diff --git a/.changelog/43715.txt b/.changelog/43715.txt new file mode 100644 index 000000000000..ebee35e8787e --- /dev/null +++ b/.changelog/43715.txt @@ -0,0 +1,7 @@ +```release-note:new-resource +aws_odb_network +``` + +```release-note:new-data-source +aws_odb_network +``` \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index d618b86a33aa..42d12d2d1f62 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,9 @@ FEATURES: +* **New Data Source:** `aws_odb_cloud_exadata_infrastructure` ([#43650](https://github.com/hashicorp/terraform-provider-aws/issues/43650)) * **New Resource:** `aws_controltower_baseline` ([#42397](https://github.com/hashicorp/terraform-provider-aws/issues/42397)) +* **New Resource:** `aws_odb_cloud_exadata_infrastructure` ([#43650](https://github.com/hashicorp/terraform-provider-aws/issues/43650)) ENHANCEMENTS: diff --git a/docs/ai-agent-guides/parameterized-resource-identity.md b/docs/ai-agent-guides/parameterized-resource-identity.md index 7a70eb8bdd1c..2ea2b5bbf26f 100644 --- a/docs/ai-agent-guides/parameterized-resource-identity.md +++ b/docs/ai-agent-guides/parameterized-resource-identity.md @@ -94,8 +94,8 @@ resource "" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. ```` - The instructions for importing by `identity`, including the identity schema, should appear before instructions for import blocks with an `id` argument or importing via the CLI. diff --git a/examples/odb/odb_network.tf b/examples/odb/odb_network.tf new file mode 100644 index 000000000000..1871e0f32a0e --- /dev/null +++ b/examples/odb/odb_network.tf @@ -0,0 +1,29 @@ +# Copyright (c) HashiCorp, Inc. +# SPDX-License-Identifier: MPL-2.0 + + +# odb network without managed service +resource "aws_odb_network" "test_1" { + display_name = "odb-my-net" + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "DISABLED" + zero_etl_access = "DISABLED" + tags = { + "env" = "dev" + } +} + +# odb network with managed service +resource "aws_odb_network" "test_2" { + display_name = "odb-my-net" + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "ENABLED" + zero_etl_access = "ENABLED" + tags = { + "env" = "dev" + } +} \ No newline at end of file diff --git a/internal/service/odb/network.go b/internal/service/odb/network.go new file mode 100644 index 000000000000..4fdda38c7dd7 --- /dev/null +++ b/internal/service/odb/network.go @@ -0,0 +1,717 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package odb + +import ( + "context" + "errors" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/odb" + odbtypes "github.com/aws/aws-sdk-go-v2/service/odb/types" + "github.com/hashicorp/terraform-plugin-framework-timeouts/resource/timeouts" + "github.com/hashicorp/terraform-plugin-framework-timetypes/timetypes" + "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator" + "github.com/hashicorp/terraform-plugin-framework/path" + "github.com/hashicorp/terraform-plugin-framework/resource" + "github.com/hashicorp/terraform-plugin-framework/resource/schema" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" + "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" + "github.com/hashicorp/terraform-plugin-framework/schema/validator" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" + "github.com/hashicorp/terraform-provider-aws/internal/create" + "github.com/hashicorp/terraform-provider-aws/internal/enum" + "github.com/hashicorp/terraform-provider-aws/internal/errs" + "github.com/hashicorp/terraform-provider-aws/internal/errs/fwdiag" + "github.com/hashicorp/terraform-provider-aws/internal/framework" + "github.com/hashicorp/terraform-provider-aws/internal/framework/flex" + fwtypes "github.com/hashicorp/terraform-provider-aws/internal/framework/types" + tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" +) + +// @FrameworkResource("aws_odb_network", name="Network") +// @Tags(identifierAttribute="arn") +func newResourceNetwork(_ context.Context) (resource.ResourceWithConfigure, error) { + r := &resourceNetwork{} + r.SetDefaultCreateTimeout(24 * time.Hour) + r.SetDefaultUpdateTimeout(24 * time.Hour) + r.SetDefaultDeleteTimeout(24 * time.Hour) + + return r, nil +} + +const ( + ResNameNetwork = "Odb Network" +) + +type resourceNetwork struct { + framework.ResourceWithModel[odbNetworkResourceModel] + framework.WithTimeouts + framework.WithImportByID +} + +var OracleDBNetwork = newResourceNetwork +var managedServiceTimeout = 15 * time.Minute + +func (r *resourceNetwork) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) { + statusType := fwtypes.StringEnumType[odbtypes.ResourceStatus]() + stringLengthBetween1And255Validator := []validator.String{ + stringvalidator.LengthBetween(1, 255), + } + resp.Schema = schema.Schema{ + Attributes: map[string]schema.Attribute{ + names.AttrARN: framework.ARNAttributeComputedOnly(), + names.AttrID: framework.IDAttribute(), + names.AttrDisplayName: schema.StringAttribute{ + Required: true, + Description: "The user-friendly name for the odb network. Changing this will force terraform to create a new resource.", + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + }, + names.AttrAvailabilityZone: schema.StringAttribute{ + Optional: true, + Computed: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + stringplanmodifier.UseStateForUnknown(), + }, + Description: "The name of the Availability Zone (AZ) where the odb network is located. Changing this will force terraform to create new resource", + }, + "availability_zone_id": schema.StringAttribute{ + Required: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + Description: "The AZ ID of the AZ where the ODB network is located. Changing this will force terraform to create new resource.", + }, + "client_subnet_cidr": schema.StringAttribute{ + Required: true, + Validators: stringLengthBetween1And255Validator, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + Description: "The CIDR notation for the network resource. Changing this will force terraform to create new resource.\n" + + " Constraints:\n " + + "\t - Must not overlap with the CIDR range of the backup subnet.\n " + + "\t- Must not overlap with the CIDR ranges of the VPCs that are connected to the\n " + + " ODB network.\n " + + "\t- Must not use the following CIDR ranges that are reserved by OCI:\n " + + "\t - 100.106.0.0/16 and 100.107.0.0/16\n " + + "\t - 169.254.0.0/16\n " + + "\t- 224.0.0.0 - 239.255.255.255\n " + + "\t- 240.0.0.0 - 255.255.255.255", + }, + "backup_subnet_cidr": schema.StringAttribute{ + Required: true, + Validators: stringLengthBetween1And255Validator, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + Description: "The CIDR range of the backup subnet for the ODB network. Changing this will force terraform to create new resource.\n" + + "\tConstraints:\n" + + "\t - Must not overlap with the CIDR range of the client subnet.\n" + + "\t - Must not overlap with the CIDR ranges of the VPCs that are connected to the\n" + + "\t ODB network.\n" + + "\t - Must not use the following CIDR ranges that are reserved by OCI:\n" + + "\t - 100.106.0.0/16 and 100.107.0.0/16\n" + + "\t - 169.254.0.0/16\n" + + "\t - 224.0.0.0 - 239.255.255.255\n" + + "\t - 240.0.0.0 - 255.255.255.255", + }, + + "custom_domain_name": schema.StringAttribute{ + Optional: true, + Validators: stringLengthBetween1And255Validator, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + Description: "The name of the custom domain that the network is located. custom_domain_name and default_dns_prefix both can't be given.", + }, + "default_dns_prefix": schema.StringAttribute{ + Optional: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.RequiresReplace(), + }, + Description: "The default DNS prefix for the network resource. Changing this will force terraform to create new resource.", + }, + "s3_access": schema.StringAttribute{ + Required: true, + CustomType: fwtypes.StringEnumType[odbtypes.Access](), + Description: "Specifies the configuration for Amazon S3 access from the ODB network.", + }, + "zero_etl_access": schema.StringAttribute{ + Required: true, + CustomType: fwtypes.StringEnumType[odbtypes.Access](), + Description: "Specifies the configuration for Zero-ETL access from the ODB network.", + }, + "s3_policy_document": schema.StringAttribute{ + Optional: true, + PlanModifiers: []planmodifier.String{ + stringplanmodifier.UseStateForUnknown(), + }, + Description: "Specifies the endpoint policy for Amazon S3 access from the ODB network.", + }, + "oci_dns_forwarding_configs": schema.ListAttribute{ + CustomType: fwtypes.NewListNestedObjectTypeOf[odbNwkOciDnsForwardingConfigResourceModel](ctx), + Computed: true, + Description: "The DNS resolver endpoint in OCI for forwarding DNS queries for the ociPrivateZone domain.", + }, + "peered_cidrs": schema.SetAttribute{ + CustomType: fwtypes.SetOfStringType, + ElementType: types.StringType, + Computed: true, + Description: "The list of CIDR ranges from the peered VPC that are allowed access to the ODB network. Please refer odb network peering documentation.", + }, + "oci_network_anchor_id": schema.StringAttribute{ + Computed: true, + Description: "The unique identifier of the OCI network anchor for the ODB network.", + }, + "oci_network_anchor_url": schema.StringAttribute{ + Computed: true, + Description: "The URL of the OCI network anchor for the ODB network.", + }, + "oci_resource_anchor_name": schema.StringAttribute{ + Computed: true, + Description: "The name of the OCI resource anchor for the ODB network.", + }, + "oci_vcn_id": schema.StringAttribute{ + Computed: true, + Description: "The unique identifier Oracle Cloud ID (OCID) of the OCI VCN for the ODB network.", + }, + "oci_vcn_url": schema.StringAttribute{ + Computed: true, + Description: "The URL of the OCI VCN for the ODB network.", + }, + "percent_progress": schema.Float32Attribute{ + Computed: true, + Description: "The amount of progress made on the current operation on the ODB network, expressed as a percentage.", + }, + names.AttrStatus: schema.StringAttribute{ + CustomType: statusType, + Computed: true, + Description: "The status of the network resource.", + }, + names.AttrStatusReason: schema.StringAttribute{ + Computed: true, + Description: "Additional information about the current status of the ODB network.", + }, + names.AttrCreatedAt: schema.StringAttribute{ + Computed: true, + CustomType: timetypes.RFC3339Type{}, + Description: "The date and time when the ODB network was created.", + }, + "managed_services": schema.ListAttribute{ + Computed: true, + CustomType: fwtypes.NewListNestedObjectTypeOf[odbNetworkManagedServicesResourceModel](ctx), + Description: "The managed services configuration for the ODB network.", + }, + names.AttrTags: tftags.TagsAttribute(), + names.AttrTagsAll: tftags.TagsAttributeComputedOnly(), + }, + Blocks: map[string]schema.Block{ + names.AttrTimeouts: timeouts.Block(ctx, timeouts.Opts{ + Create: true, + Update: true, + Delete: true, + }), + }, + } +} + +func (r *resourceNetwork) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { + conn := r.Meta().ODBClient(ctx) + var plan odbNetworkResourceModel + resp.Diagnostics.Append(req.Plan.Get(ctx, &plan)...) + if resp.Diagnostics.HasError() { + return + } + + input := odb.CreateOdbNetworkInput{ + Tags: getTagsIn(ctx), + } + + resp.Diagnostics.Append(flex.Expand(ctx, plan, &input)...) + if resp.Diagnostics.HasError() { + return + } + out, err := conn.CreateOdbNetwork(ctx, &input) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionCreating, ResNameNetwork, plan.DisplayName.String(), err), + err.Error(), + ) + return + } + if out == nil || out.OdbNetworkId == nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionCreating, ResNameNetwork, plan.DisplayName.String(), nil), + errors.New("empty output").Error(), + ) + return + } + + createTimeout := r.CreateTimeout(ctx, plan.Timeouts) + _, err = waitNetworkCreated(ctx, conn, *out.OdbNetworkId, createTimeout) + resp.Diagnostics.Append(resp.State.SetAttribute(ctx, path.Root(names.AttrID), aws.ToString(out.OdbNetworkId))...) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionWaitingForCreation, ResNameNetwork, plan.DisplayName.String(), err), + err.Error(), + ) + return + } + //wait for zero etl access + _, err = waitForManagedService(ctx, plan.ZeroEtlAccess.ValueEnum(), conn, *out.OdbNetworkId, managedServiceTimeout, func(managedService *odbtypes.ManagedServices) odbtypes.ManagedResourceStatus { + return managedService.ZeroEtlAccess.Status + }) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionWaitingForUpdate, ResNameNetwork, plan.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + //wait for s3 access + createdOdbNetwork, err := waitForManagedService(ctx, plan.S3Access.ValueEnum(), conn, *out.OdbNetworkId, managedServiceTimeout, func(managedService *odbtypes.ManagedServices) odbtypes.ManagedResourceStatus { + return managedService.S3Access.Status + }) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionWaitingForUpdate, ResNameNetwork, plan.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + //since zero_etl_access, s3_access and s3_policy_document are not returned directly by underlying API we need to set it. + readZeroEtlAccessStatus, err := mapManagedServiceStatusToAccessStatus(createdOdbNetwork.ManagedServices.ZeroEtlAccess.Status) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, plan.DisplayName.String(), err), + err.Error(), + ) + return + } + plan.ZeroEtlAccess = fwtypes.StringEnumValue(readZeroEtlAccessStatus) + + readS3AccessStatus, err := mapManagedServiceStatusToAccessStatus(createdOdbNetwork.ManagedServices.S3Access.Status) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, plan.DisplayName.String(), err), + err.Error(), + ) + return + } + plan.S3Access = fwtypes.StringEnumValue(readS3AccessStatus) + plan.S3PolicyDocument = types.StringPointerValue(createdOdbNetwork.ManagedServices.S3Access.S3PolicyDocument) + + resp.Diagnostics.Append(flex.Flatten(ctx, createdOdbNetwork, &plan)...) + if resp.Diagnostics.HasError() { + return + } + resp.Diagnostics.Append(resp.State.Set(ctx, plan)...) +} + +func (r *resourceNetwork) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { + conn := r.Meta().ODBClient(ctx) + var state odbNetworkResourceModel + resp.Diagnostics.Append(req.State.Get(ctx, &state)...) + if resp.Diagnostics.HasError() { + return + } + + out, err := FindOracleDBNetworkResourceByID(ctx, conn, state.OdbNetworkId.ValueString()) + if tfresource.NotFound(err) { + resp.Diagnostics.Append(fwdiag.NewResourceNotFoundWarningDiagnostic(err)) + resp.State.RemoveResource(ctx) + return + } + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, state.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + if out.ManagedServices == nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, state.OdbNetworkId.String(), errors.New("odbNetwork managed service not found")), + "Odb Network managed service cannot be nil", + ) + return + } else { + readS3AccessStatus, err := mapManagedServiceStatusToAccessStatus(out.ManagedServices.S3Access.Status) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, state.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + state.S3Access = fwtypes.StringEnumValue(readS3AccessStatus) + state.S3PolicyDocument = types.StringPointerValue(out.ManagedServices.S3Access.S3PolicyDocument) + + readZeroEtlAccessStatus, err := mapManagedServiceStatusToAccessStatus(out.ManagedServices.ZeroEtlAccess.Status) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, state.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + state.ZeroEtlAccess = fwtypes.StringEnumValue(readZeroEtlAccessStatus) + } + resp.Diagnostics.Append(flex.Flatten(ctx, out, &state)...) + if resp.Diagnostics.HasError() { + return + } + resp.Diagnostics.Append(resp.State.Set(ctx, &state)...) +} + +func (r *resourceNetwork) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { + conn := r.Meta().ODBClient(ctx) + var plan, state odbNetworkResourceModel + resp.Diagnostics.Append(req.Plan.Get(ctx, &plan)...) + resp.Diagnostics.Append(req.State.Get(ctx, &state)...) + if resp.Diagnostics.HasError() { + return + } + + diff, d := flex.Diff(ctx, plan, state) + resp.Diagnostics.Append(d...) + if resp.Diagnostics.HasError() { + return + } + if diff.HasChanges() { + var input odb.UpdateOdbNetworkInput + resp.Diagnostics.Append(flex.Expand(ctx, plan, &input)...) + out, err := conn.UpdateOdbNetwork(ctx, &input) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionUpdating, ResNameNetwork, plan.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + if out == nil || out.OdbNetworkId == nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionUpdating, ResNameNetwork, plan.OdbNetworkId.String(), nil), + errors.New("empty output").Error(), + ) + return + } + } + + updateTimeout := r.UpdateTimeout(ctx, plan.Timeouts) + _, err := waitNetworkUpdated(ctx, conn, plan.OdbNetworkId.ValueString(), updateTimeout) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionWaitingForUpdate, ResNameNetwork, plan.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + + //zero ETL access + _, err = waitForManagedService(ctx, plan.ZeroEtlAccess.ValueEnum(), conn, plan.OdbNetworkId.ValueString(), managedServiceTimeout, func(managedService *odbtypes.ManagedServices) odbtypes.ManagedResourceStatus { + return managedService.ZeroEtlAccess.Status + }) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionWaitingForUpdate, ResNameNetwork, plan.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + + //s3 access + updatedOdbNwk, err := waitForManagedService(ctx, plan.S3Access.ValueEnum(), conn, plan.OdbNetworkId.ValueString(), managedServiceTimeout, func(managedService *odbtypes.ManagedServices) odbtypes.ManagedResourceStatus { + return managedService.S3Access.Status + }) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionWaitingForUpdate, ResNameNetwork, plan.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + + readS3AccessStatus, err := mapManagedServiceStatusToAccessStatus(updatedOdbNwk.ManagedServices.S3Access.Status) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, state.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + plan.S3Access = fwtypes.StringEnumValue(readS3AccessStatus) + plan.S3PolicyDocument = types.StringPointerValue(updatedOdbNwk.ManagedServices.S3Access.S3PolicyDocument) + + readZeroEtlAccessStatus, err := mapManagedServiceStatusToAccessStatus(updatedOdbNwk.ManagedServices.ZeroEtlAccess.Status) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, ResNameNetwork, state.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + plan.ZeroEtlAccess = fwtypes.StringEnumValue(readZeroEtlAccessStatus) + + resp.Diagnostics.Append(flex.Flatten(ctx, updatedOdbNwk, &plan)...) + resp.Diagnostics.Append(resp.State.Set(ctx, &plan)...) +} + +func (r *resourceNetwork) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { + conn := r.Meta().ODBClient(ctx) + var state odbNetworkResourceModel + resp.Diagnostics.Append(req.State.Get(ctx, &state)...) + if resp.Diagnostics.HasError() { + return + } + + deleteAssociatedResources := false + input := odb.DeleteOdbNetworkInput{ + OdbNetworkId: state.OdbNetworkId.ValueStringPointer(), + DeleteAssociatedResources: &deleteAssociatedResources, + } + + _, err := conn.DeleteOdbNetwork(ctx, &input) + + if err != nil { + if errs.IsA[*odbtypes.ResourceNotFoundException](err) { + return + } + + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionDeleting, ResNameNetwork, state.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + + deleteTimeout := r.DeleteTimeout(ctx, state.Timeouts) + _, err = waitNetworkDeleted(ctx, conn, state.OdbNetworkId.ValueString(), deleteTimeout) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionWaitingForDeletion, ResNameNetwork, state.OdbNetworkArn.String(), err), + err.Error(), + ) + return + } +} + +func waitNetworkCreated(ctx context.Context, conn *odb.Client, id string, timeout time.Duration) (*odbtypes.OdbNetwork, error) { + stateConf := &retry.StateChangeConf{ + Pending: enum.Slice(odbtypes.ResourceStatusProvisioning), + Target: enum.Slice(odbtypes.ResourceStatusAvailable, odbtypes.ResourceStatusFailed), + Refresh: statusNetwork(ctx, conn, id), + Timeout: timeout, + } + + outputRaw, err := stateConf.WaitForStateContext(ctx) + if out, ok := outputRaw.(*odbtypes.OdbNetwork); ok { + return out, err + } + + return nil, err +} + +func waitForManagedService(ctx context.Context, targetStatus odbtypes.Access, conn *odb.Client, id string, timeout time.Duration, managedResourceStatus func(managedService *odbtypes.ManagedServices) odbtypes.ManagedResourceStatus) (*odbtypes.OdbNetwork, error) { + switch targetStatus { + case odbtypes.AccessEnabled: + stateConf := &retry.StateChangeConf{ + Pending: enum.Slice(odbtypes.ManagedResourceStatusEnabling), + Target: enum.Slice(odbtypes.ManagedResourceStatusEnabled), + Refresh: statusManagedService(ctx, conn, id, managedResourceStatus), + Timeout: timeout, + } + outputRaw, err := stateConf.WaitForStateContext(ctx) + if out, ok := outputRaw.(*odbtypes.OdbNetwork); ok { + return out, err + } + return nil, err + case odbtypes.AccessDisabled: + stateConf := &retry.StateChangeConf{ + Pending: enum.Slice(odbtypes.ManagedResourceStatusDisabling), + Target: enum.Slice(odbtypes.ManagedResourceStatusDisabled), + Refresh: statusManagedService(ctx, conn, id, managedResourceStatus), + Timeout: timeout, + } + outputRaw, err := stateConf.WaitForStateContext(ctx) + if out, ok := outputRaw.(*odbtypes.OdbNetwork); ok { + return out, err + } + return nil, err + default: + return nil, errors.New("odb network invalid manged service status") + } +} + +func statusManagedService(ctx context.Context, conn *odb.Client, id string, managedResourceStatus func(managedService *odbtypes.ManagedServices) odbtypes.ManagedResourceStatus) retry.StateRefreshFunc { + return func() (any, string, error) { + out, err := FindOracleDBNetworkResourceByID(ctx, conn, id) + + if err != nil { + return nil, "", err + } + + if out.ManagedServices == nil { + return nil, "", nil + } + + return out, string(managedResourceStatus(out.ManagedServices)), nil + } +} + +func waitNetworkUpdated(ctx context.Context, conn *odb.Client, id string, timeout time.Duration) (*odbtypes.OdbNetwork, error) { + stateConf := &retry.StateChangeConf{ + Pending: enum.Slice(odbtypes.ResourceStatusUpdating), + Target: enum.Slice(odbtypes.ResourceStatusAvailable, odbtypes.ResourceStatusFailed), + Refresh: statusNetwork(ctx, conn, id), + Timeout: timeout, + } + + outputRaw, err := stateConf.WaitForStateContext(ctx) + if out, ok := outputRaw.