Skip to content

Commit

Permalink
Merge hashicorp 3.34.0 into main (#1)
Browse files Browse the repository at this point in the history
* tests/provider: Use string matching in testAccErrorCheckCommon() and catch all InvalidAction (#18283)

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/17566

Previously in AWS GovCloud (US):

```
=== CONT  TestAccAwsEc2ClientVpn_serial/NetworkAssociation_multipleSubnets
    resource_aws_ec2_client_vpn_network_association_test.go:144: Step 1/3 error: Error running apply: exit status 1

        Error: Error creating Client VPN endpoint: InvalidAction: The action CreateClientVpnEndpoint is not valid for this web service.
        	status code: 400, request id: 387e7807-e2b8-4314-9aa8-6cf2e33a0ded

          on terraform_plugin_test.tf line 61, in resource "aws_ec2_client_vpn_endpoint" "test":
          61: resource "aws_ec2_client_vpn_endpoint" "test" {

=== CONT  TestAccAwsEc2ClientVpn_serial/NetworkAssociation_securityGroups
    resource_aws_ec2_client_vpn_network_association_test.go:211: Step 1/3 error: Error running apply: exit status 1

        Error: Error creating Client VPN endpoint: InvalidAction: The action CreateClientVpnEndpoint is not valid for this web service.
        	status code: 400, request id: ad7a3b32-b650-4683-a7e0-945481550c6d

          on terraform_plugin_test.tf line 57, in resource "aws_ec2_client_vpn_endpoint" "test":
          57: resource "aws_ec2_client_vpn_endpoint" "test" {

=== CONT  TestAccAwsEc2ClientVpn_serial/NetworkAssociation_disappears
    resource_aws_ec2_client_vpn_network_association_test.go:186: Step 1/1 error: Error running apply: exit status 1

        Error: Error creating Client VPN endpoint: InvalidAction: The action CreateClientVpnEndpoint is not valid for this web service.
        	status code: 400, request id: feed7ccb-95a7-411f-b633-da58e8340392

          on terraform_plugin_test.tf line 56, in resource "aws_ec2_client_vpn_endpoint" "test":
          56: resource "aws_ec2_client_vpn_endpoint" "test" {

=== CONT  TestAccAwsEc2ClientVpn_serial/NetworkAssociation_basic
    resource_aws_ec2_client_vpn_network_association_test.go:105: Step 1/2 error: Error running apply: exit status 1

        Error: Error creating Client VPN endpoint: InvalidAction: The action CreateClientVpnEndpoint is not valid for this web service.
        	status code: 400, request id: 3f31766a-9288-4e46-9f35-6d7922e938ac

          on terraform_plugin_test.tf line 56, in resource "aws_ec2_client_vpn_endpoint" "test":
          56: resource "aws_ec2_client_vpn_endpoint" "test" {

--- FAIL: TestAccAwsEc2ClientVpn_serial (0.54s)
    --- FAIL: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_securityGroups (32.03s)
    --- FAIL: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_multipleSubnets (32.06s)
    --- FAIL: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_disappears (31.96s)
    --- FAIL: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_basic (33.01s)
```

Output from acceptance testing in AWS GovCloud (US):

```
--- PASS: TestAccAwsEc2ClientVpn_serial (0.41s)
    --- SKIP: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_disappears (30.61s)
    --- SKIP: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_securityGroups (31.10s)
    --- SKIP: TestAccAwsEc2ClientVpn_serial/NetworkAssociation_basic (31.01s)
```

* tests/provider: Fix and enable linting for immediate dereference after AWS SDK Go pointer conversion (#18024)

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/12992

This is akin to `*&var`, which is flagged by the Go toolchain.

* tests/provider: Fix compilation-time randomization in test configuration, enable semgrep rule to catch coding issue (#18220)

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18175
Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18204

Also adds `ErrorCheck` while adjusting these tests.

Previously:

```
aws/data_source_aws_cloudfront_distribution_test.go
severity:warning rule:helper-acctest-RandInt-compiled: Using `acctest.RandInt()` in constant or variable declaration will execute during compilation and not randomize, pass into string generating function instead
36:var testAccAWSCloudFrontDistributionData = fmt.Sprintf(`
37:%s
38:
39:data "aws_cloudfront_distribution" "test" {
40:  id = aws_cloudfront_distribution.s3_distribution.id
41:}
42:`, fmt.Sprintf(testAccAWSCloudFrontDistributionS3ConfigWithTags, acctest.RandInt(), originBucket, logBucket, testAccAWSCloudFrontDistributionRetainConfig()))

aws/data_source_aws_ecs_cluster_test.go
severity:warning rule:helper-acctest-RandInt-compiled: Using `acctest.RandInt()` in constant or variable declaration will execute during compilation and not randomize, pass into string generating function instead
50:var testAccCheckAwsEcsClusterDataSourceConfig = fmt.Sprintf(`
51:resource "aws_ecs_cluster" "default" {
52:  name = "default-%d"
53:}
54:
55:data "aws_ecs_cluster" "default" {
56:  cluster_name = aws_ecs_cluster.default.name
57:}
58:`, acctest.RandInt())
--------------------------------------------------------------------------------
60:var testAccCheckAwsEcsClusterDataSourceConfigContainerInsights = fmt.Sprintf(`
61:resource "aws_ecs_cluster" "default" {
62:  name = "default-%d"
63:
64:  setting {
65:    name  = "containerInsights"
66:    value = "enabled"
67:  }
68:}
69:
-------- [hid 4 additional lines, adjust with --max-lines-per-finding] ---------

aws/data_source_aws_ecs_service_test.go
severity:warning rule:helper-acctest-RandInt-compiled: Using `acctest.RandInt()` in constant or variable declaration will execute during compilation and not randomize, pass into string generating function instead
34:var testAccCheckAwsEcsServiceDataSourceConfig = fmt.Sprintf(`
35:resource "aws_ecs_cluster" "test" {
36:  name = "tf-acc-%d"
37:}
38:
39:resource "aws_ecs_task_definition" "test" {
40:  family = "mongodb"
41:
42:  container_definitions = <<DEFINITION
43:[
-------- [hid 24 additional lines, adjust with --max-lines-per-finding] --------

aws/resource_aws_cloudfront_distribution_test.go
severity:warning rule:helper-acctest-RandInt-compiled: Using `acctest.RandInt()` in constant or variable declaration will execute during compilation and not randomize, pass into string generating function instead
1439:var testAccAWSCloudFrontDistributionCustomConfig = fmt.Sprintf(`
1440:variable rand_id {
1441:  default = %d
1442:}
1443:
1444:# log bucket
1445:%s
1446:
1447:resource "aws_cloudfront_distribution" "custom_distribution" {
1448:  origin {
-------- [hid 59 additional lines, adjust with --max-lines-per-finding] --------
1509:var testAccAWSCloudFrontDistributionOriginRequestPolicyConfigDefault = fmt.Sprintf(`
1510:variable rand_id {
1511:  default = %[1]d
1512:}
1513:
1514:# log bucket
1515:%[2]s
1516:
1517:resource "aws_cloudfront_cache_policy" "example" {
1518:  name        = "test-policy%[1]d"
------- [hid 100 additional lines, adjust with --max-lines-per-finding] --------
1620:var testAccAWSCloudFrontDistributionOriginRequestPolicyConfigOrdered = fmt.Sprintf(`
1621:variable rand_id {
1622:  default = %[1]d
1623:}
1624:
1625:# log bucket
1626:%[2]s
1627:
1628:resource "aws_cloudfront_cache_policy" "example" {
1629:  name        = "test-policy%[1]d"
------- [hid 113 additional lines, adjust with --max-lines-per-finding] --------
1744:var testAccAWSCloudFrontDistributionMultiOriginConfig = fmt.Sprintf(`
1745:variable rand_id {
1746:  default = %d
1747:}
1748:
1749:# origin bucket
1750:%s
1751:
1752:# log bucket
1753:%s
------- [hid 112 additional lines, adjust with --max-lines-per-finding] --------
1867:var testAccAWSCloudFrontDistributionNoCustomErroResponseInfo = fmt.Sprintf(`
1868:variable rand_id {
1869:  default = %d
1870:}
1871:
1872:resource "aws_cloudfront_distribution" "no_custom_error_responses" {
1873:  origin {
1874:    domain_name = "www.example.com"
1875:    origin_id   = "myCustomOrigin"
1876:
-------- [hid 50 additional lines, adjust with --max-lines-per-finding] --------
1928:var testAccAWSCloudFrontDistributionNoOptionalItemsConfig = fmt.Sprintf(`
1929:variable rand_id {
1930:  default = %d
1931:}
1932:
1933:resource "aws_cloudfront_distribution" "no_optional_items" {
1934:  origin {
1935:    domain_name = "www.example.com"
1936:    origin_id   = "myCustomOrigin"
1937:
-------- [hid 41 additional lines, adjust with --max-lines-per-finding] --------
2076:var testAccAWSCloudFrontDistributionHTTP11Config = fmt.Sprintf(`
2077:variable rand_id {
2078:  default = %d
2079:}
2080:
2081:resource "aws_cloudfront_distribution" "http_1_1" {
2082:  origin {
2083:    domain_name = "www.example.com"
2084:    origin_id   = "myCustomOrigin"
2085:
-------- [hid 47 additional lines, adjust with --max-lines-per-finding] --------
2134:var testAccAWSCloudFrontDistributionIsIPV6EnabledConfig = fmt.Sprintf(`
2135:variable rand_id {
2136:  default = %d
2137:}
2138:
2139:resource "aws_cloudfront_distribution" "is_ipv6_enabled" {
2140:  origin {
2141:    domain_name = "www.example.com"
2142:    origin_id   = "myCustomOrigin"
2143:
-------- [hid 48 additional lines, adjust with --max-lines-per-finding] --------
2193:var testAccAWSCloudFrontDistributionOrderedCacheBehavior = fmt.Sprintf(`
2194:variable rand_id {
2195:  default = %d
2196:}
2197:
2198:resource "aws_cloudfront_distribution" "main" {
2199:  origin {
2200:    domain_name = "www.hashicorp.com"
2201:    origin_id   = "myCustomOrigin"
2202:
-------- [hid 86 additional lines, adjust with --max-lines-per-finding] --------
2290:var testAccAWSCloudFrontDistributionOrderedCacheBehaviorCachePolicy = fmt.Sprintf(`
2291:variable rand_id {
2292:  default = %d
2293:}
2294:
2295:resource "aws_cloudfront_distribution" "main" {
2296:  origin {
2297:    domain_name = "www.hashicorp.com"
2298:    origin_id   = "myCustomOrigin"
2299:
-------- [hid 73 additional lines, adjust with --max-lines-per-finding] --------

aws/resource_aws_elasticache_cluster_test.go
severity:warning rule:helper-acctest-RandInt-compiled: Using `acctest.RandInt()` in constant or variable declaration will execute during compilation and not randomize, pass into string generating function instead
1025:var testAccAWSElasticacheClusterInVPCConfig = fmt.Sprintf(`
1026:data "aws_availability_zones" "available" {
1027:  state = "available"
1028:
1029:  filter {
1030:    name   = "opt-in-status"
1031:    values = ["opt-in-not-required"]
1032:  }
1033:}
1034:
-------- [hid 58 additional lines, adjust with --max-lines-per-finding] --------
1094:var testAccAWSElasticacheClusterMultiAZInVPCConfig = fmt.Sprintf(`
1095:data "aws_availability_zones" "available" {
1096:  state = "available"
1097:
1098:  filter {
1099:    name   = "opt-in-status"
1100:    values = ["opt-in-not-required"]
1101:  }
1102:}
1103:
-------- [hid 65 additional lines, adjust with --max-lines-per-finding] --------

aws/resource_aws_elasticache_replication_group_test.go
severity:warning rule:helper-acctest-RandInt-compiled: Using `acctest.RandInt()` in constant or variable declaration will execute during compilation and not randomize, pass into string generating function instead
1661:var testAccAWSElasticacheReplicationGroupInVPCConfig = fmt.Sprintf(`
1662:data "aws_availability_zones" "available" {
1663:  state = "available"
1664:
1665:  filter {
1666:    name   = "opt-in-status"
1667:    values = ["opt-in-not-required"]
1668:  }
1669:}
1670:
-------- [hid 49 additional lines, adjust with --max-lines-per-finding] --------
ran 12 rules on 2158 files: 17 findings
```

