Merge pull request #37481 from hashicorp/td-migrate-ssm-to-aws-sdk-v2

Migrate `ssm` resources to AWS SDK for Go v2
hashicorp · May 14, 2024 · f7604a6 · f7604a6
2 parents bbd8dab + 30e6c5f
commit f7604a6
Show file tree

Hide file tree

Showing 56 changed files with 2,395 additions and 2,592 deletions.
diff --git a/.changelog/37481.txt b/.changelog/37481.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_ssm_resource_data_sync: Add plan-time validation of `s3_destination.kms_key_arn`, `s3_destination.region` and `s3_destination.sync_format`
+```
diff --git a/internal/conns/awsclient_gen.go b/internal/conns/awsclient_gen.go
diff --git a/internal/generate/tags/main.go b/internal/generate/tags/main.go
@@ -68,6 +68,7 @@ var (
 	tagOp                      = flag.String("TagOp", "TagResource", "tagOp")
 	tagOpBatchSize             = flag.String("TagOpBatchSize", "", "tagOpBatchSize")
 	tagResTypeElem             = flag.String("TagResTypeElem", "", "tagResTypeElem")
+	tagResTypeElemType         = flag.String("TagResTypeElemType", "", "tagResTypeElemType")
 	tagType                    = flag.String("TagType", "Tag", "tagType")
 	tagType2                   = flag.String("TagType2", "", "tagType")
 	tagTypeAddBoolElem         = flag.String("TagTypeAddBoolElem", "", "TagTypeAddBoolElem")
@@ -192,6 +193,7 @@ type TemplateData struct {
 	TagOpBatchSize             string
 	TagPackage                 string
 	TagResTypeElem             string
+	TagResTypeElemType         string
 	TagType                    string
 	TagType2                   string
 	TagTypeAddBoolElem         string
@@ -356,6 +358,7 @@ func main() {
 		TagOpBatchSize:             *tagOpBatchSize,
 		TagPackage:                 tagPackage,
 		TagResTypeElem:             *tagResTypeElem,
+		TagResTypeElemType:         *tagResTypeElemType,
 		TagType:                    *tagType,
 		TagType2:                   *tagType2,
 		TagTypeAddBoolElem:         *tagTypeAddBoolElem,

diff --git a/internal/generate/tags/templates/v2/list_tags_body.tmpl b/internal/generate/tags/templates/v2/list_tags_body.tmpl
@@ -19,9 +19,13 @@ func {{ .ListTagsFunc }}(ctx context.Context, conn {{ .ClientType }}, identifier
 		{{ .ListTagsInIDElem }}: aws.String(identifier),
 		{{- end }}
 		{{- if .TagResTypeElem }}
+		{{- if .TagResTypeElemType }}
+		{{ .TagResTypeElem }}:         awstypes.{{ .TagResTypeElemType }}(resourceType),
+		{{- else }}
 		{{ .TagResTypeElem }}:         aws.String(resourceType),
 		{{- end }}
 		{{- end }}
+		{{- end }}
 	}
 {{- if .ListTagsOpPaginated }}
 	var output []awstypes.{{ or .TagType2 .TagType }}

diff --git a/internal/generate/tags/templates/v2/update_tags_body.tmpl b/internal/generate/tags/templates/v2/update_tags_body.tmpl
@@ -39,9 +39,13 @@ func {{ .UpdateTagsFunc }}(ctx context.Context, conn {{ .ClientType }}, identifi
 		{{ .TagInIDElem }}:   aws.String(identifier),
 		{{- end }}
 		{{- if .TagResTypeElem }}
+		{{- if .TagResTypeElemType }}
+		{{ .TagResTypeElem }}:      awstypes.{{ .TagResTypeElemType }}(resourceType),
+		{{- else }}
 		{{ .TagResTypeElem }}:      aws.String(resourceType),
 		{{- end }}
 		{{- end }}
+		{{- end }}
 	}
 
 	if len(updatedTags) > 0 {
@@ -86,9 +90,13 @@ func {{ .UpdateTagsFunc }}(ctx context.Context, conn {{ .ClientType }}, identifi
 			{{ .TagInIDElem }}:   aws.String(identifier),
 			{{- end }}
 			{{- if .TagResTypeElem }}
+		    {{- if .TagResTypeElemType }}
+			{{ .TagResTypeElem }}: awstypes.{{ .TagResTypeElemType }}(resourceType),
+		    {{- else }}
 			{{ .TagResTypeElem }}: aws.String(resourceType),
 			{{- end }}
 			{{- end }}
+			{{- end }}
 			{{- if .UntagInNeedTagType }}
 			{{ .UntagInTagsElem }}:       {{ .TagsFunc }}(removedTags),
 			{{- else if .UntagInNeedTagKeyType }}
@@ -128,9 +136,13 @@ func {{ .UpdateTagsFunc }}(ctx context.Context, conn {{ .ClientType }}, identifi
 			{{ .TagInIDElem }}: aws.String(identifier),
 			{{- end }}
 			{{- if .TagResTypeElem }}
+		    {{- if .TagResTypeElemType }}
+			{{ .TagResTypeElem }}:    awstypes.{{ .TagResTypeElemType }}(resourceType),
+		    {{- else }}
 			{{ .TagResTypeElem }}:    aws.String(resourceType),
 			{{- end }}
 			{{- end }}
+			{{- end }}
 			{{- if .TagInCustomVal }}
 			{{ .TagInTagsElem }}:       {{ .TagInCustomVal }},
 			{{- else }}