(*odbtypes.OdbNetwork); ok { + return out, err + } + + return nil, err +} + +func waitNetworkDeleted(ctx context.Context, conn *odb.Client, id string, timeout time.Duration) (*odbtypes.OdbNetwork, error) { + stateConf := &retry.StateChangeConf{ + Pending: enum.Slice(odbtypes.ResourceStatusTerminating), + Target: []string{}, + Refresh: statusNetwork(ctx, conn, id), + Timeout: timeout, + } + + outputRaw, err := stateConf.WaitForStateContext(ctx) + if out, ok := outputRaw.(*odbtypes.OdbNetwork); ok { + return out, err + } + + return nil, err +} + +func statusNetwork(ctx context.Context, conn *odb.Client, id string) retry.StateRefreshFunc { + return func() (any, string, error) { + out, err := FindOracleDBNetworkResourceByID(ctx, conn, id) + if tfresource.NotFound(err) { + return nil, "", nil + } + + if err != nil { + return nil, "", err + } + + return out, string(out.Status), nil + } +} + +func mapManagedServiceStatusToAccessStatus(mangedStatus odbtypes.ManagedResourceStatus) (odbtypes.Access, error) { + if mangedStatus == odbtypes.ManagedResourceStatusDisabled { + return odbtypes.AccessDisabled, nil + } + if mangedStatus == odbtypes.ManagedResourceStatusEnabled { + return odbtypes.AccessEnabled, nil + } + return "", errors.New("can not convert managed status to access status") +} + +func FindOracleDBNetworkResourceByID(ctx context.Context, conn *odb.Client, id string) (*odbtypes.OdbNetwork, error) { + input := odb.GetOdbNetworkInput{ + OdbNetworkId: aws.String(id), + } + + out, err := conn.GetOdbNetwork(ctx, &input) + if err != nil { + if errs.IsA[*odbtypes.ResourceNotFoundException](err) { + return nil, &retry.NotFoundError{ + LastError: err, + LastRequest: &input, + } + } + + return nil, err + } + + if out == nil || out.OdbNetwork == nil { + return nil, tfresource.NewEmptyResultError(&input) + } + + return out.OdbNetwork, nil +} + +type odbNetworkResourceModel struct { + framework.WithRegionModel + DisplayName types.String `tfsdk:"display_name"` + AvailabilityZone types.String `tfsdk:"availability_zone"` + AvailabilityZoneId types.String `tfsdk:"availability_zone_id"` + ClientSubnetCidr types.String `tfsdk:"client_subnet_cidr"` + BackupSubnetCidr types.String `tfsdk:"backup_subnet_cidr"` + CustomDomainName types.String `tfsdk:"custom_domain_name"` + DefaultDnsPrefix types.String `tfsdk:"default_dns_prefix"` + S3Access fwtypes.StringEnum[odbtypes.Access] `tfsdk:"s3_access" autoflex:",noflatten"` + ZeroEtlAccess fwtypes.StringEnum[odbtypes.Access] `tfsdk:"zero_etl_access" autoflex:",noflatten"` + S3PolicyDocument types.String `tfsdk:"s3_policy_document" autoflex:",noflatten"` + OdbNetworkId types.String `tfsdk:"id"` + PeeredCidrs fwtypes.SetValueOf[types.String] `tfsdk:"peered_cidrs"` + OciDnsForwardingConfigs fwtypes.ListNestedObjectValueOf[odbNwkOciDnsForwardingConfigResourceModel] `tfsdk:"oci_dns_forwarding_configs"` + OciNetworkAnchorId types.String `tfsdk:"oci_network_anchor_id"` + OciNetworkAnchorUrl types.String `tfsdk:"oci_network_anchor_url"` + OciResourceAnchorName types.String `tfsdk:"oci_resource_anchor_name"` + OciVcnId types.String `tfsdk:"oci_vcn_id"` + OciVcnUrl types.String `tfsdk:"oci_vcn_url"` + OdbNetworkArn types.String `tfsdk:"arn"` + PercentProgress types.Float32 `tfsdk:"percent_progress"` + Status fwtypes.StringEnum[odbtypes.ResourceStatus] `tfsdk:"status"` + StatusReason types.String `tfsdk:"status_reason"` + Timeouts timeouts.Value `tfsdk:"timeouts"` + ManagedServices fwtypes.ListNestedObjectValueOf[odbNetworkManagedServicesResourceModel] `tfsdk:"managed_services"` + CreatedAt timetypes.RFC3339 `tfsdk:"created_at"` + Tags tftags.Map `tfsdk:"tags"` + TagsAll tftags.Map `tfsdk:"tags_all"` +} + +type odbNwkOciDnsForwardingConfigResourceModel struct { + DomainName types.String `tfsdk:"domain_name"` + OciDnsListenerIp types.String `tfsdk:"oci_dns_listener_ip"` +} +type odbNetworkManagedServicesResourceModel struct { + ServiceNetworkArn types.String `tfsdk:"service_network_arn"` + ResourceGatewayArn types.String `tfsdk:"resource_gateway_arn"` + ManagedServicesIpv4Cidrs fwtypes.SetOfString `tfsdk:"managed_service_ipv4_cidrs"` + ServiceNetworkEndpoint fwtypes.ListNestedObjectValueOf[serviceNetworkEndpointOdbNetworkResourceModel] `tfsdk:"service_network_endpoint"` + ManagedS3BackupAccess fwtypes.ListNestedObjectValueOf[managedS3BackupAccessOdbNetworkResourceModel] `tfsdk:"managed_s3_backup_access"` + ZeroEtlAccess fwtypes.ListNestedObjectValueOf[zeroEtlAccessOdbNetworkResourceModel] `tfsdk:"zero_etl_access"` + S3Access fwtypes.ListNestedObjectValueOf[s3AccessOdbNetworkResourceModel] `tfsdk:"s3_access"` +} + +type serviceNetworkEndpointOdbNetworkResourceModel struct { + VpcEndpointId types.String `tfsdk:"vpc_endpoint_id"` + VpcEndpointType fwtypes.StringEnum[odbtypes.VpcEndpointType] `tfsdk:"vpc_endpoint_type"` +} + +type managedS3BackupAccessOdbNetworkResourceModel struct { + Status fwtypes.StringEnum[odbtypes.ManagedResourceStatus] `tfsdk:"status"` + Ipv4Addresses fwtypes.SetOfString `tfsdk:"ipv4_addresses"` +} + +type zeroEtlAccessOdbNetworkResourceModel struct { + Status fwtypes.StringEnum[odbtypes.ManagedResourceStatus] `tfsdk:"status"` + Cidr types.String `tfsdk:"cidr"` +} + +type s3AccessOdbNetworkResourceModel struct { + Status fwtypes.StringEnum[odbtypes.ManagedResourceStatus] `tfsdk:"status"` + Ipv4Addresses fwtypes.SetOfString `tfsdk:"ipv4_addresses"` + DomainName types.String `tfsdk:"domain_name"` + S3PolicyDocument types.String `tfsdk:"s3_policy_document"` +} diff --git a/internal/service/odb/network_data_source.go b/internal/service/odb/network_data_source.go new file mode 100644 index 000000000000..ace95d25f9ca --- /dev/null +++ b/internal/service/odb/network_data_source.go @@ -0,0 +1,220 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package odb + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/service/odb" + odbtypes "github.com/aws/aws-sdk-go-v2/service/odb/types" + "github.com/hashicorp/terraform-plugin-framework-timetypes/timetypes" + "github.com/hashicorp/terraform-plugin-framework/datasource" + "github.com/hashicorp/terraform-plugin-framework/datasource/schema" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-provider-aws/internal/create" + "github.com/hashicorp/terraform-provider-aws/internal/framework" + "github.com/hashicorp/terraform-provider-aws/internal/framework/flex" + fwtypes "github.com/hashicorp/terraform-provider-aws/internal/framework/types" + tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" + "github.com/hashicorp/terraform-provider-aws/names" +) + +// @FrameworkDataSource("aws_odb_network", name="Network") +// @Tags(identifierAttribute="arn") +func newDataSourceNetwork(context.Context) (datasource.DataSourceWithConfigure, error) { + return &dataSourceNetwork{}, nil +} + +const ( + DSNameNetwork = "Odb Network Data Source" +) + +type dataSourceNetwork struct { + framework.DataSourceWithModel[odbNetworkDataSourceModel] +} + +func (d *dataSourceNetwork) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) { + statusType := fwtypes.StringEnumType[odbtypes.ResourceStatus]() + resp.Schema = schema.Schema{ + Attributes: map[string]schema.Attribute{ + names.AttrARN: framework.ARNAttributeComputedOnly(), + names.AttrID: schema.StringAttribute{ + Required: true, + }, + names.AttrDisplayName: schema.StringAttribute{ + Computed: true, + Description: "Display name for the network resource.", + }, + "availability_zone_id": schema.StringAttribute{ + Computed: true, + Description: "The AZ ID of the AZ where the ODB network is located.", + }, + names.AttrAvailabilityZone: schema.StringAttribute{ + Computed: true, + Description: "The availability zone where the ODB network is located.", + }, + "backup_subnet_cidr": schema.StringAttribute{ + Computed: true, + Description: " The CIDR range of the backup subnet for the ODB network.", + }, + "client_subnet_cidr": schema.StringAttribute{ + Computed: true, + Description: "The CIDR notation for the network resource.", + }, + "custom_domain_name": schema.StringAttribute{ + Computed: true, + Description: "The name of the custom domain that the network is located.", + }, + "default_dns_prefix": schema.StringAttribute{ + Computed: true, + Description: "The default DNS prefix for the network resource.", + }, + "oci_network_anchor_id": schema.StringAttribute{ + Computed: true, + Description: "The unique identifier of the OCI network anchor for the ODB network.", + }, + "oci_network_anchor_url": schema.StringAttribute{ + Computed: true, + Description: "The URL of the OCI network anchor for the ODB network.", + }, + "oci_resource_anchor_name": schema.StringAttribute{ + Computed: true, + Description: "The name of the OCI resource anchor for the ODB network.", + }, + "oci_vcn_id": schema.StringAttribute{ + Computed: true, + Description: "The unique identifier Oracle Cloud ID (OCID) of the OCI VCN for the ODB network.", + }, + "oci_vcn_url": schema.StringAttribute{ + Computed: true, + Description: "The URL of the OCI VCN for the ODB network.", + }, + "percent_progress": schema.Float64Attribute{ + Computed: true, + Description: "The amount of progress made on the current operation on the ODB network, expressed as a percentage.", + }, + "peered_cidrs": schema.SetAttribute{ + CustomType: fwtypes.SetOfStringType, + ElementType: types.StringType, + Computed: true, + Description: "The list of CIDR ranges from the peered VPC that are allowed access to the ODB network. Please refer odb network peering documentation.", + }, + names.AttrStatus: schema.StringAttribute{ + CustomType: statusType, + Computed: true, + Description: "The status of the network resource.", + }, + names.AttrStatusReason: schema.StringAttribute{ + Computed: true, + Description: "Additional information about the current status of the ODB network.", + }, + names.AttrCreatedAt: schema.StringAttribute{ + Computed: true, + CustomType: timetypes.RFC3339Type{}, + Description: "The date and time when the ODB network was created.", + }, + "managed_services": schema.ListAttribute{ + Computed: true, + CustomType: fwtypes.NewListNestedObjectTypeOf[odbNetworkManagedServicesDataSourceModel](ctx), + Description: "The managed services configuration for the ODB network.", + }, + names.AttrTags: tftags.TagsAttributeComputedOnly(), + "oci_dns_forwarding_configs": schema.ListAttribute{ + Computed: true, + CustomType: fwtypes.NewListNestedObjectTypeOf[odbNwkOciDnsForwardingConfigDataSourceModel](ctx), + Description: "The DNS resolver endpoint in OCI for forwarding DNS queries for the ociPrivateZone domain.", + }, + }, + } +} + +func (d *dataSourceNetwork) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) { + conn := d.Meta().ODBClient(ctx) + var data odbNetworkDataSourceModel + resp.Diagnostics.Append(req.Config.Get(ctx, &data)...) + if resp.Diagnostics.HasError() { + return + } + + input := odb.GetOdbNetworkInput{ + OdbNetworkId: data.OdbNetworkId.ValueStringPointer(), + } + + out, err := conn.GetOdbNetwork(ctx, &input) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.ODB, create.ErrActionReading, DSNameNetwork, data.OdbNetworkId.String(), err), + err.Error(), + ) + return + } + resp.Diagnostics.Append(flex.Flatten(ctx, out.OdbNetwork, &data)...) + if resp.Diagnostics.HasError() { + return + } + resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) +} + +type odbNetworkDataSourceModel struct { + framework.WithRegionModel + AvailabilityZone types.String `tfsdk:"availability_zone"` + AvailabilityZoneId types.String `tfsdk:"availability_zone_id"` + BackupSubnetCidr types.String `tfsdk:"backup_subnet_cidr"` + ClientSubnetCidr types.String `tfsdk:"client_subnet_cidr"` + CustomDomainName types.String `tfsdk:"custom_domain_name"` + DefaultDnsPrefix types.String `tfsdk:"default_dns_prefix"` + DisplayName types.String `tfsdk:"display_name"` + OciDnsForwardingConfigs fwtypes.ListNestedObjectValueOf[odbNwkOciDnsForwardingConfigDataSourceModel] `tfsdk:"oci_dns_forwarding_configs"` + OciNetworkAnchorId types.String `tfsdk:"oci_network_anchor_id"` + OciNetworkAnchorUrl types.String `tfsdk:"oci_network_anchor_url"` + OciResourceAnchorName types.String `tfsdk:"oci_resource_anchor_name"` + OciVcnId types.String `tfsdk:"oci_vcn_id"` + OciVcnUrl types.String `tfsdk:"oci_vcn_url"` + OdbNetworkArn types.String `tfsdk:"arn"` + OdbNetworkId types.String `tfsdk:"id"` + PeeredCidrs fwtypes.SetValueOf[types.String] `tfsdk:"peered_cidrs"` + PercentProgress types.Float64 `tfsdk:"percent_progress"` + Status fwtypes.StringEnum[odbtypes.ResourceStatus] `tfsdk:"status"` + StatusReason types.String `tfsdk:"status_reason"` + CreatedAt timetypes.RFC3339 `tfsdk:"created_at"` + ManagedServices fwtypes.ListNestedObjectValueOf[odbNetworkManagedServicesDataSourceModel] `tfsdk:"managed_services"` + Tags tftags.Map `tfsdk:"tags"` +} + +type odbNwkOciDnsForwardingConfigDataSourceModel struct { + DomainName types.String `tfsdk:"domain_name"` + OciDnsListenerIp types.String `tfsdk:"oci_dns_listener_ip"` +} + +type odbNetworkManagedServicesDataSourceModel struct { + ServiceNetworkArn types.String `tfsdk:"service_network_arn"` + ResourceGatewayArn types.String `tfsdk:"resource_gateway_arn"` + ManagedServicesIpv4Cidrs fwtypes.ListOfString `tfsdk:"managed_service_ipv4_cidrs"` + ServiceNetworkEndpoint fwtypes.ListNestedObjectValueOf[serviceNetworkEndpointOdbNetworkDataSourceModel] `tfsdk:"service_network_endpoint"` + ManagedS3BackupAccess fwtypes.ListNestedObjectValueOf[managedS3BackupAccessOdbNetworkDataSourceModel] `tfsdk:"managed_s3_backup_access"` + ZeroEtlAccess fwtypes.ListNestedObjectValueOf[zeroEtlAccessOdbNetworkDataSourceModel] `tfsdk:"zero_tl_access"` + S3Access fwtypes.ListNestedObjectValueOf[s3AccessOdbNetworkDataSourceModel] `tfsdk:"s3_access"` +} + +type serviceNetworkEndpointOdbNetworkDataSourceModel struct { + VpcEndpointId types.String `tfsdk:"vpc_endpoint_id"` + VpcEndpointType fwtypes.StringEnum[odbtypes.VpcEndpointType] `tfsdk:"vpc_endpoint_type"` +} + +type managedS3BackupAccessOdbNetworkDataSourceModel struct { + Status fwtypes.StringEnum[odbtypes.ManagedResourceStatus] `tfsdk:"status"` + Ipv4Addresses fwtypes.ListOfString `tfsdk:"ipv4_addresses"` +} + +type zeroEtlAccessOdbNetworkDataSourceModel struct { + Status fwtypes.StringEnum[odbtypes.ManagedResourceStatus] `tfsdk:"status"` + Cidr types.String `tfsdk:"cidr"` +} + +type s3AccessOdbNetworkDataSourceModel struct { + Status fwtypes.StringEnum[odbtypes.ManagedResourceStatus] `tfsdk:"status"` + Ipv4Addresses fwtypes.ListOfString `tfsdk:"ipv4_addresses"` + DomainName types.String `tfsdk:"domain_name"` + S3PolicyDocument types.String `tfsdk:"s3_policy_document"` +} diff --git a/internal/service/odb/network_data_source_test.go b/internal/service/odb/network_data_source_test.go new file mode 100644 index 000000000000..999f026ed594 --- /dev/null +++ b/internal/service/odb/network_data_source_test.go @@ -0,0 +1,145 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package odb_test + +import ( + "context" + "errors" + "fmt" + "testing" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/odb" + odbtypes "github.com/aws/aws-sdk-go-v2/service/odb/types" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" + sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/terraform" + "github.com/hashicorp/terraform-provider-aws/internal/acctest" + "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/create" + "github.com/hashicorp/terraform-provider-aws/internal/errs" + tfodb "github.com/hashicorp/terraform-provider-aws/internal/service/odb" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" +) + +type oracleDBNetworkDataSourceTest struct { +} + +var oracleDBNetworkDataSourceTestEntity = oracleDBNetworkDataSourceTest{} + +func TestAccODBNetworkDataSource_basic(t *testing.T) { + ctx := acctest.Context(t) + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + networkResource := "aws_odb_network.test_resource" + networkDataSource := "data.aws_odb_network.test" + rName := sdkacctest.RandomWithPrefix("tf-ora-net") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + oracleDBNetworkDataSourceTestEntity.testAccNetworkDataSourcePreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.ODBServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: oracleDBNetworkDataSourceTestEntity.testAccCheckNetworkDataSourceDestroyed(ctx), + Steps: []resource.TestStep{ + { + Config: oracleDBNetworkDataSourceTestEntity.basicNetworkDataSource(rName), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttrPair(networkResource, names.AttrID, networkDataSource, names.AttrID), + ), + }, + }, + }) +} + +func (oracleDBNetworkDataSourceTest) testAccCheckNetworkDataSourceDestroyed(ctx context.Context) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := acctest.Provider.Meta().(*conns.AWSClient).ODBClient(ctx) + + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_odb_network" { + continue + } + _, err := oracleDBNetworkDataSourceTestEntity.findNetwork(ctx, conn, rs.Primary.ID) + if tfresource.NotFound(err) { + return nil + } + if err != nil { + return create.Error(names.ODB, create.ErrActionCheckingDestroyed, tfodb.ResNameNetwork, rs.Primary.ID, err) + } + + return create.Error(names.ODB, create.ErrActionCheckingDestroyed, tfodb.ResNameNetwork, rs.Primary.ID, errors.New("not destroyed")) + } + + return nil + } +} + +func (oracleDBNetworkDataSourceTest) findNetwork(ctx context.Context, conn *odb.Client, id string) (*odbtypes.OdbNetwork, error) { + input := odb.GetOdbNetworkInput{ + OdbNetworkId: aws.String(id), + } + + out, err := conn.GetOdbNetwork(ctx, &input) + if err != nil { + if errs.IsA[*odbtypes.ResourceNotFoundException](err) { + return nil, &retry.NotFoundError{ + LastError: err, + LastRequest: &input, + } + } + + return nil, err + } + + if out == nil || out.OdbNetwork == nil { + return nil, tfresource.NewEmptyResultError(&input) + } + + return out.OdbNetwork, nil +} + +func (oracleDBNetworkDataSourceTest) basicNetworkDataSource(rName string) string { + networkRes := fmt.Sprintf(` + + + + +resource "aws_odb_network" "test_resource" { + display_name = %[1]q + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "DISABLED" + zero_etl_access = "DISABLED" + tags = { + "env" = "dev" + } +} + + +data "aws_odb_network" "test" { + id = aws_odb_network.test_resource.id +} + + +`, rName) + return networkRes +} +func (oracleDBNetworkDataSourceTest) testAccNetworkDataSourcePreCheck(ctx context.Context, t *testing.T) { + conn := acctest.Provider.Meta().(*conns.AWSClient).ODBClient(ctx) + input := odb.ListOdbNetworksInput{} + _, err := conn.ListOdbNetworks(ctx, &input) + if acctest.PreCheckSkipError(err) { + t.Skipf("skipping acceptance testing: %s", err) + } + if err != nil { + t.Fatalf("unexpected PreCheck error: %s", err) + } +} diff --git a/internal/service/odb/network_test.go b/internal/service/odb/network_test.go new file mode 100644 index 000000000000..3b3bad8dda7b --- /dev/null +++ b/internal/service/odb/network_test.go @@ -0,0 +1,423 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package odb_test + +import ( + "context" + "errors" + "fmt" + "strings" + "testing" + + "github.com/aws/aws-sdk-go-v2/service/odb" + odbtypes "github.com/aws/aws-sdk-go-v2/service/odb/types" + sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-plugin-testing/terraform" + "github.com/hashicorp/terraform-provider-aws/internal/acctest" + "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/create" + tfodb "github.com/hashicorp/terraform-provider-aws/internal/service/odb" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" +) + +type oracleDBNetworkResourceTest struct { + displayNamePrefix string +} + +var oracleDBNetworkResourceTestEntity = oracleDBNetworkResourceTest{ + displayNamePrefix: "tf-ora-net", +} + +// Basic test with bare minimum input +func TestAccODBNetworkResource_basic(t *testing.T) { + ctx := acctest.Context(t) + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + + var network odbtypes.OdbNetwork + rName := sdkacctest.RandomWithPrefix(oracleDBNetworkResourceTestEntity.displayNamePrefix) + resourceName := "aws_odb_network.test" + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + oracleDBNetworkResourceTestEntity.testAccPreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.ODBServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: oracleDBNetworkResourceTestEntity.testAccCheckNetworkDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: oracleDBNetworkResourceTestEntity.basicNetwork(rName), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccODBNetworkResource_withAllParams(t *testing.T) { + ctx := acctest.Context(t) + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + + var network1 odbtypes.OdbNetwork + rName := sdkacctest.RandomWithPrefix(oracleDBNetworkResourceTestEntity.displayNamePrefix) + resourceName := "aws_odb_network.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + oracleDBNetworkResourceTestEntity.testAccPreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.ODBServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: oracleDBNetworkResourceTestEntity.testAccCheckNetworkDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: oracleDBNetworkResourceTestEntity.networkWithAllParams(rName, "julia.com"), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network1), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccODBNetworkResource_updateManagedService(t *testing.T) { + ctx := acctest.Context(t) + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + + var network1, network2 odbtypes.OdbNetwork + rName := sdkacctest.RandomWithPrefix(oracleDBNetworkResourceTestEntity.displayNamePrefix) + resourceName := "aws_odb_network.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + oracleDBNetworkResourceTestEntity.testAccPreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.ODBServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: oracleDBNetworkResourceTestEntity.testAccCheckNetworkDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: oracleDBNetworkResourceTestEntity.basicNetwork(rName), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network1), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: oracleDBNetworkResourceTestEntity.basicNetworkWithActiveManagedService(rName), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network2), + resource.ComposeTestCheckFunc(func(state *terraform.State) error { + if strings.Compare(*(network1.OdbNetworkId), *(network2.OdbNetworkId)) != 0 { + return errors.New("should not create a new cloud odb network") + } + return nil + }), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccODBNetworkResource_disableManagedService(t *testing.T) { + ctx := acctest.Context(t) + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + + var network1, network2 odbtypes.OdbNetwork + rName := sdkacctest.RandomWithPrefix(oracleDBNetworkResourceTestEntity.displayNamePrefix) + resourceName := "aws_odb_network.