
   content_handling        = "CONVERT_TO_TEXT"
 }
-`
+`)
 }
 
 func testAccIntegrationConfig_tlsInsecureSkipVerification(rName string, insecureSkipVerification bool) string {