diff --git a/internal/service/codepipeline/codepipeline.go b/internal/service/codepipeline/codepipeline.go
@@ -601,7 +601,9 @@ func findPipelineByName(ctx context.Context, conn *codepipeline.Client, name str
 	return output, nil
 }
 
-func pipelineValidateActionProvider(i interface{}, path cty.Path) (diags diag.Diagnostics) {
+func pipelineValidateActionProvider(i interface{}, path cty.Path) diag.Diagnostics {
+	var diags diag.Diagnostics
+
 	v, ok := i.(string)
 	if !ok {
 		return sdkdiag.AppendErrorf(diags, "expected type to be string")

diff --git a/internal/service/ec2/vpc_default_network_acl.go b/internal/service/ec2/vpc_default_network_acl.go
@@ -32,7 +32,7 @@ func resourceDefaultNetworkACL() *schema.Resource {
 		CreateWithoutTimeout: resourceDefaultNetworkACLCreate,
 		ReadWithoutTimeout:   resourceNetworkACLRead,
 		UpdateWithoutTimeout: resourceDefaultNetworkACLUpdate,
-		DeleteWithoutTimeout: resourceDefaultNetworkACLDelete,
+		DeleteWithoutTimeout: schema.NoopContext,
 
 		Importer: &schema.ResourceImporter{
 			StateContext: func(ctx context.Context, d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
@@ -158,7 +158,3 @@ func resourceDefaultNetworkACLUpdate(ctx context.Context, d *schema.ResourceData
 
 	return append(diags, resourceNetworkACLRead(ctx, d, meta)...)
 }
-
-func resourceDefaultNetworkACLDelete(_ context.Context, d *schema.ResourceData, meta interface{}) (diags diag.Diagnostics) {
-	return sdkdiag.AppendWarningf(diags, "EC2 Default Network ACL (%s) not deleted, removing from state", d.Id())
-}
diff --git a/internal/service/inspector2/organization_configuration.go b/internal/service/inspector2/organization_configuration.go
@@ -77,8 +77,11 @@ const (
 	orgConfigMutex                   = "f14b54d7-2b10-58c2-9c1b-c48260a4825d"
 )
 
-func resourceOrganizationConfigurationCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) (diags diag.Diagnostics) {
+func resourceOrganizationConfigurationCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	var diags diag.Diagnostics
+
 	d.SetId(meta.(*conns.AWSClient).AccountID)
+
 	return append(diags, resourceOrganizationConfigurationUpdate(ctx, d, meta)...)
 }
 

diff --git a/internal/service/lightsail/flex.go b/internal/service/lightsail/flex.go
@@ -16,7 +16,9 @@ import (
 )
 
 // expandOperations provides a uniform approach for handling lightsail operations and errors.
-func expandOperations(ctx context.Context, conn *lightsail.Client, operations []types.Operation, action types.OperationType, resource string, id string) (diags diag.Diagnostics) {
+func expandOperations(ctx context.Context, conn *lightsail.Client, operations []types.Operation, action types.OperationType, resource string, id string) diag.Diagnostics {
+	var diags diag.Diagnostics
+
 	if len(operations) == 0 {
 		return create.AppendDiagError(diags, names.Lightsail, string(action), resource, id, errors.New("no operations found for request"))
 	}

diff --git a/internal/service/ssm/activation.go b/internal/service/ssm/activation.go
@@ -8,13 +8,14 @@ import (
 	"log"
 	"time"
 
-	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/service/ssm"
-	"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr"
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/ssm"
+	awstypes "github.com/aws/aws-sdk-go-v2/service/ssm/types"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/errs"
 	"github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag"
 	tftags "github.com/hashicorp/terraform-provider-aws/internal/tags"
 	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
@@ -24,7 +25,7 @@ import (
 