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + oracleDBNetworkResourceTestEntity.testAccPreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.ODBServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: oracleDBNetworkResourceTestEntity.testAccCheckNetworkDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: oracleDBNetworkResourceTestEntity.basicNetworkWithActiveManagedService(rName), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network1), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: oracleDBNetworkResourceTestEntity.basicNetwork(rName), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network2), + resource.ComposeTestCheckFunc(func(state *terraform.State) error { + if strings.Compare(*(network1.OdbNetworkId), *(network2.OdbNetworkId)) != 0 { + return errors.New("should not create a new cloud odb network") + } + return nil + }), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccODBNetworkResource_updateTags(t *testing.T) { + ctx := acctest.Context(t) + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + + var network1, network2 odbtypes.OdbNetwork + rName := sdkacctest.RandomWithPrefix(oracleDBNetworkResourceTestEntity.displayNamePrefix) + resourceName := "aws_odb_network.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + oracleDBNetworkResourceTestEntity.testAccPreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.ODBServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: oracleDBNetworkResourceTestEntity.testAccCheckNetworkDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: oracleDBNetworkResourceTestEntity.basicNetwork(rName), + + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network1), + ), + }, + { + Config: oracleDBNetworkResourceTestEntity.updateNetworkTags(rName), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network2), + resource.ComposeTestCheckFunc(func(state *terraform.State) error { + if strings.Compare(*(network1.OdbNetworkId), *(network2.OdbNetworkId)) != 0 { + return errors.New("should not create a new cloud odb network") + } + return nil + }), + resource.TestCheckResourceAttr(resourceName, acctest.CtTagsPercent, "1"), + resource.TestCheckResourceAttr(resourceName, "tags.env", "dev"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func TestAccODBNetworkResource_disappears(t *testing.T) { + ctx := acctest.Context(t) + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + + var network odbtypes.OdbNetwork + rName := sdkacctest.RandomWithPrefix(oracleDBNetworkResourceTestEntity.displayNamePrefix) + resourceName := "aws_odb_network.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + oracleDBNetworkResourceTestEntity.testAccPreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.ODBServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: oracleDBNetworkResourceTestEntity.testAccCheckNetworkDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: oracleDBNetworkResourceTestEntity.basicNetwork(rName), + Check: resource.ComposeAggregateTestCheckFunc( + oracleDBNetworkResourceTestEntity.testAccCheckNetworkExists(ctx, resourceName, &network), + acctest.CheckFrameworkResourceDisappears(ctx, acctest.Provider, tfodb.OracleDBNetwork, resourceName), + ), + ExpectNonEmptyPlan: true, + }, + }, + }) +} + +func (oracleDBNetworkResourceTest) testAccCheckNetworkDestroy(ctx context.Context) resource.TestCheckFunc { + return func(s *terraform.State) error { + conn := acctest.Provider.Meta().(*conns.AWSClient).ODBClient(ctx) + + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_odb_network" { + continue + } + _, err := tfodb.FindOracleDBNetworkResourceByID(ctx, conn, rs.Primary.ID) + if tfresource.NotFound(err) { + return nil + } + if err != nil { + return create.Error(names.ODB, create.ErrActionCheckingDestroyed, tfodb.ResNameNetwork, rs.Primary.ID, err) + } + + return create.Error(names.ODB, create.ErrActionCheckingDestroyed, tfodb.ResNameNetwork, rs.Primary.ID, errors.New("not destroyed")) + } + + return nil + } +} + +func (oracleDBNetworkResourceTest) testAccCheckNetworkExists(ctx context.Context, name string, network *odbtypes.OdbNetwork) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return create.Error(names.ODB, create.ErrActionCheckingExistence, tfodb.ResNameNetwork, name, errors.New("not found")) + } + + if rs.Primary.ID == "" { + return create.Error(names.ODB, create.ErrActionCheckingExistence, tfodb.ResNameNetwork, name, errors.New("not set")) + } + + conn := acctest.Provider.Meta().(*conns.AWSClient).ODBClient(ctx) + + resp, err := tfodb.FindOracleDBNetworkResourceByID(ctx, conn, rs.Primary.ID) + if err != nil { + return create.Error(names.ODB, create.ErrActionCheckingExistence, tfodb.ResNameNetwork, rs.Primary.ID, err) + } + + *network = *resp + + return nil + } +} + +func (oracleDBNetworkResourceTest) testAccPreCheck(ctx context.Context, t *testing.T) { + conn := acctest.Provider.Meta().(*conns.AWSClient).ODBClient(ctx) + input := odb.ListOdbNetworksInput{} + _, err := conn.ListOdbNetworks(ctx, &input) + if acctest.PreCheckSkipError(err) { + t.Skipf("skipping acceptance testing: %s", err) + } + if err != nil { + t.Fatalf("unexpected PreCheck error: %s", err) + } +} + +func (oracleDBNetworkResourceTest) basicNetwork(rName string) string { + networkRes := fmt.Sprintf(` + + + + +resource "aws_odb_network" "test" { + display_name = %[1]q + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "DISABLED" + zero_etl_access = "DISABLED" +} + + +`, rName) + return networkRes +} + +func (oracleDBNetworkResourceTest) basicNetworkWithActiveManagedService(rName string) string { + networkRes := fmt.Sprintf(` + + + + +resource "aws_odb_network" "test" { + display_name = %[1]q + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "ENABLED" + zero_etl_access = "ENABLED" +} + + +`, rName) + return networkRes +} + +func (oracleDBNetworkResourceTest) networkWithAllParams(rName, customDomainName string) string { + networkRes := fmt.Sprintf(` + + + + +resource "aws_odb_network" "test" { + display_name = %[1]q + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "DISABLED" + zero_etl_access = "DISABLED" + custom_domain_name = %[2]q +} + + +`, rName, customDomainName) + return networkRes +} + +func (oracleDBNetworkResourceTest) updateNetworkTags(rName string) string { + networkRes := fmt.Sprintf(` + + + + +resource "aws_odb_network" "test" { + display_name = %[1]q + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "DISABLED" + zero_etl_access = "DISABLED" + tags = { + "env" = "dev" + } +} +`, rName) + return networkRes +} diff --git a/internal/service/odb/service_package_gen.go b/internal/service/odb/service_package_gen.go index 44c966efc745..952fb1922304 100644 --- a/internal/service/odb/service_package_gen.go +++ b/internal/service/odb/service_package_gen.go @@ -28,6 +28,15 @@ func (p *servicePackage) FrameworkDataSources(ctx context.Context) []*inttypes.S }), Region: unique.Make(inttypes.ResourceRegionDefault()), }, + { + Factory: newDataSourceNetwork, + TypeName: "aws_odb_network", + Name: "Network", + Tags: unique.Make(inttypes.ServicePackageResourceTags{ + IdentifierAttribute: names.AttrARN, + }), + Region: unique.Make(inttypes.ResourceRegionDefault()), + }, } } @@ -42,6 +51,15 @@ func (p *servicePackage) FrameworkResources(ctx context.Context) []*inttypes.Ser }), Region: unique.Make(inttypes.ResourceRegionDefault()), }, + { + Factory: newResourceNetwork, + TypeName: "aws_odb_network", + Name: "Network", + Tags: unique.Make(inttypes.ServicePackageResourceTags{ + IdentifierAttribute: names.AttrARN, + }), + Region: unique.Make(inttypes.ResourceRegionDefault()), + }, } } diff --git a/website/docs/d/odb_network.html.markdown b/website/docs/d/odb_network.html.markdown new file mode 100644 index 000000000000..2b68850ed5a5 --- /dev/null +++ b/website/docs/d/odb_network.html.markdown @@ -0,0 +1,57 @@ +--- +subcategory: "Oracle Database@AWS" +layout: "AWS: aws_odb_network" +page_title: "AWS: aws_odb_network" +description: |- + Terraform data source to retrieve odb network for Oracle Database@AWS. +--- + +# Data Source: aws_odb_network + +Terraform data source for to retrieve network resource in AWS for Oracle Database@AWS. + +## Example Usage + +### Basic Usage + +```terraform + +data "aws_odb_network" "example" { + id = "example" +} +``` + +## Argument Reference + +The following arguments are required: + +* `id` - (Required) Unique identifier of the odb network resource. + +The following arguments are optional: + +* `region` - (Optional) Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the [provider configuration](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#aws-configuration-reference). + +## Attribute Reference + +This resource exports the following attributes in addition to the arguments above: + +* `id` - Unique identifier of the odb network resource. +* `arn` - Amazon Resource Name (ARN) of the odb network resource. +* `display_name` - Display name for the network resource. +* `availability_zone_id` - The AZ ID of the AZ where the ODB network is located. +* `availability_zone` - The availability zone where the ODB network is located. +* `backup_subnet_cidr` - The CIDR range of the backup subnet for the ODB network. +* `client_subnet_cidr` - The CIDR notation for the network resource. +* `custom_domain_name` - The name of the custom domain that the network is located. +* `default_dns_prefix` - The default DNS prefix for the network resource. +* `oci_network_anchor_id` - The unique identifier of the OCI network anchor for the ODB network. +* `oci_network_anchor_url` - The URL of the OCI network anchor for the ODB network. +* `oci_resource_anchor_name` - The name of the OCI resource anchor for the ODB network. +* `oci_vcn_id` - The unique identifier Oracle Cloud ID (OCID) of the OCI VCN for the ODB network. +* `oci_vcn_url` - The URL of the OCI VCN for the ODB network. +* `percent_progress` - The amount of progress made on the current operation on the ODB network, expressed as a percentage. +* `peered_cidrs` - The list of CIDR ranges from the peered VPC that are allowed access to the ODB network. Please refer odb network peering documentation. +* `status` - The status of the network resource. +* `status_reason` - Additional information about the current status of the ODB network. +* `created_at` - The date and time when the ODB network was created. +* `managed_services` - The managed services configuration for the ODB network. diff --git a/website/docs/r/appflow_connector_profile.html.markdown b/website/docs/r/appflow_connector_profile.html.markdown index 70f24415a36e..f508dba5b441 100644 --- a/website/docs/r/appflow_connector_profile.html.markdown +++ b/website/docs/r/appflow_connector_profile.html.markdown @@ -347,8 +347,8 @@ resource "aws_appflow_connector_profile" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import AppFlow Connector Profile using the connector profile `name`. For example: diff --git a/website/docs/r/appflow_flow.html.markdown