Output from acceptance testing:

```
--- PASS: TestAccAWSCloudFrontDistribution_customOrigin (377.36s)
--- PASS: TestAccAWSCloudFrontDistribution_DefaultCacheBehavior_ForwardedValues_Cookies_WhitelistedNames (202.77s)
--- PASS: TestAccAWSCloudFrontDistribution_DefaultCacheBehavior_ForwardedValues_Headers (191.20s)
--- PASS: TestAccAWSCloudFrontDistribution_DefaultCacheBehavior_RealtimeLogConfigArn (247.51s)
--- PASS: TestAccAWSCloudFrontDistribution_DefaultCacheBehavior_TrustedSigners (199.05s)
--- PASS: TestAccAWSCloudFrontDistribution_disappears (176.21s)
--- PASS: TestAccAWSCloudFrontDistribution_Enabled (541.17s)
--- PASS: TestAccAWSCloudFrontDistribution_HTTP11Config (399.22s)
--- PASS: TestAccAWSCloudFrontDistribution_IsIPV6EnabledConfig (399.21s)
--- PASS: TestAccAWSCloudFrontDistribution_multiOrigin (355.41s)
--- PASS: TestAccAWSCloudFrontDistribution_noCustomErrorResponseConfig (399.84s)
--- PASS: TestAccAWSCloudFrontDistribution_noOptionalItemsConfig (388.59s)
--- PASS: TestAccAWSCloudFrontDistribution_orderedCacheBehavior (373.92s)
--- PASS: TestAccAWSCloudFrontDistribution_OrderedCacheBehavior_ForwardedValues_Cookies_WhitelistedNames (236.34s)
--- PASS: TestAccAWSCloudFrontDistribution_OrderedCacheBehavior_ForwardedValues_Headers (192.33s)
--- PASS: TestAccAWSCloudFrontDistribution_OrderedCacheBehavior_RealtimeLogConfigArn (246.39s)
--- PASS: TestAccAWSCloudFrontDistribution_orderedCacheBehaviorCachePolicy (371.56s)
--- PASS: TestAccAWSCloudFrontDistribution_Origin_EmptyDomainName (5.01s)
--- PASS: TestAccAWSCloudFrontDistribution_Origin_EmptyOriginID (0.92s)
--- PASS: TestAccAWSCloudFrontDistribution_OriginGroups (338.79s)
--- PASS: TestAccAWSCloudFrontDistribution_originPolicyDefault (400.05s)
--- PASS: TestAccAWSCloudFrontDistribution_originPolicyOrdered (342.41s)
--- PASS: TestAccAWSCloudFrontDistribution_RetainOnDelete (401.36s)
--- PASS: TestAccAWSCloudFrontDistribution_S3Origin (313.50s)
--- PASS: TestAccAWSCloudFrontDistribution_S3OriginWithTags (459.80s)
--- PASS: TestAccAWSCloudFrontDistribution_ViewerCertificate_AcmCertificateArn (152.71s)
--- PASS: TestAccAWSCloudFrontDistribution_ViewerCertificate_AcmCertificateArn_ConflictsWithCloudFrontDefaultCertificate (162.56s)
--- PASS: TestAccAWSCloudFrontDistribution_WaitForDeployment (315.88s)

--- PASS: TestAccAWSDataSourceCloudFrontDistribution_basic (400.44s)

--- PASS: TestAccAWSEcsDataSource_ecsCluster (27.24s)
--- PASS: TestAccAWSEcsDataSource_ecsClusterContainerInsights (24.25s)

--- PASS: TestAccAWSEcsServiceDataSource_basic (84.98s)

--- PASS: TestAccAWSElasticacheCluster_multiAZInVpc (747.82s)
--- PASS: TestAccAWSElasticacheCluster_vpc (614.42s)

--- PASS: TestAccAWSElasticacheReplicationGroup_vpc (805.50s)
```

* tests/ds/apigatewayv2_api: Add ErrorCheck

* core_acc_test: Add ErrorCheck

* tests/ds/arn: Add ErrorCheck

* tests/ds/billing_service: Add ErrorCheck

* tests/r/cloudfront_cache_policy: Add ErrorCheck

* tests/r/cloudfront_distribution: Add ErrorCheck

* tests/r/cloudfront_origin_access_identity: Add ErrorCheck

* tests/r/cloudfront_origin_request_policy: Add ErrorCheck

* tests/r/cloudfront_public_key: Add ErrorCheck

* tests/r/cloudfront_realtime_log_config: Add ErrorCheck

* tests/ds/cloudfront_cache_policy: Add ErrorCheck

* tests/ds/cloudfront_origin_request_policy: Add ErrorCheck

* tests/ds/cloudtrail_service_account: Add ErrorCheck

* tests/ds/cloudwatch_log_group: Add ErrorCheck

* tests/ds/cur_report_definition: Add ErrorCheck

* tests/ds/ec2_transit_gateway_route_tables: Add ErrorCheck

* tests/ds/eks_cluster_auth: Add ErrorCheck

* tests/ds/elastic_beanstalk_hosted_zone: Add ErrorCheck

* tests/ds/elasticache_cluster: Add ErrorCheck

* tests/ds/elb_hosted_zone_id: Add ErrorCheck

* tests/ds/elb_service_account: Add ErrorCheck

* tests/ds/iam_policy_document: Add ErrorCheck

* tests/ds/iam_policy: Add ErrorCheck

* tests/ip_ranges: Add ErrorCheck

* tests/ds/kms_secret: Add ErrorCheck

* tests/ds/partition: Add ErrorCheck

* tests/ds/redshift_service_account: Add ErrorCheck

* tests/ds/sagemaker_prebuilt_ecr_image: Add ErrorCheck

* tests/provider: Add ErrorCheck

* tests/r/apigatewayv2_api_mapping: Add ErrorCheck

* tests/r/cloudfront_cache_policy: Add ErrorCheck

* tests/r/cloudfront_distribution: Add ErrorCheck

* tests/r/cloudfront_origin_access_identity: Add ErrorCheck

* tests/r/cloudfront_origin_request_policy: Add ErrorCheck

* tests/r/cloudfront_public_key: Add ErrorCheck

* tests/r/cloudfront_realtime_log_config: Add ErrorCheck

* tests/r/customer_gateway: Add ErrorCheck

* tests/r/db_parameter_group: Add ErrorCheck

* tests/r/default_route_table: Add ErrorCheck

* tests/r/default_security_group: Add ErrorCheck

* tests/r/default_vpc: Add ErrorCheck

* tests/r/ec2_carrier_gateway: Add ErrorCheck

* tests/r/ec2_client_vpn_network_association: Add ErrorCheck

* tests/r/ec2_tag: Add ErrorCheck

* tests/r/egress_only_internet_gateway: Add ErrorCheck

* tests/r/eip: Add ErrorCheck

* tests/r/elb_attachment: Add ErrorCheck

* tests/r/elb: Add ErrorCheck

* tests/provider: Add missing ErrorCheck to TestCase (#18306)

* tests/provider: Add missing ErrorCheck to TestCase

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18175

Previously:

```
aws/resource_aws_iam_group_policy_test.go:88:36: XAT001: missing ErrorCheck
aws/resource_aws_iam_group_policy_test.go:128:36: XAT001: missing ErrorCheck
aws/resource_aws_iam_instance_profile_test.go:75:36: XAT001: missing ErrorCheck
aws/resource_aws_iam_role_policy_test.go:102:36: XAT001: missing ErrorCheck
aws/resource_aws_iam_role_policy_test.go:147:36: XAT001: missing ErrorCheck
aws/resource_aws_iam_role_test.go:222:36: XAT001: missing ErrorCheck
aws/resource_aws_iam_user_policy_test.go:96:36: XAT001: missing ErrorCheck
aws/resource_aws_iam_user_policy_test.go:138:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:237:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:270:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:399:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:443:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:534:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:610:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:664:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:720:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:779:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:813:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:843:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:871:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:970:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:997:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1034:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1265:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1321:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1385:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1422:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1462:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1504:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:1564:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:3327:36: XAT001: missing ErrorCheck
aws/resource_aws_instance_test.go:3924:36: XAT001: missing ErrorCheck
aws/resource_aws_internet_gateway_test.go:143:36: XAT001: missing ErrorCheck
aws/resource_aws_internet_gateway_test.go:189:36: XAT001: missing ErrorCheck
aws/resource_aws_internet_gateway_test.go:213:36: XAT001: missing ErrorCheck
aws/resource_aws_key_pair_test.go:170:36: XAT001: missing ErrorCheck
aws/resource_aws_nat_gateway_test.go:63:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:310:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:352:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:386:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:441:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:466:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:494:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:539:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:587:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:623:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:679:36: XAT001: missing ErrorCheck
aws/resource_aws_network_acl_test.go:709:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_attachment_test.go:16:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:74:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:108:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:155:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:200:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:269:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:302:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:330:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:358:36: XAT001: missing ErrorCheck
aws/resource_aws_network_interface_test.go:398:36: XAT001: missing ErrorCheck
aws/resource_aws_opsworks_stack_test.go:228:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:231:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:281:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:316:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:354:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:398:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:416:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:735:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:770:36: XAT001: missing ErrorCheck
aws/resource_aws_route_table_test.go:913:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:686:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1058:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1238:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1273:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1317:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1354:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1390:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1416:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1449:36: XAT001: missing ErrorCheck
aws/resource_aws_security_group_test.go:1561:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:130:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:167:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:211:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:268:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:310:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:352:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:416:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:474:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:497:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:563:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:603:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:646:36: XAT001: missing ErrorCheck
aws/resource_aws_subnet_test.go:789:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_endpoint_connection_notification_test.go:19:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_endpoint_test.go:481:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:95:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:139:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:166:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:231:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:390:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:526:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:549:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_peering_connection_test.go:584:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_test.go:169:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_test.go:225:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_test.go:266:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_test.go:307:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_test.go:370:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_test.go:427:36: XAT001: missing ErrorCheck
aws/resource_aws_vpc_test.go:449:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_connection_test.go:100:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_connection_test.go:209:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_connection_test.go:317:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_connection_test.go:345:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_connection_test.go:372:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_connection_test.go:398:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_gateway_route_propagation_test.go:16:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_gateway_test.go:110:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_gateway_test.go:257:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_gateway_test.go:321:36: XAT001: missing ErrorCheck
aws/resource_aws_vpn_gateway_test.go:349:36: XAT001: missing ErrorCheck
```

* tests: Lint

Co-authored-by: Dirk Avery <[email protected]>

* tests: Enable XAT001, last fix

* provider: Enable tfproviderdocs enhanced contents checking (#18138)

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/15842

Fixes remaining reports and enables the additional checking. The tooling also supports flags for requiring alphabetical list sorting, but that can be enabled in the future.

Previously:

```
Error checking Terraform Provider documentation: 12 errors occurred:
	* website/docs/r/acmpca_certificate.html.markdown: error checking file contents: attributes section heading (Attribute Reference) should be: Attributes Reference
	* website/docs/r/acmpca_certificate_authority_certificate.html.markdown: error checking file contents: missing attributes section: ## Attributes Reference
	* website/docs/r/cognito_identity_provider.html.markdown: error checking file contents: missing attributes section: ## Attributes Reference
	* website/docs/r/config_conformance_pack.html.markdown: error checking file contents: attributes section byline (In addition to all arguments above (except for template_body and template_s3_uri), the following attributes are exported:) should be: "In addition to all arguments above, the following attributes are exported:" or "No additional attributes are exported."
	* website/docs/r/iam_user_group_membership.html.markdown: error checking file contents: attributes section byline should be: "In addition to all arguments above, the following attributes are exported:" or "No additional attributes are exported."
	* website/docs/r/networkfirewall_resource_policy.html.markdown: error checking file contents: attributes section byline (In addition to all arguments above, the following attribute is exported:) should be: "In addition to all arguments above, the following attributes are exported:" or "No additional attributes are exported."
	* website/docs/r/pinpoint_baidu_channel.markdown: error checking file contents: missing attributes section: ## Attributes Reference
	* website/docs/r/pinpoint_event_stream.markdown: error checking file contents: missing attributes section: ## Attributes Reference
	* website/docs/r/pinpoint_gcm_channel.markdown: error checking file contents: missing attributes section: ## Attributes Reference
	* website/docs/r/securityhub_invite_accepter.markdown: error checking file contents: attributes section byline (The following attributes are exported in addition to the arguments listed above:) should be: "In addition to all arguments above, the following attributes are exported:" or "No additional attributes are exported."
	* website/docs/r/ses_identity_notification_topic.markdown: error checking file contents: import section code block text should contain resource name: aws_ses_identity_notification_topic
	* website/docs/r/transfer_ssh_key.html.markdown: error checking file contents: missing attributes section: ## Attributes Reference

Error checking Terraform Provider documentation: 1 error occurred:
	* website/docs/r/securityhub_invite_accepter.markdown: error checking file contents: import section code block text should contain resource name: aws_securityhub_invite_accepter
```

* docs/resource/aws_kinesis_stream_consumer: Adjust example code block language from hcl to terraform

* docs/provider: Adjust remaining hcl code blocks to terraform

* r/aws_apigatewayv2_domain_name: Use internal finder and waiter packages.

Acceptance test output:

$ ACM_CERTIFICATE_ROOT_DOMAIN=<> make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_ -timeout 180m
=== RUN   TestAccAWSAPIGatewayV2DomainName_basic
=== PAUSE TestAccAWSAPIGatewayV2DomainName_basic
=== RUN   TestAccAWSAPIGatewayV2DomainName_disappears
=== PAUSE TestAccAWSAPIGatewayV2DomainName_disappears
=== RUN   TestAccAWSAPIGatewayV2DomainName_Tags
=== PAUSE TestAccAWSAPIGatewayV2DomainName_Tags
=== RUN   TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== PAUSE TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== RUN   TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT  TestAccAWSAPIGatewayV2DomainName_basic
=== CONT  TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== CONT  TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT  TestAccAWSAPIGatewayV2DomainName_Tags
=== CONT  TestAccAWSAPIGatewayV2DomainName_disappears
--- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (24.80s)
=== CONT  TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
    resource_aws_apigatewayv2_domain_name_test.go:279: Step 2/4 error: Error running apply: exit status 1
        2021/03/22 17:15:26 [DEBUG] Using modified User-Agent: Terraform/0.12.26 HashiCorp-terraform-exec/0.13.0

        Error: error updating API Gateway v2 domain name (tf-acc-01xy3s6uqmlgijxzyxaupimtxq7sqdaldcnzlpdqz8.ewbankkit.com): BadRequestException: Invalid input. Expected one domain name configuration

          on terraform_plugin_test.tf line 62, in resource "aws_apigatewayv2_domain_name" "test":
          62: resource "aws_apigatewayv2_domain_name" "test" {

--- FAIL: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (194.33s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_basic (210.10s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (296.94s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (430.93s)
FAIL
FAIL	github.com/terraform-providers/terraform-provider-aws/aws	431.633s
FAIL
GNUmakefile:27: recipe for target 'testacc' failed
make: *** [testacc] Error 1

* retry on ResourceConflictException during creation

* Generate 'GetDomainNamesPages'.

* r/aws_apigatewayv2_domain_name: Use internal lister package for sweeper.

Acceptance test output:

$ TEST=./aws SWEEP=us-west-2 SWEEPARGS=-sweep-run=aws_apigatewayv2_domain_name make sweep
WARNING: This will destroy infrastructure. Use only in development accounts.
go test ./aws -v -sweep=us-west-2 -sweep-run=aws_apigatewayv2_domain_name -timeout 60m
2021/03/23 10:24:20 [DEBUG] Running Sweepers for region (us-west-2):
2021/03/23 10:24:20 [DEBUG] Running Sweeper (aws_apigatewayv2_domain_name) in region (us-west-2)
2021/03/23 10:24:20 [INFO] AWS Auth provider used: "EnvProvider"
2021/03/23 10:24:20 [DEBUG] Trying to get account information via sts:GetCallerIdentity
2021/03/23 10:24:21 [DEBUG] Trying to get account information via sts:GetCallerIdentity
2021/03/23 10:24:22 [DEBUG] Deleting API Gateway v2 domain name (testing1.ewbankkit.com)
2021/03/23 10:24:23 Sweeper Tests ran successfully:
	- aws_apigatewayv2_domain_name
ok  	github.com/terraform-providers/terraform-provider-aws/aws	2.324s

* Add enable_execute_command to aws_ecs_service

Make tflint happy

* r/aws_apigatewayv2_domain_name: Always send domain name configuration on update of mutual TLS configuration.

Acceptance test output:

$ ACM_CERTIFICATE_ROOT_DOMAIN=ewbankkit.com make testacc TEST=./aws TESTARGS='-run=TestAccAWSAPIGatewayV2DomainName_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayV2DomainName_ -timeout 180m
=== RUN   TestAccAWSAPIGatewayV2DomainName_basic
=== PAUSE TestAccAWSAPIGatewayV2DomainName_basic
=== RUN   TestAccAWSAPIGatewayV2DomainName_disappears
=== PAUSE TestAccAWSAPIGatewayV2DomainName_disappears
=== RUN   TestAccAWSAPIGatewayV2DomainName_Tags
=== PAUSE TestAccAWSAPIGatewayV2DomainName_Tags
=== RUN   TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== PAUSE TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== RUN   TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== PAUSE TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT  TestAccAWSAPIGatewayV2DomainName_basic
=== CONT  TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication
=== CONT  TestAccAWSAPIGatewayV2DomainName_UpdateCertificate
=== CONT  TestAccAWSAPIGatewayV2DomainName_Tags
=== CONT  TestAccAWSAPIGatewayV2DomainName_disappears
--- PASS: TestAccAWSAPIGatewayV2DomainName_Tags (52.69s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_disappears (121.05s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_MutualTlsAuthentication (263.95s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_basic (347.90s)
--- PASS: TestAccAWSAPIGatewayV2DomainName_UpdateCertificate (469.99s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	470.492s

* Add CHANGELOG entry.

* tests/resource/aws_vpc_peering_connection: Remove ID-only refresh configuration (#18349)

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18348

Identifier only refresh testing is generally a legacy testing practice before full import testing was the normal convention. Certain functionality of `IDRefreshName` testing, such as alternate providers defined by the test configuration and `ProviderFactories`, is not compatible since there is no method to pass in the original configuration to prevent Terraform CLI errors such as:

```
=== CONT  TestAccAWSVPCPeeringConnection_region
    testing_new.go:214: Error running terraform refresh: exit status 1

        Error: Provider configuration not present

        To work with aws_vpc.peer (orphan) its original provider configuration at
        provider["registry.terraform.io/hashicorp/awsalternate"] is required, but it
        has been removed. This occurs when a provider configuration is removed while
        objects created by that provider still exist in the state. Re-add the provider
        configuration to destroy aws_vpc.peer (orphan), after which you can remove the
        provider configuration again.

--- FAIL: TestAccAWSVPCPeeringConnection_region (24.38s)
```

Import testing accepts a `Config`, which is how it does not have a similar issue. Will submit followup issue to fix the Go documentation in the Terraform Plugin SDK as this testing is not run by default and note this limitation. Will also submit followup issue to remove `IDRefreshIgnore` and `IDRefreshName` from all testing.

Output from acceptance testing:

```
--- PASS: TestAccAWSVPCPeeringConnection_peerRegionAutoAccept (13.29s)
--- PASS: TestAccAWSVPCPeeringConnection_failedState (14.70s)
--- PASS: TestAccAWSVPCPeeringConnection_plan (24.21s)
--- PASS: TestAccAWSVPCPeeringConnection_optionsNoAutoAccept (25.87s)
--- PASS: TestAccAWSVPCPeeringConnection_basic (27.94s)
--- PASS: TestAccAWSVPCPeeringConnection_region (30.92s)
--- PASS: TestAccAWSVPCPeeringConnection_options (60.28s)
--- PASS: TestAccAWSVPCPeeringConnection_accept (61.32s)
--- PASS: TestAccAWSVPCPeeringConnection_tags (62.79s)
```

* Updates documentation for `automatic_failover_enabled` to remove reference to multi-az and add requirement for `number_cache_clusters`

* tests/provider: Fix and enable AWS SDK Go pointer conversion linting (C resources) (#18335)

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/12992

Previously:

```
aws/resource_aws_cloud9_environment_ec2.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
132:			status := *out.Status

aws/resource_aws_cloudfront_distribution_test.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
53:		distributionID := *distributionSummary.Id

aws/resource_aws_cloudfront_origin_request_policy.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
161:	originRequestPolicy := *resp.OriginRequestPolicy.OriginRequestPolicyConfig

aws/resource_aws_cloudtrail.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
569:		item["read_write_type"] = *raw.ReadWriteType
--------------------------------------------------------------------------------
570:		item["include_management_events"] = *raw.IncludeManagementEvents
--------------------------------------------------------------------------------
584:		item["type"] = *raw.Type
--------------------------------------------------------------------------------
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-conditional: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
262:		if d.Id() == *c.Name {

aws/resource_aws_cloudwatch_log_destination.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-conditional: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
142:		if *destination.DestinationName == name {

aws/resource_aws_cloudwatch_log_metric_filter.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-conditional: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
173:		if *mf.FilterName == name {

aws/resource_aws_cloudwatch_log_resource_policy.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-conditional: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
107:		if *resourcePolicy.PolicyName == name {

aws/resource_aws_cloudwatch_log_stream.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-conditional: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
152:		if *ls.LogStreamName == name {

aws/resource_aws_cloudwatch_metric_alarm.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
310:	arn := *resp.AlarmArn
--------------------------------------------------------------------------------
581:		flatDims[*d.Name] = *d.Value

aws/resource_aws_codedeploy_deployment_group.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
1111:			l["key"] = *tf.Key
--------------------------------------------------------------------------------
1114:			l["value"] = *tf.Value
--------------------------------------------------------------------------------
1117:			l["type"] = *tf.Type
--------------------------------------------------------------------------------
1130:			l["key"] = *tf.Key
--------------------------------------------------------------------------------
1133:			l["value"] = *tf.Value
--------------------------------------------------------------------------------
1136:			l["type"] = *tf.Type
--------------------------------------------------------------------------------
1171:		item["trigger_name"] = *tc.TriggerName
--------------------------------------------------------------------------------
1172:		item["trigger_target_arn"] = *tc.TriggerTargetArn
--------------------------------------------------------------------------------
1187:		item["enabled"] = *config.Enabled
--------------------------------------------------------------------------------
1210:		item["enabled"] = *config.Enabled
--------------------------------------------------------------------------------
1211:		item["ignore_poll_alarm_failure"] = *config.IgnorePollAlarmFailure
--------------------------------------------------------------------------------
1315:		item["deployment_option"] = *style.DeploymentOption
--------------------------------------------------------------------------------
1318:		item["deployment_type"] = *style.DeploymentType
--------------------------------------------------------------------------------
1355:			deploymentReadyOption["action_on_timeout"] = *config.DeploymentReadyOption.ActionOnTimeout
--------------------------------------------------------------------------------
1358:			deploymentReadyOption["wait_time_in_minutes"] = *config.DeploymentReadyOption.WaitTimeInMinutes
--------------------------------------------------------------------------------
1369:			greenFleetProvisioningOption["action"] = *config.GreenFleetProvisioningOption.Action
--------------------------------------------------------------------------------
1380:			blueInstanceTerminationOption["action"] = *config.TerminateBlueInstancesOnDeploymentSuccess.Action
--------------------------------------------------------------------------------
1383:			blueInstanceTerminationOption["termination_wait_time_in_minutes"] = *config.TerminateBlueInstancesOnDeploymentSuccess.TerminationWaitTimeInMinutes
--------------------------------------------------------------------------------
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-conditional: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
1110:		if tf.Key != nil && *tf.Key != "" {
--------------------------------------------------------------------------------
1113:		if tf.Value != nil && *tf.Value != "" {
--------------------------------------------------------------------------------
1116:		if tf.Type != nil && *tf.Type != "" {
--------------------------------------------------------------------------------
1129:		if tf.Key != nil && *tf.Key != "" {
--------------------------------------------------------------------------------
1132:		if tf.Value != nil && *tf.Value != "" {
--------------------------------------------------------------------------------
1135:		if tf.Type != nil && *tf.Type != "" {

aws/resource_aws_codepipeline.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
464:		m[k] = *v

aws/resource_aws_config_remediation_configuration.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
123:			item["resource_value"] = *value.ResourceValue.Value
--------------------------------------------------------------------------------
126:			item["static_value"] = *value.StaticValue.Values[0]
ran 15 rules on 2163 files: 40 findings
```