 // @SDKResource("aws_ssm_activation", name="Activation")
 // @Tags
-func ResourceActivation() *schema.Resource {
+func resourceActivation() *schema.Resource {
 	return &schema.Resource{
 		CreateWithoutTimeout: resourceActivationCreate,
 		ReadWithoutTimeout:   resourceActivationRead,
@@ -84,7 +85,7 @@ func ResourceActivation() *schema.Resource {
 
 func resourceActivationCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	var diags diag.Diagnostics
-	conn := meta.(*conns.AWSClient).SSMConn(ctx)
+	conn := meta.(*conns.AWSClient).SSMClient(ctx)
 
 	name := d.Get(names.AttrName).(string)
 	input := &ssm.CreateActivationInput{
@@ -103,30 +104,30 @@ func resourceActivationCreate(ctx context.Context, d *schema.ResourceData, meta
 	}
 
 	if v, ok := d.GetOk("registration_limit"); ok {
-		input.RegistrationLimit = aws.Int64(int64(v.(int)))
+		input.RegistrationLimit = aws.Int32(int32(v.(int)))
 	}
 
 	outputRaw, err := tfresource.RetryWhenAWSErrMessageContains(ctx, propagationTimeout, func() (interface{}, error) {
-		return conn.CreateActivationWithContext(ctx, input)
-	}, "ValidationException", "Nonexistent role")
+		return conn.CreateActivation(ctx, input)
+	}, errCodeValidationException, "Nonexistent role")
 
 	if err != nil {
 		return sdkdiag.AppendErrorf(diags, "creating SSM Activation (%s): %s", name, err)
 	}
 
 	output := outputRaw.(*ssm.CreateActivationOutput)
 
-	d.SetId(aws.StringValue(output.ActivationId))
+	d.SetId(aws.ToString(output.ActivationId))
 	d.Set("activation_code", output.ActivationCode)
 
 	return append(diags, resourceActivationRead(ctx, d, meta)...)
 }
 
 func resourceActivationRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	var diags diag.Diagnostics
-	conn := meta.(*conns.AWSClient).SSMConn(ctx)
+	conn := meta.(*conns.AWSClient).SSMClient(ctx)
 
-	activation, err := FindActivationByID(ctx, conn, d.Id())
+	activation, err := findActivationByID(ctx, conn, d.Id())
 
 	if !d.IsNewResource() && tfresource.NotFound(err) {
 		log.Printf("[WARN] SSM Activation %s not found, removing from state", d.Id())
@@ -139,7 +140,7 @@ func resourceActivationRead(ctx context.Context, d *schema.ResourceData, meta in
 	}
 
 	d.Set(names.AttrDescription, activation.Description)
-	d.Set("expiration_date", aws.TimeValue(activation.ExpirationDate).Format(time.RFC3339))
+	d.Set("expiration_date", aws.ToTime(activation.ExpirationDate).Format(time.RFC3339))
 	d.Set("expired", activation.Expired)
 	d.Set("iam_role", activation.IamRole)
 	d.Set(names.AttrName, activation.DefaultInstanceName)
@@ -153,14 +154,14 @@ func resourceActivationRead(ctx context.Context, d *schema.ResourceData, meta in
 
 func resourceActivationDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	var diags diag.Diagnostics
-	conn := meta.(*conns.AWSClient).SSMConn(ctx)
+	conn := meta.(*conns.AWSClient).SSMClient(ctx)
 
 	log.Printf("[DEBUG] Deleting SSM Activation: %s", d.Id())
-	_, err := conn.DeleteActivationWithContext(ctx, &ssm.DeleteActivationInput{
+	_, err := conn.DeleteActivation(ctx, &ssm.DeleteActivationInput{
 		ActivationId: aws.String(d.Id()),
 	})
 
-	if tfawserr.ErrCodeEquals(err, ssm.ErrCodeInvalidActivation) {
+	if errs.IsA[*awstypes.InvalidActivation](err) {
 		return diags
 	}
 
@@ -171,47 +172,42 @@ func resourceActivationDelete(ctx context.Context, d *schema.ResourceData, meta
 	return diags
 }
 
-func FindActivationByID(ctx context.Context, conn *ssm.SSM, id string) (*ssm.Activation, error) {
+func findActivationByID(ctx context.Context, conn *ssm.Client, id string) (*awstypes.Activation, error) {
 	input := &ssm.DescribeActivationsInput{
-		Filters: []*ssm.DescribeActivationsFilter{
+		Filters: []awstypes.DescribeActivationsFilter{
 			{
-				FilterKey:    aws.String("ActivationIds"),
-				FilterValues: aws.StringSlice([]string{id}),
+				FilterKey:    awstypes.DescribeActivationsFilterKeysActivationIds,
+				FilterValues: []string{id},
 			},
 		},
 	}
 