b/website/docs/r/appflow_flow.html.markdown index b66576fe8ea1..459777bd61d3 100644 --- a/website/docs/r/appflow_flow.html.markdown +++ b/website/docs/r/appflow_flow.html.markdown @@ -441,8 +441,8 @@ resource "aws_appflow_flow" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import AppFlow flows using the `name`. For example: diff --git a/website/docs/r/cloudfront_key_value_store.html.markdown b/website/docs/r/cloudfront_key_value_store.html.markdown index c61fac06cc8b..a3a940321e57 100644 --- a/website/docs/r/cloudfront_key_value_store.html.markdown +++ b/website/docs/r/cloudfront_key_value_store.html.markdown @@ -70,7 +70,7 @@ resource "aws_cloudfront_key_value_store" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import CloudFront Key Value Store using the `name`. For example: diff --git a/website/docs/r/cloudfrontkeyvaluestore_key.html.markdown b/website/docs/r/cloudfrontkeyvaluestore_key.html.markdown index 6a3ba1aac497..eadaafe5de95 100644 --- a/website/docs/r/cloudfrontkeyvaluestore_key.html.markdown +++ b/website/docs/r/cloudfrontkeyvaluestore_key.html.markdown @@ -71,7 +71,7 @@ resource "aws_cloudfrontkeyvaluestore_key" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import CloudFront KeyValueStore Key using the `key_value_store_arn` and 'key' separated by `,`. For example: diff --git a/website/docs/r/cloudwatch_event_rule.html.markdown b/website/docs/r/cloudwatch_event_rule.html.markdown index 9fc36f4d43eb..ba41ae8a7688 100644 --- a/website/docs/r/cloudwatch_event_rule.html.markdown +++ b/website/docs/r/cloudwatch_event_rule.html.markdown @@ -109,10 +109,9 @@ resource "aws_cloudwatch_event_rule" "example" { #### Optional -* `event_bus_name` (String) Name of the event bus. If omitted, `default` is used. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `event_bus_name` (String) Name of the event bus. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import EventBridge Rules using the `event_bus_name/rule_name` (if you omit `event_bus_name`, the `default` event bus will be used). For example: diff --git a/website/docs/r/cloudwatch_event_target.html.markdown b/website/docs/r/cloudwatch_event_target.html.markdown index aa2fd892bf6c..860e0fcb963d 100644 --- a/website/docs/r/cloudwatch_event_target.html.markdown +++ b/website/docs/r/cloudwatch_event_target.html.markdown @@ -717,8 +717,8 @@ resource "aws_cloudwatch_event_target" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import EventBridge Targets using `event_bus_name/rule-name/target-id` (if you omit `event_bus_name`, the `default` event bus will be used). For example: diff --git a/website/docs/r/cloudwatch_log_group.html.markdown b/website/docs/r/cloudwatch_log_group.html.markdown index 14110a10ef55..4b2592b5f8ba 100644 --- a/website/docs/r/cloudwatch_log_group.html.markdown +++ b/website/docs/r/cloudwatch_log_group.html.markdown @@ -72,8 +72,8 @@ resource "aws_cloudwatch_log_group" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Cloudwatch Log Groups using the `name`. For example: diff --git a/website/docs/r/cloudwatch_metric_alarm.html.markdown b/website/docs/r/cloudwatch_metric_alarm.html.markdown index 73a3f19ba7ff..07a89970ba18 100644 --- a/website/docs/r/cloudwatch_metric_alarm.html.markdown +++ b/website/docs/r/cloudwatch_metric_alarm.html.markdown @@ -272,8 +272,8 @@ resource "aws_cloudwatch_metric_alarm" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import CloudWatch Metric Alarm using the `alarm_name`. For example: diff --git a/website/docs/r/cognito_log_delivery_configuration.html.markdown b/website/docs/r/cognito_log_delivery_configuration.html.markdown index b0a83c7ecfa5..165b0d4bf8b1 100644 --- a/website/docs/r/cognito_log_delivery_configuration.html.markdown +++ b/website/docs/r/cognito_log_delivery_configuration.html.markdown @@ -225,8 +225,8 @@ resource "aws_cognito_log_delivery_configuration" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Cognito IDP (Identity Provider) Log Delivery Configuration using the `user_pool_id`. For example: diff --git a/website/docs/r/dx_gateway.html.markdown b/website/docs/r/dx_gateway.html.markdown index 6f88d75f38d9..5e2bb65f13e6 100644 --- a/website/docs/r/dx_gateway.html.markdown +++ b/website/docs/r/dx_gateway.html.markdown @@ -66,8 +66,8 @@ resource "aws_dx_gateway" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Direct Connect Gateways using the gateway `id`. For example: diff --git a/website/docs/r/ecr_lifecycle_policy.html.markdown b/website/docs/r/ecr_lifecycle_policy.html.markdown index 70b550592db1..114caaef3272 100644 --- a/website/docs/r/ecr_lifecycle_policy.html.markdown +++ b/website/docs/r/ecr_lifecycle_policy.html.markdown @@ -120,8 +120,8 @@ resource "aws_ecr_lifecycle_policy" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ECR Lifecycle Policy using the name of the repository. For example: diff --git a/website/docs/r/ecr_repository.html.markdown b/website/docs/r/ecr_repository.html.markdown index d2f527fa08fb..a9adc67eb3f2 100644 --- a/website/docs/r/ecr_repository.html.markdown +++ b/website/docs/r/ecr_repository.html.markdown @@ -107,8 +107,8 @@ resource "aws_ecr_repository" "service" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ECR Repositories using the `name`. For example: diff --git a/website/docs/r/ecr_repository_policy.html.markdown b/website/docs/r/ecr_repository_policy.html.markdown index 0026e49106fd..65a702a7274b 100644 --- a/website/docs/r/ecr_repository_policy.html.markdown +++ b/website/docs/r/ecr_repository_policy.html.markdown @@ -94,8 +94,8 @@ resource "aws_ecr_repository_policy" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import ECR Repository Policy using the repository name. For example: diff --git a/website/docs/r/iam_role.html.markdown b/website/docs/r/iam_role.html.markdown index 9595fb995043..6893700c1cf1 100644 --- a/website/docs/r/iam_role.html.markdown +++ b/website/docs/r/iam_role.html.markdown @@ -246,7 +246,7 @@ resource "aws_iam_role" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import IAM Roles using the `name`. For example: diff --git a/website/docs/r/iam_role_policy.html.markdown b/website/docs/r/iam_role_policy.html.markdown index 0c4b6d4680ff..80a77ad77da1 100644 --- a/website/docs/r/iam_role_policy.html.markdown +++ b/website/docs/r/iam_role_policy.html.markdown @@ -100,7 +100,7 @@ resource "aws_iam_role_policy" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import IAM Role Policies using the `role_name:role_policy_name`. For example: diff --git a/website/docs/r/iam_role_policy_attachment.html.markdown b/website/docs/r/iam_role_policy_attachment.html.markdown index 7977197c835c..8c8281ea6359 100644 --- a/website/docs/r/iam_role_policy_attachment.html.markdown +++ b/website/docs/r/iam_role_policy_attachment.html.markdown @@ -93,7 +93,7 @@ resource "aws_iam_role_policy_attachment" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import IAM role policy attachments using the role name and policy arn separated by `/`. For example: diff --git a/website/docs/r/instance.html.markdown b/website/docs/r/instance.html.markdown index 914628b9675c..80e5ba598a7e 100644 --- a/website/docs/r/instance.html.markdown +++ b/website/docs/r/instance.html.markdown @@ -511,8 +511,8 @@ resource "aws_instance" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import instances using the `id`. For example: diff --git a/website/docs/r/kms_alias.html.markdown b/website/docs/r/kms_alias.html.markdown index 135c7686598b..9940e759417d 100644 --- a/website/docs/r/kms_alias.html.markdown +++ b/website/docs/r/kms_alias.html.markdown @@ -65,8 +65,8 @@ resource "aws_kms_alias" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import KMS aliases using the `name`. For example: diff --git a/website/docs/r/kms_key.html.markdown b/website/docs/r/kms_key.html.markdown index c7f54f75a90c..63c427dc1c1b 100644 --- a/website/docs/r/kms_key.html.markdown +++ b/website/docs/r/kms_key.html.markdown @@ -376,8 +376,8 @@ resource "aws_kms_key" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import KMS Keys using the `id`. For example: diff --git a/website/docs/r/lambda_function.html.markdown b/website/docs/r/lambda_function.html.markdown index bd27ce2410a8..f20d24b0fd80 100644 --- a/website/docs/r/lambda_function.html.markdown +++ b/website/docs/r/lambda_function.html.markdown @@ -567,6 +567,8 @@ The following arguments are optional: ### vpc_config Configuration Block +~> **NOTE:** If `subnet_ids`, `security_group_ids` and `ipv6_allowed_for_dual_stack` are empty then `vpc_config` is considered to be empty or unset. + * `ipv6_allowed_for_dual_stack` - (Optional) Whether to allow outbound IPv6 traffic on VPC functions connected to dual-stack subnets. Default: `false`. * `security_group_ids` - (Required) List of security group IDs associated with the Lambda function. * `subnet_ids` - (Required) List of subnet IDs associated with the Lambda function. @@ -622,8 +624,8 @@ resource "aws_lambda_function" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Lambda Functions using the `function_name`. For example: diff --git a/website/docs/r/lambda_permission.html.markdown b/website/docs/r/lambda_permission.html.markdown index 7353be3acea2..e6c40308fcf2 100644 --- a/website/docs/r/lambda_permission.html.markdown +++ b/website/docs/r/lambda_permission.html.markdown @@ -261,10 +261,9 @@ resource "aws_lambda_permission" "example" { #### Optional +* `account_id` (String) AWS Account where this resource is managed. * `qualifier` (String) Qualifier for the function version or alias. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Lambda permission statements using function_name/statement_id with an optional qualifier. For example: diff --git a/website/docs/r/odb_network.html.markdown b/website/docs/r/odb_network.html.markdown new file mode 100644 index 000000000000..a6d73abcd750 --- /dev/null +++ b/website/docs/r/odb_network.html.markdown @@ -0,0 +1,106 @@ +--- +subcategory: "Oracle Database@AWS" +layout: "AWS: aws_odb_network" +page_title: "AWS: aws_odb_network" +description: |- + Terraform resource for managing odb network of an Oracle Database@AWS. +--- + +# Resource: aws_odb_network + +Terraform resource for managing odb Network resource in AWS for Oracle Database@AWS. + +## Example Usage + +### Basic Usage + +```terraform + +resource "aws_odb_network" "example" { + display_name = "odb-my-net" + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "DISABLED" + zero_etl_access = "DISABLED" + tags = { + "env" = "dev" + } +} + +resource "aws_odb_network" "example" { + display_name = "odb-my-net" + availability_zone_id = "use1-az6" + client_subnet_cidr = "10.2.0.0/24" + backup_subnet_cidr = "10.2.1.0/24" + s3_access = "ENABLED" + zero_etl_access = "ENABLED" + tags = { + "env" = "dev" + } +} +``` + +## Argument Reference + +The following arguments are required: + +* `display_name` - (Required) The user-friendly name for the odb network. Changing this will force terraform to create a new resource. +* `availability_zone_id` - (Required) The AZ ID of the AZ where the ODB network is located. Changing this will force terraform to create new resource. +* `client_subnet_cidr` - (Required) The CIDR notation for the network resource. Changing this will force terraform to create new resource. +* `backup_subnet_cidr` - (Required) The CIDR range of the backup subnet for the ODB network. Changing this will force terraform to create new resource. +* `s3_access` - (Required) Specifies the configuration for Amazon S3 access from the ODB network. +* `zero_etl_access` - (Required) Specifies the configuration for Zero-ETL access from the ODB network. + +The following arguments are optional: + +* `custom_domain_name` - (Optional) The name of the custom domain that the network is located. Custom_domain_name and default_dns_prefix both can't be given. Changing this will force terraform to create new resource. +* `availability_zone` - (Optional) The name of the Availability Zone (AZ) where the odb network is located. Changing this will force terraform to create new resource. Make sure availability_zone maps correctly with availability_zone_id. +* `s3_policy_document` - (Optional) Specifies the endpoint policy for Amazon S3 access from the ODB network. +* `default_dns_prefix` - (Optional) The default DNS prefix for the network resource. Changing this will force terraform to create new resource. Changing this will force terraform to create new resource. +* `tags` - (Optional) A map of tags to assign to the exadata infrastructure. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. +* `region` - (Optional) Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the [provider configuration](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#aws-configuration-reference). + +## Attribute Reference + +This resource exports the following attributes in addition to the arguments above: + +* `id` - Unique identifier of the odb network resource. +* `arn` - Amazon Resource Name (ARN) of the odb network resource. +* `oci_dns_forwarding_configs` - The number of storage servers requested for the Exadata infrastructure. +* `peered_cidrs` - The list of CIDR ranges from the peered VPC that are allowed access to the ODB network. Please refer odb network peering documentation. +* `oci_network_anchor_id` - The unique identifier of the OCI network anchor for the ODB network. +* `oci_network_anchor_url` -The URL of the OCI network anchor for the ODB network. +* `oci_resource_anchor_name` - The name of the OCI resource anchor for the ODB network. +* `oci_vcn_id` - The unique identifier Oracle Cloud ID (OCID) of the OCI VCN for the ODB network. +* `oci_vcn_url` - The URL of the OCI VCN for the ODB network. +* `percent_progress` - The amount of progress made on the current operation on the ODB network, expressed as a percentage. +* `managed_services` - The name of the OCI resource anchor for the Exadata infrastructure. +* `status` - The status of the network resource. +* `status_reason` - Additional information about the current status of the ODB network. +* `created_at` - The date and time when the ODB network was created. + +## Timeouts + +[Configuration options](https://developer.hashicorp.com/terraform/language/resources/syntax#operation-timeouts): + +* `create` - (Default `24h`) +* `update` - (Default `24h`) +* `delete` - (Default `24h`) + +## Import + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import OpenSearch Ingestion Pipeline using the `id`. For example: + +```terraform +import { + to = aws_odb_network.example + id = "example" +} +``` + +Using `terraform import`, import Odb Network using the `id`. For example: + +```console +% terraform import aws_odb_network.example example +``` diff --git a/website/docs/r/organizations_account.html.markdown b/website/docs/r/organizations_account.html.markdown index 1b8c3109cdeb..1600adb9edfd 100644 --- a/website/docs/r/organizations_account.html.markdown +++ b/website/docs/r/organizations_account.html.markdown @@ -82,7 +82,7 @@ resource "aws_organizations_account" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import the AWS member account using the `account_id`. For example: diff --git a/website/docs/r/organizations_delegated_administrator.html.markdown b/website/docs/r/organizations_delegated_administrator.html.markdown index cf4da004c491..b708fa2488a1 100644 --- a/website/docs/r/organizations_delegated_administrator.html.markdown +++ b/website/docs/r/organizations_delegated_administrator.html.markdown @@ -66,7 +66,7 @@ resource "aws_organizations_delegated_administrator" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import `aws_organizations_delegated_administrator` using the account ID and its service principal. For example: diff --git a/website/docs/r/organizations_organization.html.markdown b/website/docs/r/organizations_organization.html.markdown index ab202f9e9602..aaad0cb4a2db 100644 --- a/website/docs/r/organizations_organization.html.markdown +++ b/website/docs/r/organizations_organization.html.markdown @@ -90,7 +90,7 @@ resource "aws_organizations_organization" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import the AWS organization using the `id`. For example: diff --git a/website/docs/r/organizations_organizational_unit.html.markdown b/website/docs/r/organizations_organizational_unit.html.markdown index edd271258761..a01ac90b6ae0 100644 --- a/website/docs/r/organizations_organizational_unit.html.markdown +++ b/website/docs/r/organizations_organizational_unit.html.markdown @@ -65,7 +65,7 @@ resource "aws_organizations_organizational_unit" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import AWS Organizations Organizational Units using the `id`. For example: diff --git a/website/docs/r/organizations_policy_attachment.html.markdown b/website/docs/r/organizations_policy_attachment.html.markdown index 8f648e1de200..2534425af2a6 100644 --- a/website/docs/r/organizations_policy_attachment.html.markdown +++ b/website/docs/r/organizations_policy_attachment.html.markdown @@ -78,7 +78,7 @@ resource "aws_organizations_policy_attachment" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import `aws_organizations_policy_attachment` using the target ID and policy ID. For example: diff --git a/website/docs/r/route.html.markdown b/website/docs/r/route.html.markdown index 25eaf0958d4b..be2f60a86820 100644 --- a/website/docs/r/route.html.markdown +++ b/website/docs/r/route.html.markdown @@ -123,17 +123,17 @@ resource "aws_route" "example" { #### Required -- `route_table_id` - (String) ID of the route table. +* `route_table_id` - (String) ID of the route table. #### Optional ~> Exactly one of of `destination_cidr_block`, `destination_ipv6_cidr_block`, or `destination_prefix_list_id` is required. -- `account_id` (String) AWS Account where this resource is managed. -- `destination_cidr_block` - (String) Destination IPv4 CIDR block. -- `destination_ipv6_cidr_block` - (String) Destination IPv6 CIDR block. -- `destination_prefix_list_id` - (String) Destination IPv6 CIDR block. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `destination_cidr_block` - (String) Destination IPv4 CIDR block. +* `destination_ipv6_cidr_block` - (String) Destination IPv6 CIDR block. +* `destination_prefix_list_id` - (String) Destination IPv6 CIDR block. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import individual routes using `ROUTETABLEID_DESTINATION`. Import [local routes](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html#RouteTables) using the VPC's IPv4 or IPv6 CIDR blocks. For example: diff --git a/website/docs/r/route53_record.html.markdown b/website/docs/r/route53_record.html.markdown index 5bb1978fb8ac..d596098490d0 100644 --- a/website/docs/r/route53_record.html.markdown +++ b/website/docs/r/route53_record.html.markdown @@ -276,10 +276,9 @@ resource "aws_route53_record" "example" { #### Optional +* `account_id` (String) AWS Account where this resource is managed. * `set_identifier` (String) Set identifier for the record. -- `account_id` (String) AWS Account where this resource is managed. - In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Route53 Records using the ID of the record, record name, record type, and set identifier. For example: Using the ID of the record, which is the zone identifier, record name, and record type, separated by underscores (`_`): diff --git a/website/docs/r/route53_resolver_rule.html.markdown b/website/docs/r/route53_resolver_rule.html.markdown index d84f7a463212..807517671737 100644 --- a/website/docs/r/route53_resolver_rule.html.markdown +++ b/website/docs/r/route53_resolver_rule.html.markdown @@ -116,8 +116,8 @@ resource "aws_route53_resolver_rule" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Route53 Resolver rules using the `id`. For example: diff --git a/website/docs/r/route53_resolver_rule_association.html.markdown b/website/docs/r/route53_resolver_rule_association.html.markdown index 8030615f3ebe..6301bd4ab8f7 100644 --- a/website/docs/r/route53_resolver_rule_association.html.markdown +++ b/website/docs/r/route53_resolver_rule_association.html.markdown @@ -59,8 +59,8 @@ resource "aws_route53_resolver_rule_association" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Route53 Resolver rule associations using the `id`. For example: diff --git a/website/docs/r/route_table.html.markdown b/website/docs/r/route_table.html.markdown index a17951bc2fc8..2ca1209e04d0 100644 --- a/website/docs/r/route_table.html.markdown +++ b/website/docs/r/route_table.html.markdown @@ -198,8 +198,8 @@ resource "aws_route_table" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Route Tables using the route table `id`. For example: diff --git a/website/docs/r/s3_bucket.html.markdown b/website/docs/r/s3_bucket.html.markdown index af34af4173b5..e0bbca18745d 100644 --- a/website/docs/r/s3_bucket.html.markdown +++ b/website/docs/r/s3_bucket.html.markdown @@ -348,8 +348,8 @@ resource "aws_s3_bucket" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket using the `bucket`. For example: diff --git a/website/docs/r/s3_bucket_acl.html.markdown b/website/docs/r/s3_bucket_acl.html.markdown index 5501df69d256..2f041a0d8eec 100644 --- a/website/docs/r/s3_bucket_acl.html.markdown +++ b/website/docs/r/s3_bucket_acl.html.markdown @@ -190,11 +190,10 @@ resource "aws_s3_bucket_acl" "example" { #### Optional -* `expected_bucket_owner` (String) Account ID of the expected bucket owner. +* `account_id` (String) AWS Account where this resource is managed. * `acl` (String) Canned ACL to apply to the bucket. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `expected_bucket_owner` (String) Account ID of the expected bucket owner. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket ACL using `bucket`, `expected_bucket_owner`, and/or `acl`, depending on your situation. For example: diff --git a/website/docs/r/s3_bucket_cors_configuration.html.markdown b/website/docs/r/s3_bucket_cors_configuration.html.markdown index 88bb7da9536a..835643c12271 100644 --- a/website/docs/r/s3_bucket_cors_configuration.html.markdown +++ b/website/docs/r/s3_bucket_cors_configuration.html.markdown @@ -90,10 +90,9 @@ resource "aws_s3_bucket_cors_configuration" "example" { #### Optional +* `account_id` (String) AWS Account where this resource is managed. * `expected_bucket_owner` (String) Account ID of the expected bucket owner. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket CORS configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example: diff --git a/website/docs/r/s3_bucket_logging.html.markdown b/website/docs/r/s3_bucket_logging.html.markdown index fa7d973e373c..f544bbbedae4 100644 --- a/website/docs/r/s3_bucket_logging.html.markdown +++ b/website/docs/r/s3_bucket_logging.html.markdown @@ -168,10 +168,9 @@ resource "aws_s3_bucket_logging" "example" { #### Optional +* `account_id` (String) AWS Account where this resource is managed. * `expected_bucket_owner` (String) Account ID of the expected bucket owner. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket logging using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example: diff --git a/website/docs/r/s3_bucket_object.html.markdown b/website/docs/r/s3_bucket_object.html.markdown index c7fc3498212c..f6179d15cb70 100644 --- a/website/docs/r/s3_bucket_object.html.markdown +++ b/website/docs/r/s3_bucket_object.html.markdown @@ -206,8 +206,8 @@ resource "aws_s3_bucket_object" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import objects using the `id` or S3 URL. For example: diff --git a/website/docs/r/s3_bucket_policy.html.markdown b/website/docs/r/s3_bucket_policy.html.markdown index 912b4214d593..9716f784596a 100644 --- a/website/docs/r/s3_bucket_policy.html.markdown +++ b/website/docs/r/s3_bucket_policy.html.markdown @@ -85,8 +85,8 @@ resource "aws_s3_bucket_policy" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket policies using the bucket name. For example: diff --git a/website/docs/r/s3_bucket_server_side_encryption_configuration.html.markdown b/website/docs/r/s3_bucket_server_side_encryption_configuration.html.markdown index c69cd69a780b..d64617fd4943 100644 --- a/website/docs/r/s3_bucket_server_side_encryption_configuration.html.markdown +++ b/website/docs/r/s3_bucket_server_side_encryption_configuration.html.markdown @@ -90,10 +90,9 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "example" { #### Optional +* `account_id` (String) AWS Account where this resource is managed. * `expected_bucket_owner` (String) Account ID of the expected bucket owner. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket server-side encryption configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example: diff --git a/website/docs/r/s3_bucket_versioning.html.markdown b/website/docs/r/s3_bucket_versioning.html.markdown index bd6efdd011c1..3e9aec544cec 100644 --- a/website/docs/r/s3_bucket_versioning.html.markdown +++ b/website/docs/r/s3_bucket_versioning.html.markdown @@ -139,10 +139,9 @@ resource "aws_s3_bucket_versioning" "example" { #### Optional +* `account_id` (String) AWS Account where this resource is managed. * `expected_bucket_owner` (String) Account ID of the expected bucket owner. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket versioning using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example: diff --git a/website/docs/r/s3_bucket_website_configuration.html.markdown b/website/docs/r/s3_bucket_website_configuration.html.markdown index a1e7d56710e6..aa28b1988c02 100644 --- a/website/docs/r/s3_bucket_website_configuration.html.markdown +++ b/website/docs/r/s3_bucket_website_configuration.html.markdown @@ -158,10 +158,9 @@ resource "aws_s3_bucket_website_configuration" "example" { #### Optional +* `account_id` (String) AWS Account where this resource is managed. * `expected_bucket_owner` (String) Account ID of the expected bucket owner. - -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import S3 bucket website configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example: diff --git a/website/docs/r/s3_object.html.markdown b/website/docs/r/s3_object.html.markdown index aa87f2dc6f4f..5e4bb2e21247 100644 --- a/website/docs/r/s3_object.html.markdown +++ b/website/docs/r/s3_object.html.markdown @@ -246,8 +246,8 @@ resource "aws_s3_object" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import objects using the `id` or S3 URL. For example: diff --git a/website/docs/r/sagemaker_user_profile.html.markdown b/website/docs/r/sagemaker_user_profile.html.markdown index a3dc7ca41548..51295b2340c7 100644 --- a/website/docs/r/sagemaker_user_profile.html.markdown +++ b/website/docs/r/sagemaker_user_profile.html.markdown @@ -255,8 +255,8 @@ resource "aws_sagemaker_user_profile" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SageMaker AI User Profiles using the `arn`. For example: diff --git a/website/docs/r/secretsmanager_secret_version.html.markdown b/website/docs/r/secretsmanager_secret_version.html.markdown index 17fb9a21dbe1..2684fdc90ef1 100644 --- a/website/docs/r/secretsmanager_secret_version.html.markdown +++ b/website/docs/r/secretsmanager_secret_version.html.markdown @@ -106,8 +106,8 @@ resource "aws_secretsmanager_secret_version" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import `aws_secretsmanager_secret_version` using the secret ID and version ID. For example: diff --git a/website/docs/r/security_group.html.markdown b/website/docs/r/security_group.html.markdown index d05329a2b85d..b85483649020 100644 --- a/website/docs/r/security_group.html.markdown +++ b/website/docs/r/security_group.html.markdown @@ -335,8 +335,8 @@ resource "aws_security_group" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Security Groups using the security group `id`. For example: diff --git a/website/docs/r/sqs_queue.html.markdown b/website/docs/r/sqs_queue.html.markdown index b13555ea745e..65090ca44000 100644 --- a/website/docs/r/sqs_queue.html.markdown +++ b/website/docs/r/sqs_queue.html.markdown @@ -166,8 +166,8 @@ resource "aws_sqs_queue" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SQS Queues using the queue `url`. For example: diff --git a/website/docs/r/ssm_association.html.markdown b/website/docs/r/ssm_association.html.markdown index ba9d7cda965a..d1df3161a8b3 100644 --- a/website/docs/r/ssm_association.html.markdown +++ b/website/docs/r/ssm_association.html.markdown @@ -309,8 +309,8 @@ resource "aws_ssm_association" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SSM associations using the `association_id`. For example: diff --git a/website/docs/r/ssm_document.html.markdown b/website/docs/r/ssm_document.html.markdown index bdd2ec686630..b0010d27096f 100644 --- a/website/docs/r/ssm_document.html.markdown +++ b/website/docs/r/ssm_document.html.markdown @@ -155,8 +155,8 @@ resource "aws_ssm_document" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SSM Documents using the name. For example: diff --git a/website/docs/r/ssm_maintenance_window.html.markdown b/website/docs/r/ssm_maintenance_window.html.markdown index 99ce381c2af6..d62cb46efeaa 100644 --- a/website/docs/r/ssm_maintenance_window.html.markdown +++ b/website/docs/r/ssm_maintenance_window.html.markdown @@ -71,8 +71,8 @@ resource "aws_ssm_maintenance_window" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SSM Maintenance Windows using the maintenance window `id`. For example: diff --git a/website/docs/r/ssm_maintenance_window_target.html.markdown b/website/docs/r/ssm_maintenance_window_target.html.markdown index db2ca8af7962..85efb6490be8 100644 --- a/website/docs/r/ssm_maintenance_window_target.html.markdown +++ b/website/docs/r/ssm_maintenance_window_target.html.markdown @@ -104,8 +104,8 @@ resource "aws_ssm_maintenance_window_target" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SSM Maintenance Window targets using `WINDOW_ID/WINDOW_TARGET_ID`. For example: diff --git a/website/docs/r/ssm_maintenance_window_task.html.markdown b/website/docs/r/ssm_maintenance_window_task.html.markdown index 4a81183163ac..124c09dc79e0 100644 --- a/website/docs/r/ssm_maintenance_window_task.html.markdown +++ b/website/docs/r/ssm_maintenance_window_task.html.markdown @@ -234,8 +234,8 @@ resource "aws_ssm_maintenance_window_task" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import AWS Maintenance Window Task using the `window_id` and `window_task_id` separated by `/`. For example: diff --git a/website/docs/r/ssm_parameter.html.markdown b/website/docs/r/ssm_parameter.html.markdown index 2cdb22aa4a43..b5b3c2b7694a 100644 --- a/website/docs/r/ssm_parameter.html.markdown +++ b/website/docs/r/ssm_parameter.html.markdown @@ -115,8 +115,8 @@ resource "aws_ssm_parameter" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SSM Parameters using the parameter store `name`. For example: diff --git a/website/docs/r/ssm_patch_baseline.html.markdown b/website/docs/r/ssm_patch_baseline.html.markdown index e2cc256485a0..8b2089a82e7f 100644 --- a/website/docs/r/ssm_patch_baseline.html.markdown +++ b/website/docs/r/ssm_patch_baseline.html.markdown @@ -230,8 +230,8 @@ resource "aws_ssm_patch_baseline" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import SSM Patch Baselines using their baseline ID. For example: diff --git a/website/docs/r/subnet.html.markdown b/website/docs/r/subnet.html.markdown index 2398a88313b9..cceb7eb1ca8f 100644 --- a/website/docs/r/subnet.html.markdown +++ b/website/docs/r/subnet.html.markdown @@ -114,8 +114,8 @@ resource "aws_subnet" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import subnets using the subnet `id`. For example: diff --git a/website/docs/r/vpc_endpoint.html.markdown b/website/docs/r/vpc_endpoint.html.markdown index 53fe06e63b49..b7111f06e79a 100644 --- a/website/docs/r/vpc_endpoint.html.markdown +++ b/website/docs/r/vpc_endpoint.html.markdown @@ -241,8 +241,8 @@ resource "aws_vpc_endpoint" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import VPC Endpoints using the VPC endpoint `id`. For example: diff --git a/website/docs/r/vpc_security_group_egress_rule.html.markdown b/website/docs/r/vpc_security_group_egress_rule.html.markdown index c1cffb60f848..e07dd1035068 100644 --- a/website/docs/r/vpc_security_group_egress_rule.html.markdown +++ b/website/docs/r/vpc_security_group_egress_rule.html.markdown @@ -80,8 +80,8 @@ resource "aws_vpc_security_group_egress_rule" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import security group egress rules using the `security_group_rule_id`. For example: diff --git a/website/docs/r/vpc_security_group_ingress_rule.html.markdown b/website/docs/r/vpc_security_group_ingress_rule.html.markdown index 3f62ee6f3b5b..cbb8f410200c 100644 --- a/website/docs/r/vpc_security_group_ingress_rule.html.markdown +++ b/website/docs/r/vpc_security_group_ingress_rule.html.markdown @@ -89,8 +89,8 @@ resource "aws_vpc_security_group_ingress_rule" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import security group ingress rules using the `security_group_rule_id`. For example: diff --git a/website/docs/r/vpc_security_group_vpc_association.html.markdown b/website/docs/r/vpc_security_group_vpc_association.html.markdown index 30766d368b69..a9fc6d230820 100644 --- a/website/docs/r/vpc_security_group_vpc_association.html.markdown +++ b/website/docs/r/vpc_security_group_vpc_association.html.markdown @@ -67,8 +67,8 @@ resource "aws_vpc_security_group_vpc_association" "example" { #### Optional -- `account_id` (String) AWS Account where this resource is managed. -- `region` (String) Region where this resource is managed. +* `account_id` (String) AWS Account where this resource is managed. +* `region` (String) Region where this resource is managed. In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import a Security Group VPC Association using the `security_group_id` and `vpc_id` arguments, separated by a comma (`,`). For example: