Skip to content

Commit

Permalink
Merge pull request #34709 from trevorrea/main
Browse files Browse the repository at this point in the history
r/aws_transfer_server: Add support for TransferSecurityPolicy-FIPS-2023-05
  • Loading branch information
ewbankkit authored Dec 5, 2023
2 parents b8a9876 + 2a11b86 commit 3f5e368
Show file tree
Hide file tree
Showing 5 changed files with 36 additions and 1 deletion.
3 changes: 3 additions & 0 deletions .changelog/34709.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_transfer_server: Add support for `TransferSecurityPolicy-FIPS-2023-05` `security_policy_name` value
```
2 changes: 2 additions & 0 deletions internal/service/transfer/enum.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ const (
SecurityPolicyName2018_11 = "TransferSecurityPolicy-2018-11"
SecurityPolicyName2020_06 = "TransferSecurityPolicy-2020-06"
SecurityPolicyNameFIPS_2020_06 = "TransferSecurityPolicy-FIPS-2020-06"
SecurityPolicyNameFIPS_2023_05 = "TransferSecurityPolicy-FIPS-2023-05"
SecurityPolicyName2022_03 = "TransferSecurityPolicy-2022-03"
SecurityPolicyName2023_05 = "TransferSecurityPolicy-2023-05"
)
Expand All @@ -16,6 +17,7 @@ func SecurityPolicyName_Values() []string {
SecurityPolicyName2018_11,
SecurityPolicyName2020_06,
SecurityPolicyNameFIPS_2020_06,
SecurityPolicyNameFIPS_2023_05,
SecurityPolicyName2022_03,
SecurityPolicyName2023_05,
}
Expand Down
29 changes: 29 additions & 0 deletions internal/service/transfer/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,35 @@ func testAccServer_securityPolicy(t *testing.T) {
})
}

func testAccServer_securityPolicyFIPS(t *testing.T) {
ctx := acctest.Context(t)
var conf transfer.DescribedServer
resourceName := "aws_transfer_server.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)

resource.Test(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) },
ErrorCheck: acctest.ErrorCheck(t, transfer.EndpointsID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckServerDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccServerConfig_securityPolicy(rName, "TransferSecurityPolicy-FIPS-2023-05"),
Check: resource.ComposeTestCheckFunc(
testAccCheckServerExists(ctx, resourceName, &conf),
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-FIPS-2023-05"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"force_destroy"},
},
},
})
}

func testAccServer_vpc(t *testing.T) {
ctx := acctest.Context(t)
var conf transfer.DescribedServer
Expand Down
1 change: 1 addition & 0 deletions internal/service/transfer/transfer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ func TestAccTransfer_serial(t *testing.T) {
"Protocols": testAccServer_protocols,
"ProtocolDetails": testAccServer_protocolDetails,
"SecurityPolicy": testAccServer_securityPolicy,
"SecurityPolicyFIPS": testAccServer_securityPolicyFIPS,
"StructuredLogDestinations": testAccServer_structuredLogDestinations,
"UpdateEndpointTypePublicToVPC": testAccServer_updateEndpointType_publicToVPC,
"UpdateEndpointTypePublicToVPCAddressAllocationIDs": testAccServer_updateEndpointType_publicToVPC_addressAllocationIDs,
Expand Down
2 changes: 1 addition & 1 deletion website/docs/r/transfer_server.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ This resource supports the following arguments:
* `post_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.
* `pre_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
* `protocol_details`- (Optional) The protocol settings that are configured for your server.
* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-2022-03` and `TransferSecurityPolicy-2023-05`. Default value is: `TransferSecurityPolicy-2018-11`.
* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03` and `TransferSecurityPolicy-2023-05`. Default value is: `TransferSecurityPolicy-2018-11`.
* `structured_log_destinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.
* `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
* `workflow_details` - (Optional) Specifies the workflow details. See Workflow Details below.
Expand Down

0 comments on commit 3f5e368

Please sign in to comment.