 	return findActivation(ctx, conn, input)
 }
 
-func findActivation(ctx context.Context, conn *ssm.SSM, input *ssm.DescribeActivationsInput) (*ssm.Activation, error) {
-	var output []*ssm.Activation
-
-	err := conn.DescribeActivationsPagesWithContext(ctx, input, func(page *ssm.DescribeActivationsOutput, lastPage bool) bool {
-		if page == nil {
-			return !lastPage
-		}
-
-		for _, v := range page.ActivationList {
-			if v != nil {
-				output = append(output, v)
-			}
-		}
-
-		return !lastPage
-	})
+func findActivation(ctx context.Context, conn *ssm.Client, input *ssm.DescribeActivationsInput) (*awstypes.Activation, error) {
+	output, err := findActivations(ctx, conn, input)
 
 	if err != nil {
 		return nil, err
 	}
 
-	if len(output) == 0 || output[0] == nil {
-		return nil, tfresource.NewEmptyResultError(input)
-	}
+	return tfresource.AssertSingleValueResult(output)
+}
+
+func findActivations(ctx context.Context, conn *ssm.Client, input *ssm.DescribeActivationsInput) ([]awstypes.Activation, error) {
+	var output []awstypes.Activation
+
+	pages := ssm.NewDescribeActivationsPaginator(conn, input)
+	for pages.HasMorePages() {
+		page, err := pages.NextPage(ctx)
+
+		if err != nil {
+			return nil, err
+		}
 
-	if count := len(output); count > 1 {
-		return nil, tfresource.NewTooManyResultsError(count, input)
+		output = append(output, page.ActivationList...)
 	}
 
-	return output[0], nil
+	return output, nil
 }
diff --git a/internal/service/ssm/activation_test.go b/internal/service/ssm/activation_test.go
@@ -9,7 +9,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/aws/aws-sdk-go/service/ssm"
+	awstypes "github.com/aws/aws-sdk-go-v2/service/ssm/types"
 	sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
 	"github.com/hashicorp/terraform-plugin-testing/terraform"
@@ -22,7 +22,7 @@ import (
 
 func TestAccSSMActivation_basic(t *testing.T) {
 	ctx := acctest.Context(t)
-	var ssmActivation ssm.Activation
+	var ssmActivation awstypes.Activation
 	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	roleName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	resourceName := "aws_ssm_activation.test"
@@ -56,7 +56,7 @@ func TestAccSSMActivation_basic(t *testing.T) {
 
 func TestAccSSMActivation_tags(t *testing.T) {
 	ctx := acctest.Context(t)
-	var ssmActivation ssm.Activation
+	var ssmActivation awstypes.Activation
 	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	roleName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	resourceName := "aws_ssm_activation.test"
@@ -91,7 +91,7 @@ func TestAccSSMActivation_tags(t *testing.T) {
 
 func TestAccSSMActivation_expirationDate(t *testing.T) {
 	ctx := acctest.Context(t)
-	var ssmActivation ssm.Activation
+	var ssmActivation awstypes.Activation
 	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	roleName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	expirationDate := time.Now().Add(48 * time.Hour).UTC().Format(time.RFC3339)
@@ -124,7 +124,7 @@ func TestAccSSMActivation_expirationDate(t *testing.T) {
 
 func TestAccSSMActivation_disappears(t *testing.T) {
 	ctx := acctest.Context(t)
-	var ssmActivation ssm.Activation
+	var ssmActivation awstypes.Activation
 	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	roleName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	resourceName := "aws_ssm_activation.test"
@@ -147,18 +147,14 @@ func TestAccSSMActivation_disappears(t *testing.T) {
 	})
 }
 
-func testAccCheckActivationExists(ctx context.Context, n string, v *ssm.Activation) resource.TestCheckFunc {
+func testAccCheckActivationExists(ctx context.Context, n string, v *awstypes.Activation) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[n]
 		if !ok {
 			return fmt.Errorf("Not found: %s", n)
 		}
 
-		if rs.Primary.ID == "" {
-			return fmt.Errorf("No SSM Activation ID is set")
-		}
-
-		conn := acctest.Provider.Meta().(*conns.AWSClient).SSMConn(ctx)
+		conn := acctest.Provider.Meta().(*conns.AWSClient).SSMClient(ctx)
 
 		output, err := tfssm.FindActivationByID(ctx, conn, rs.Primary.ID)
 
@@ -174,7 +170,7 @@ func testAccCheckActivationExists(ctx context.Context, n string, v *ssm.Activati
 
 func testAccCheckActivationDestroy(ctx context.Context) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
-		conn := acctest.Provider.Meta().(*conns.AWSClient).SSMConn(ctx)
+		conn := acctest.Provider.Meta().(*conns.AWSClient).SSMClient(ctx)
 
 		for _, rs := range s.RootModule().Resources {
 			if rs.Type != "aws_ssm_activation" {