Output from acceptance testing:

```
--- PASS: TestAccAWSCloud9EnvironmentEc2_allFields (286.70s)
--- PASS: TestAccAWSCloud9EnvironmentEc2_basic (209.52s)
--- PASS: TestAccAWSCloud9EnvironmentEc2_disappears (170.86s)
--- PASS: TestAccAWSCloud9EnvironmentEc2_tags (232.19s)

--- PASS: TestAccAWSCloudFrontOriginRequestPolicy_basic (19.69s)
--- PASS: TestAccAWSCloudFrontOriginRequestPolicy_noneBehavior (22.64s)
--- PASS: TestAccAWSCloudFrontOriginRequestPolicy_update (37.49s)

--- FAIL: TestAccAWSCloudTrail_serial (656.14s)
    --- FAIL: TestAccAWSCloudTrail_serial/Trail (656.14s)
        --- FAIL: TestAccAWSCloudTrail_serial/Trail/basic (48.14s) # Account permissions
        --- FAIL: TestAccAWSCloudTrail_serial/Trail/enableLogging (46.70s) # Account permissions
        --- PASS: TestAccAWSCloudTrail_serial/Trail/cloudwatch (73.41s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/eventSelector (138.13s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/includeGlobalServiceEvents (35.63s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/insightSelector (35.46s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/isMultiRegion (91.64s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/kmsKey (35.12s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/logValidation (65.09s)
        --- PASS: TestAccAWSCloudTrail_serial/Trail/tags (86.69s)
        --- SKIP: TestAccAWSCloudTrail_serial/Trail/isOrganization (0.13s)

--- PASS: TestAccAWSCloudwatchLogDestination_basic (84.11s)
--- PASS: TestAccAWSCloudwatchLogDestination_disappears (88.96s)

--- PASS: TestAccAWSCloudWatchLogMetricFilter_basic (92.40s)

--- PASS: TestAccAWSCloudWatchLogResourcePolicy_basic (32.98s)

--- PASS: TestAccAWSCloudWatchLogStream_basic (21.49s)
--- PASS: TestAccAWSCloudWatchLogStream_disappears (20.86s)
--- PASS: TestAccAWSCloudWatchLogStream_disappears_LogGroup (20.50s)

--- PASS: TestAccAWSCloudWatchMetricAlarm_AlarmActions_EC2Automate (252.05s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_AlarmActions_SNSTopic (26.06s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_AlarmActions_SWFAction (27.65s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_basic (23.92s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_datapointsToAlarm (17.54s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_disappears (18.25s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_evaluateLowSampleCountPercentiles (42.33s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_expression (96.17s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_extendedStatistic (19.08s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_missingStatistic (5.29s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_tags (62.51s)
--- PASS: TestAccAWSCloudWatchMetricAlarm_treatMissingData (42.33s)

--- PASS: TestAccAWSCodeDeployDeploymentGroup_alarmConfiguration_create (33.38s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_alarmConfiguration_delete (51.51s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_alarmConfiguration_disable (38.86s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_alarmConfiguration_update (40.28s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_autoRollbackConfiguration_create (43.51s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_autoRollbackConfiguration_delete (61.36s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_autoRollbackConfiguration_disable (42.37s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_autoRollbackConfiguration_update (64.37s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_basic (71.37s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_basic_tagSet (61.98s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_blueGreenDeployment_complete (46.42s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_blueGreenDeploymentConfiguration_create (151.03s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_blueGreenDeploymentConfiguration_delete (48.72s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_blueGreenDeploymentConfiguration_update (45.77s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_blueGreenDeploymentConfiguration_update_with_asg (177.57s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_deploymentStyle_create (31.64s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_deploymentStyle_default (31.74s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_deploymentStyle_delete (45.98s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_deploymentStyle_update (43.92s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_disappears (30.83s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_ECS_BlueGreen (310.19s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_inPlaceDeploymentWithTrafficControl_create (35.95s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_inPlaceDeploymentWithTrafficControl_update (54.46s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_loadBalancerInfo_create (32.28s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_loadBalancerInfo_delete (44.30s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_loadBalancerInfo_targetGroupInfo_create (43.70s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_loadBalancerInfo_targetGroupInfo_delete (67.73s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_loadBalancerInfo_targetGroupInfo_update (45.46s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_loadBalancerInfo_update (64.46s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_onPremiseTag (41.70s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_triggerConfiguration_basic (71.08s)
--- PASS: TestAccAWSCodeDeployDeploymentGroup_triggerConfiguration_multiple (73.36s)

--- FAIL: TestAccAWSCodePipeline_multiregion_ConvertSingleRegion (83.25s) # https://github.com/hashicorp/terraform-provider-aws/issues/16706
--- PASS: TestAccAWSCodePipeline_basic (72.08s)
--- PASS: TestAccAWSCodePipeline_deployWithServiceRole (47.91s)
--- PASS: TestAccAWSCodePipeline_disappears (37.13s)
--- PASS: TestAccAWSCodePipeline_emptyStageArtifacts (43.65s)
--- PASS: TestAccAWSCodePipeline_multiregion_basic (46.08s)
--- PASS: TestAccAWSCodePipeline_multiregion_Update (73.72s)
--- PASS: TestAccAWSCodePipeline_tags (98.61s)
--- PASS: TestAccAWSCodePipeline_WithNamespace (49.41s)
--- SKIP: TestAccAWSCodePipeline_WithGitHubv1SourceAction (0.00s)

--- PASS: TestAccAWSConfig_serial (3698.82s)
    --- PASS: TestAccAWSConfig_serial/RemediationConfiguration (364.40s)
        --- PASS: TestAccAWSConfig_serial/RemediationConfiguration/basic (86.05s)
        --- PASS: TestAccAWSConfig_serial/RemediationConfiguration/disappears (83.00s)
        --- PASS: TestAccAWSConfig_serial/RemediationConfiguration/recreates (99.34s)
        --- PASS: TestAccAWSConfig_serial/RemediationConfiguration/updates (96.01s)
```

* Prevent re-creation when encryption enabled

* r/aws_mq_configuration: add missing authentication_strategy

When creating an ActiveMQ instance with authentication_strategy=ldap,
then the corresponding configuration has to contain the same option
as well for the user to be able to include a cachedLDAPAuthorizationMap
element in the broker xml configuration. If the option is not provided
when creating the configuration, the default strategy "simple" is
assumed and AWS automatically removes the cachedLDAPAuthorizationMap
element.

* Fix terraform test configuration format

* Add PR changelog file.

* mq_configuration: Update changelog

* tests/mq_configuration: Add ErrorCheck

* r/mq_configuration: Add RabbitMQ engine type, minor cleanup

* tests/r/mq_configuration: Standardized naming

* docs/r/mq_configuration: Minor cleanup of docs

* Add 'semgrep' target.

* tests/r/mq_configuration: Add partition service PreCheck

* support lightsail open ports resource

* build(deps): bump github.com/bflad/tfproviderlint from 0.23.0 to 0.24.0 in /awsproviderlint (#18368)

* build(deps): bump github.com/bflad/tfproviderlint in /awsproviderlint

Bumps [github.com/bflad/tfproviderlint](https://github.com/bflad/tfproviderlint) from 0.23.0 to 0.24.0.
- [Release notes](https://github.com/bflad/tfproviderlint/releases)
- [Changelog](https://github.com/bflad/tfproviderlint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bflad/tfproviderlint/compare/v0.23.0...v0.24.0)

Signed-off-by: dependabot[bot] <[email protected]>

* tests/provider: Disable new failing tfproviderlint reports for now

Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18354
Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18377
Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18378
Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18379
Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18380
Reference: https://github.com/hashicorp/terraform-provider-aws/issues/18381

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian Flad <[email protected]>

* Update CHANGELOG.md for #18368

* remove incorrect deprecation warning for single_header argument

* Fixes Terraform formatting

* Adds CHANGELOG

* Update CHANGELOG for #18384

* r/aws_api_gateway_vpc_link: Persist ID of newly created VPC Link when it fails to reach Available state (#18382)

* r/aws_api_gateway_vpc_link: Persist ID of new;y created VPC Link when it fails to reach Available state.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAWSAPIGatewayVpcLink_basic'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSAPIGatewayVpcLink_basic -timeout 180m
=== RUN   TestAccAWSAPIGatewayVpcLink_basic
=== PAUSE TestAccAWSAPIGatewayVpcLink_basic
=== CONT  TestAccAWSAPIGatewayVpcLink_basic
--- PASS: TestAccAWSAPIGatewayVpcLink_basic (750.44s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	750.547s

* Add CHANGELOG entry.

* Update CHANGELOG.md for #18384

* aws_vpc: Correct the ARN account id (#17729)

* aws_vpc: Correct the ARN account id

* Remove aws_vpc from the document

* r/lightsail_instance_public_ports: Add changelog

* r/lightsail_instance_public_ports: New resource

* docs/lightsail_instance_public_ports: Add docs for new resource

* r/lightsail_instance_public_ports: Clean up new resource

* tests/r/lightsail_instance_public_ports: Add tests

* tests/lightsail_instance_public_ports: Lint

* docs/r/lightsail_instance_public_ports: Lint

* docs/r/lightsail_instance_public_ports: Lint

* docs/r/lightsail_instance_public_ports: Lint

* Update CHANGELOG.md for #18361

* Add cidrs attribute to aws_lightsail_instance_public_ports resource

* build(deps): Bump github.com/hashicorp/terraform-plugin-sdk/v2 (#18395)

Bumps [github.com/hashicorp/terraform-plugin-sdk/v2](https://github.com/hashicorp/terraform-plugin-sdk) from 2.4.4 to 2.5.0.
- [Release notes](https://github.com/hashicorp/terraform-plugin-sdk/releases)
- [Changelog](https://github.com/hashicorp/terraform-plugin-sdk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/terraform-plugin-sdk/compare/v2.4.4...v2.5.0)

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update CHANGELOG.md for #18395

* build(deps): Bump github.com/hashicorp/terraform-plugin-sdk/v2 (#18396)

* r/lightsail_instance_public_ports: Alphabetize args

* docs/r/lightsail_instance_public_ports: Minor fix

* r/lightsail_instance_public_ports: Change CIDRs to set

* tests/r/lightsail_instance_public_ports: Nested attr check

* r/lightsail_instance_public_ports: Add changelog

* docs/r/lightsail_instance_public_ports: Fix docs

* tests/r/lightsail_instance_public_ports: Use set testing

* r/aws_route: Refactor acceptance tests in preparation for future fixes/enhancements.

* Fixes after rebase.

* resource/aws_pinpoint_email_channel: Support using SES configuration set and add plan time validations (#18314)

Output from acceptance testing in AWS Commercial:

```
--- PASS: TestAccAWSPinpointEmailChannel_disappears (19.13s)
--- PASS: TestAccAWSPinpointEmailChannel_configurationSet (22.62s)
--- PASS: TestAccAWSPinpointEmailChannel_basic (34.66s)
```

Output from acceptance testing in AWS GovCloud (US):

```
--- PASS: TestAccAWSPinpointEmailChannel_disappears (27.30s)
--- PASS: TestAccAWSPinpointEmailChannel_configurationSet (33.09s)
--- PASS: TestAccAWSPinpointEmailChannel_basic (53.08s)
```

* Update CHANGELOG.md for #18042

* Add missing parameter on test config

* resource/aws_pinpoint_event_stream: Update IAM error retry logic to match Contributing Guide

Output from acceptance testing in AWS Commercial:

```
--- PASS: TestAccAWSPinpointEventStream_disappears (71.12s)
--- PASS: TestAccAWSPinpointEventStream_basic (143.79s)
```

Output from acceptance testing in AWS GovCloud (US):

```
--- PASS: TestAccAWSPinpointEventStream_disappears (69.10s)
--- PASS: TestAccAWSPinpointEventStream_basic (148.10s)
```

* Add ErrorCheck to test

* Update aws/resource_aws_iam_server_certificate.go

Co-authored-by: Brian Flad <[email protected]>

* Add ForceNew to ecs_service service_registries

* Create CHANGELOG entry

* r/ecs_service: Remove duplicate fields

* tests/r/ecs_service: Add ErrorCheck

* ecs_service: Update changelog, tests

* Update CHANGELOG.md for #18408

* docs/resource/aws_iam_server_certificate: Move tags documentation to arguments

Output from acceptance testing in AWS Commercial:

```
--- PASS: TestAccAWSIAMServerCertificate_disappears (14.13s)
--- PASS: TestAccAWSIAMServerCertificate_name_prefix (15.89s)
--- PASS: TestAccAWSIAMServerCertificate_Path (18.27s)
--- PASS: TestAccAWSIAMServerCertificate_basic (18.19s)
--- PASS: TestAccAWSIAMServerCertificate_file (31.71s)
--- PASS: TestAccAWSIAMServerCertificate_tags (40.61s)
```

Output from acceptance testing in AWS GovCloud (US):

```
--- PASS: TestAccAWSIAMServerCertificate_disappears (17.41s)
--- PASS: TestAccAWSIAMServerCertificate_name_prefix (20.05s)
--- PASS: TestAccAWSIAMServerCertificate_basic (22.42s)
--- PASS: TestAccAWSIAMServerCertificate_Path (22.36s)
--- PASS: TestAccAWSIAMServerCertificate_file (37.52s)
--- PASS: TestAccAWSIAMServerCertificate_tags (51.54s)
```

* Update aws/resource_aws_iam_saml_provider_test.go

* r/aws_route: Refactor acceptance tests in preparation for future fixes/enhancements.

* r/aws_route: Incorporate relevant changes from #16219.

* r/aws_route: Correct capitalization of 'IPv4' and 'IPv6'.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAWSRoute_' ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 2 -run=TestAccAWSRoute_ -timeout 120m
=== RUN   TestAccAWSRoute_basic
=== PAUSE TestAccAWSRoute_basic
=== RUN   TestAccAWSRoute_disappears
=== PAUSE TestAccAWSRoute_disappears
=== RUN   TestAccAWSRoute_disappears_RouteTable
=== PAUSE TestAccAWSRoute_disappears_RouteTable
=== RUN   TestAccAWSRoute_IPv6_To_EgressOnlyInternetGateway
=== PAUSE TestAccAWSRoute_IPv6_To_EgressOnlyInternetGateway
=== RUN   TestAccAWSRoute_IPv6_To_InternetGateway
=== PAUSE TestAccAWSRoute_IPv6_To_InternetGateway
=== RUN   TestAccAWSRoute_IPv6_To_Instance
=== PAUSE TestAccAWSRoute_IPv6_To_Instance
=== RUN   TestAccAWSRoute_IPv6_To_NetworkInterface_Unattached
=== PAUSE TestAccAWSRoute_IPv6_To_NetworkInterface_Unattached
=== RUN   TestAccAWSRoute_IPv6_To_VpcPeeringConnection
=== PAUSE TestAccAWSRoute_IPv6_To_VpcPeeringConnection
=== RUN   TestAccAWSRoute_IPv6_To_VpnGateway
=== PAUSE TestAccAWSRoute_IPv6_To_VpnGateway
=== RUN   TestAccAWSRoute_IPv4_To_VpnGateway
=== PAUSE TestAccAWSRoute_IPv4_To_VpnGateway
=== RUN   TestAccAWSRoute_IPv4_To_Instance
=== PAUSE TestAccAWSRoute_IPv4_To_Instance
=== RUN   TestAccAWSRoute_IPv4_To_NetworkInterface_Unattached
=== PAUSE TestAccAWSRoute_IPv4_To_NetworkInterface_Unattached
=== RUN   TestAccAWSRoute_IPv4_To_NetworkInterface_Attached
=== PAUSE TestAccAWSRoute_IPv4_To_NetworkInterface_Attached
=== RUN   TestAccAWSRoute_IPv4_To_NetworkInterface_TwoAttachments
=== PAUSE TestAccAWSRoute_IPv4_To_NetworkInterface_TwoAttachments
=== RUN   TestAccAWSRoute_IPv4_To_VpcPeeringConnection
=== PAUSE TestAccAWSRoute_IPv4_To_VpcPeeringConnection
=== RUN   TestAccAWSRoute_IPv4_To_NatGateway
=== PAUSE TestAccAWSRoute_IPv4_To_NatGateway
=== RUN   TestAccAWSRoute_DoesNotCrashWithVpcEndpoint
=== PAUSE TestAccAWSRoute_DoesNotCrashWithVpcEndpoint
=== RUN   TestAccAWSRoute_IPv4_To_TransitGateway
=== PAUSE TestAccAWSRoute_IPv4_To_TransitGateway
=== RUN   TestAccAWSRoute_IPv6_To_TransitGateway
=== PAUSE TestAccAWSRoute_IPv6_To_TransitGateway
=== RUN   TestAccAWSRoute_IPv4_To_LocalGateway
=== PAUSE TestAccAWSRoute_IPv4_To_LocalGateway
=== RUN   TestAccAWSRoute_IPv6_To_LocalGateway
=== PAUSE TestAccAWSRoute_IPv6_To_LocalGateway
=== RUN   TestAccAWSRoute_ConditionalCidrBlock
=== PAUSE TestAccAWSRoute_ConditionalCidrBlock
=== RUN   TestAccAWSRoute_IPv4_Update_Target
=== PAUSE TestAccAWSRoute_IPv4_Update_Target
=== RUN   TestAccAWSRoute_IPv6_Update_Target
=== PAUSE TestAccAWSRoute_IPv6_Update_Target
=== RUN   TestAccAWSRoute_IPv4_To_VpcEndpoint
=== PAUSE TestAccAWSRoute_IPv4_To_VpcEndpoint
=== RUN   TestAccAWSRoute_LocalRoute
=== PAUSE TestAccAWSRoute_LocalRoute
=== CONT  TestAccAWSRoute_basic
=== CONT  TestAccAWSRoute_IPv4_To_VpcPeeringConnection
--- PASS: TestAccAWSRoute_IPv4_To_VpcPeeringConnection (27.43s)
=== CONT  TestAccAWSRoute_LocalRoute
--- PASS: TestAccAWSRoute_basic (36.72s)
=== CONT  TestAccAWSRoute_IPv4_To_VpcEndpoint
--- PASS: TestAccAWSRoute_LocalRoute (21.98s)
=== CONT  TestAccAWSRoute_IPv6_Update_Target
--- PASS: TestAccAWSRoute_IPv6_Update_Target (226.03s)
=== CONT  TestAccAWSRoute_IPv4_Update_Target
--- PASS: TestAccAWSRoute_IPv4_To_VpcEndpoint (273.71s)
=== CONT  TestAccAWSRoute_ConditionalCidrBlock
=== CONT  TestAccAWSRoute_IPv6_To_LocalGateway
--- PASS: TestAccAWSRoute_ConditionalCidrBlock (51.91s)
=== CONT  TestAccAWSRoute_IPv6_To_LocalGateway
    data_source_aws_outposts_outposts_test.go:66: skipping since no Outposts found
--- SKIP: TestAccAWSRoute_IPv6_To_LocalGateway (1.28s)
=== CONT  TestAccAWSRoute_IPv4_To_LocalGateway
    data_source_aws_outposts_outposts_test.go:66: skipping since no Outposts found
--- SKIP: TestAccAWSRoute_IPv4_To_LocalGateway (1.10s)
=== CONT  TestAccAWSRoute_IPv6_To_TransitGateway
--- PASS: TestAccAWSRoute_IPv6_To_TransitGateway (357.84s)
=== CONT  TestAccAWSRoute_IPv4_To_TransitGateway
--- PASS: TestAccAWSRoute_IPv4_Update_Target (626.78s)
=== CONT  TestAccAWSRoute_DoesNotCrashWithVpcEndpoint
--- PASS: TestAccAWSRoute_DoesNotCrashWithVpcEndpoint (43.28s)
=== CONT  TestAccAWSRoute_IPv4_To_NatGateway
--- PASS: TestAccAWSRoute_IPv4_To_TransitGateway (399.08s)
=== CONT  TestAccAWSRoute_IPv6_To_VpcPeeringConnection
--- PASS: TestAccAWSRoute_IPv6_To_VpcPeeringConnection (25.57s)
=== CONT  TestAccAWSRoute_IPv4_To_NetworkInterface_TwoAttachments
--- PASS: TestAccAWSRoute_IPv4_To_NatGateway (228.62s)
=== CONT  TestAccAWSRoute_IPv4_To_NetworkInterface_Attached
--- PASS: TestAccAWSRoute_IPv4_To_NetworkInterface_TwoAttachments (190.46s)
=== CONT  TestAccAWSRoute_IPv4_To_NetworkInterface_Unattached
--- PASS: TestAccAWSRoute_IPv4_To_NetworkInterface_Unattached (57.67s)
=== CONT  TestAccAWSRoute_IPv4_To_Instance
--- PASS: TestAccAWSRoute_IPv4_To_NetworkInterface_Attached (340.04s)
=== CONT  TestAccAWSRoute_IPv4_To_VpnGateway
--- PASS: TestAccAWSRoute_IPv4_To_VpnGateway (35.60s)
=== CONT  TestAccAWSRoute_IPv6_To_VpnGateway
--- PASS: TestAccAWSRoute_IPv6_To_VpnGateway (41.86s)
=== CONT  TestAccAWSRoute_IPv6_To_InternetGateway
--- PASS: TestAccAWSRoute_IPv6_To_InternetGateway (34.47s)
=== CONT  TestAccAWSRoute_IPv6_To_NetworkInterface_Unattached
--- PASS: TestAccAWSRoute_IPv6_To_NetworkInterface_Unattached (58.80s)
=== CONT  TestAccAWSRoute_IPv6_To_Instance
--- PASS: TestAccAWSRoute_IPv4_To_Instance (326.97s)
=== CONT  TestAccAWSRoute_disappears_RouteTable
--- PASS: TestAccAWSRoute_disappears_RouteTable (33.05s)
=== CONT  TestAccAWSRoute_IPv6_To_EgressOnlyInternetGateway
--- PASS: TestAccAWSRoute_IPv6_To_EgressOnlyInternetGateway (37.46s)
=== CONT  TestAccAWSRoute_disappears
--- PASS: TestAccAWSRoute_disappears (31.77s)
--- PASS: TestAccAWSRoute_IPv6_To_Instance (327.89s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	2012.898s

* r/aws_route: Fix linter S1039: unnecessary use of fmt.Sprintf.

* r/aws_route: Add documentation note on use of the 'gateway_id' attribute.

* Add CHANGELOG entries.

* r/aws_route: Return 'NotFoundE…
  • Loading branch information
18 people authored Mar 27, 2021
1 parent fda8f4f commit 7794d68
Show file tree
Hide file tree
Showing 2,323 changed files with 52,936 additions and 14,650 deletions.
3 changes: 3 additions & 0 deletions .changelog/11967.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_ssm_parameter: Add support for `Intelligent-Tiering`
```
7 changes: 7 additions & 0 deletions .changelog/14101.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_sns_topic_subscription: Add plan time validation for `subscription_role_arn` and `topic_arn`
```

```release-note:bug
resource/aws_sns_topic_subscription: recreate subscription if topic is deleted
```
3 changes: 3 additions & 0 deletions .changelog/14193.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_ecr_repository_policy: Add plan time validation for `policy`
```
3 changes: 3 additions & 0 deletions .changelog/14247.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_config_configuration_aggregator: Allow name to have uppercase characters
```
7 changes: 7 additions & 0 deletions .changelog/14319.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:bug
resource/aws_wafv2_web_acl_logging_configuration: Ensure `redacted_fields` are applied to the resource
```

```release-note:note
resource/aws_wafv2_web_acl_logging_configuration: The `redacted_fields` configuration block `all_query_arguments`, `body`, and `single_query_argument` arguments have been deprecated to match the WAF API documentation
```
3 changes: 3 additions & 0 deletions .changelog/14905.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_light_instance_public_ports: Add `cidrs` argument to `port_info`
```
7 changes: 7 additions & 0 deletions .changelog/15213.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:bug
resource/aws_ssm_patch_group: Allow for a single patch group to be registered with multiple patch baselines
```

```release-note:bug
resource/aws_ssm_patch_group: Replace `Provider produced inconsistent result after apply` with actual error message
```
11 changes: 11 additions & 0 deletions .changelog/16815.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
```release-note:bug
resource/aws_cloudwatch_event_permission: Fix error in Event Bridge/CloudWatch Events bus name validation
```

```release-note:bug
resource/aws_cloudwatch_event_rule: Fix error in Event Bridge/CloudWatch Events bus name validation
```

```release-note:bug
resource/aws_cloudwatch_event_target: Fix error in Event Bridge/CloudWatch Events bus name validation
```
7 changes: 7 additions & 0 deletions .changelog/16930.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_route: Validate route destination and target attributes
```

```release-note:bug
resource/aws_route: Correctly handle updates to the route target attributes (`egress_only_gateway_id`, `gateway_id`, `instance_id`, `local_gateway_id`, `nat_gateway_id`, `network_interface_id`, `transit_gateway_id`, `vpc_peering_connection_id`)
```
7 changes: 7 additions & 0 deletions .changelog/16936.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_ecs_service: Add `deployment_circuit_breaker`
```

```release-note:bug
resource/aws_ecs_service: Improve handling of eventual consistency including security group dependency violations on deletion
```
3 changes: 3 additions & 0 deletions .changelog/16961.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-notes:enhancement
resource/aws_route: Add `carrier_gateway_id` attribute
```
3 changes: 3 additions & 0 deletions .changelog/16963.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-notes:enhancement
data-source/aws_route: Add `carrier_gateway_id` attribute
```
11 changes: 11 additions & 0 deletions .changelog/16979.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
```release-notes:enhancement
resource/aws_default_route_table: Add `arn` attribute
```

```release-notes:enhancement
resource/aws_route_table: Add `arn` attribute
```

```release-notes:enhancement
resource/aws_route_table: Add `carrier_gateway_id` attribute to `route` configuration block
```
7 changes: 7 additions & 0 deletions .changelog/17149.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:new-data-source
aws_kinesis_stream_consumer
```

```release-note:new-resource
aws_kinesis_stream_consumer
```
3 changes: 3 additions & 0 deletions .changelog/17387.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_ecs_service: Re-create service when `service_registries` changes
```
3 changes: 3 additions & 0 deletions .changelog/17465.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:note
resource/aws_codebuild_project: The `source` and `secondary_sources` configuration block `auth` attributes have been deprecated to match the CodeBuild API documentation. Use the `aws_codebuild_source_credential` resource instead.
```
3 changes: 3 additions & 0 deletions .changelog/17589.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-data-source
aws_ec2_transit_gateway_route_tables
```
3 changes: 3 additions & 0 deletions .changelog/17596.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_fms_admin_account: Extend creation timeout to 10 minutes
```
7 changes: 7 additions & 0 deletions .changelog/17641.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:note
data-source/aws_vpc_endpoint_service: The `service_type` argument filtering has been switched from client-side to new EC2 API functionality
```

```release-note:bug
data-source/aws_vpc_endpoint_service: Prevent panic with incorrect `service_type` argument values
```
7 changes: 7 additions & 0 deletions .changelog/17830.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_ssm_parameter: Add plan time validation to `name`, `description` and `allowed_pattern`
```

```release-note:enhancement
resource/aws_ssm_parameter: Tag on create
```
3 changes: 3 additions & 0 deletions .changelog/17876.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_waf_rule: Fix rule deletion when still referenced by a WebACL
```
3 changes: 3 additions & 0 deletions .changelog/17909.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_db_parameter_group: Store all values in lowercase to prevent unexpected diffs
```
3 changes: 3 additions & 0 deletions .changelog/17958.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_dms_certificate: Correctly base64 decode `certificate_wallet` value
```
3 changes: 3 additions & 0 deletions .changelog/17962.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_iam_instance_profile: Add tagging support
```
7 changes: 7 additions & 0 deletions .changelog/17964.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_iam_openid_connect_provider: Add tagging support
```

```release-note:enhancement
resource/aws_iam_openid_connect_provider: Add plan time validation for `client_id_list` and `thumbprint_list`
```
7 changes: 7 additions & 0 deletions .changelog/17965.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_iam_saml_provider: Add tagging support
```

```release-note:enhancement
resource/aws_iam_saml_provider: Add plan time validation for `name` and `saml_metadata_document`
```
7 changes: 7 additions & 0 deletions .changelog/17967.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_iam_server_certificate: Add tagging support
```

```release-note:enhancement
resource/aws_iam_server_certificate: Add `expiration` and `upload_date` attributes
```
3 changes: 3 additions & 0 deletions .changelog/17968.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_ami_from_instance: Tag on create.
```
3 changes: 3 additions & 0 deletions .changelog/17969.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_efs_file_system: Add `number_of_mount_targets`, `size_in_bytes` and `owner_id` attributes
```
15 changes: 15 additions & 0 deletions .changelog/17974.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
```release-note:note
provider: New `default_tags` argument as a public preview for applying tags across all resources under a provider. Support for the functionality must be added to individual resources in the codebase and is only implemented for the `aws_subnet` and `aws_vpc` resources at this time. Until a general availability announcement, no compatibility promises are made with these provider arguments and their functionality.
```

```release-note:enhancement
provider: Add `default_tags` argument (in public preview, see note above)
```

```release-note:enhancement
resource/aws_subnet: Support provider-wide default tags (in public preview, see note above)
```

```release-note:enhancement
resource/aws_vpc: Support provider-wide default tags (in public preview, see note above)
```
3 changes: 3 additions & 0 deletions .changelog/17985.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_globalaccelerator_accelerator: Correct length for `name` attribute validation
```
3 changes: 3 additions & 0 deletions .changelog/18042.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_cloudfront_distribution: Allow `forwarded_values` to be set to empty when values were previously set
```
3 changes: 3 additions & 0 deletions .changelog/18070.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_mq_configuration: Add `ldap` as an `authentication_strategy` and `RabbitMQ` as an `engine_type`
```
3 changes: 3 additions & 0 deletions .changelog/18076.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_storagegateway_gateway: Add support for `smb_file_share_visibility`.
```
3 changes: 3 additions & 0 deletions .changelog/18129.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-data-source
aws_codestarconnections_connection
```
3 changes: 3 additions & 0 deletions .changelog/18203.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_lakeformation_permissions: Properly serialize SELECT permission for `permissions` and `permissions_with_grant_option` fields
```
11 changes: 11 additions & 0 deletions .changelog/18276.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
```release-note:enhancement
resource/aws_iam_policy: Add tagging support
```

```release-note:enhancement
resource/aws_iam_policy: Add `policy_id` attribute
```

```release-note:enhancement
data-source/aws_iam_policy: Add `policy_id` and `tags` attributes
```
3 changes: 3 additions & 0 deletions .changelog/18281.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_pinpoint_sms_channel: Set all params on update
```
7 changes: 7 additions & 0 deletions .changelog/18305.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:bug
resource/aws_pinpoint_event_stream: Retry on eventual consistency error
```

```release-note:enhancement
resource/aws_pinpoint_event_stream: Plan time validations for `destination_stream_arn` and `role_arn`
```
11 changes: 11 additions & 0 deletions .changelog/18313.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
```release-note:note
resource/aws_storagegateway_upload_buffer: The Storage Gateway `ListLocalDisks` API operation has been implemented to support the `disk_path` attribute for Cached and VTL gateway types. Environments using restrictive IAM permissions may require updates.
```

```release-note:bug
data-source/aws_storagegateway_local_disk: Allow `disk_path` reference on `disk_node` lookup and vice-versa
```

```release-note:enhancement
resource/aws_storagegateway_upload_buffer: Add `disk_path` argument for Cached and VTL gateways
```
7 changes: 7 additions & 0 deletions .changelog/18314.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_pinpoint_email_channel: Add `configuration_set` argument
```

```release-note:enhancement
resource/aws_pinpoint_email_channel: Add plan time validation for `identity` and `role_arn`
```
3 changes: 3 additions & 0 deletions .changelog/18341.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_securityhub_organization_admin_account: Retry on `ResourceConflictException` error during creation
```
3 changes: 3 additions & 0 deletions .changelog/18351.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_apigatewayv2_domain_name: Allow update of mutual TLS S3 object version
```
3 changes: 3 additions & 0 deletions .changelog/18361.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_elasticache_replication_group: Prevents re-creation of secondary replication groups when encryption is enabled
```
3 changes: 3 additions & 0 deletions .changelog/18382.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_api_gateway_vpc_link: Persist ID of failed VPC Link to state
```
4 changes: 4 additions & 0 deletions .changelog/18384.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
```release-note:bug
resource/aws_wafv2_web_acl_logging_configuration: Remove deprecation warning for `redacted_fields` `single_header` argument
```

7 changes: 7 additions & 0 deletions .changelog/18388.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:bug
resource/aws_network_acl: Handle EC2 eventual consistency errors on creation
```

```release-note:bug
resource/aws_network_acl_rule: Handle EC2 eventual consistency errors on creation
```
3 changes: 3 additions & 0 deletions .changelog/18391.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_vpc: Handle EC2 eventual consistency errors on creation
```
3 changes: 3 additions & 0 deletions .changelog/18392.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_subnet: Handle EC2 eventual consistency errors on creation
```
3 changes: 3 additions & 0 deletions .changelog/18404.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_synthetics_canary: Handle asynchronous IAM eventual consistency error on creation
```
3 changes: 3 additions & 0 deletions .changelog/8611.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-resource
aws_lightsail_instance_public_ports
```
2 changes: 1 addition & 1 deletion .github/workflows/firewatch.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Firewatch
uses: breathingdust/firewatch@v1
uses: breathingdust/firewatch@v2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
alert_threshold: 10
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/issues.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ jobs:
- uses: actions/checkout@v2
- name: Apply Issue needs-triage Label
if: github.event.action == 'opened' && !contains(fromJSON('["anGie44", "bflad", "bill-rich", "breathingdust", "DrFaust92", "ewbankkit", "gdavison", "maryelizbeth", "YakDriver"]'), github.actor)
uses: github/issue-labeler@v2.2
uses: github/issue-labeler@v2.3
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
configuration-path: .github/labeler-issue-needs-triage.yml
enable-versioned-regex: 0
- name: Apply Issue Triage Labels
uses: github/issue-labeler@v2.2
uses: github/issue-labeler@v2.3
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
configuration-path: .github/labeler-issue-triage.yml
Expand Down
Loading

0 comments on commit 7794d68

Please sign in to comment.