Merge pull request #36072 from acwwat/b-aws_datasync_location-add_mis…

…sing_resource_details

fix: Add missing type-specific args for aws_datasync_location_* resources

.changelog/36072.txt

@@ -0,0 +1,27 @@
+```release-note:bug
+resource/aws_datasync_location_azure_blob: Fix missing `container_url` attribute value and bad `subdirectory` attribute value from state read/refresh
+```
+
+```release-note:bug
+resource/aws_datasync_location_efs: Fix missing `efs_file_system_arn` attribute value from state read/refresh
+```
+
+```release-note:bug
+resource/aws_datasync_location_nfs: Fix missing `server_hostname` attribute value from state read/refresh
+```
+
+```release-note:bug
+resource/aws_datasync_location_s3: Fix missing `s3_bucket_arn` attribute value from state read/refresh
+```
+
+```release-note:bug
+resource/aws_datasync_location_smb: Fix missing `server_hostname` attribute value from state read/refresh
+```
+
+```release-note:enhancement
+resource/aws_datasync_location_hdfs: Add `kerberos_keytab_base64` and `kerberos_krb5_conf_base64` arguments
+```
+
+```release-note:bug
+resource/aws_datasync_location_hdfs: Mark `qop_configuration` as Computed
+```

internal/flex/flex.go

@@ -13,6 +13,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	tfmaps "github.com/hashicorp/terraform-provider-aws/internal/maps"
 	tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices"
+	itypes "github.com/hashicorp/terraform-provider-aws/internal/types"
 )
 
 const (
@@ -350,6 +351,11 @@ func StringToIntValue(v *string) int {
 	return i
 }
 
+// StringValueToBase64String converts a string to a Go base64 string pointer.
+func StringValueToBase64String(v string) *string {
+	return aws.String(itypes.Base64EncodeOnce([]byte(v)))
+}
+
 // StringValueToInt64 converts a string to a Go int64 pointer.
 // Invalid integer strings are converted to 0.
 func StringValueToInt64(v string) *int64 {

internal/service/autoscaling/launch_configuration.go

@@ -6,7 +6,6 @@ package autoscaling
 import ( // nosemgrep:ci.semgrep.aws.multiple-service-imports
 	"context"
 	"crypto/sha1"
-	"encoding/base64"
 	"encoding/hex"
 	"fmt"
 	"log"
@@ -26,10 +25,11 @@ import ( // nosemgrep:ci.semgrep.aws.multiple-service-imports
 	"github.com/hashicorp/terraform-provider-aws/internal/flex"
 	tfec2 "github.com/hashicorp/terraform-provider-aws/internal/service/ec2"
 	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
+	itypes "github.com/hashicorp/terraform-provider-aws/internal/types"
 	"github.com/hashicorp/terraform-provider-aws/internal/verify"
 )
 
-// @SDKResource("aws_launch_configuration")
+// @SDKResource("aws_launch_configuration", name="Launch Configuration")
 func ResourceLaunchConfiguration() *schema.Resource {
 	return &schema.Resource{
 		CreateWithoutTimeout: resourceLaunchConfigurationCreate,
@@ -302,15 +302,7 @@ func ResourceLaunchConfiguration() *schema.Resource {
 				Optional:      true,
 				ForceNew:      true,
 				ConflictsWith: []string{"user_data"},
-				ValidateFunc: func(v interface{}, name string) (warns []string, errs []error) {
-					s := v.(string)
-					if !verify.IsBase64Encoded([]byte(s)) {
-						errs = append(errs, fmt.Errorf(
-							"%s: must be base64-encoded", name,
-						))
-					}
-					return
-				},
+				ValidateFunc:  verify.ValidBase64String,
 			},
 		},
 	}
@@ -363,7 +355,7 @@ func resourceLaunchConfigurationCreate(ctx context.Context, d *schema.ResourceDa
 	}
 
 	if v, ok := d.GetOk("user_data"); ok {
-		input.UserData = aws.String(verify.Base64Encode([]byte(v.(string))))
+		input.UserData = flex.StringValueToBase64String(v.(string))
 	} else if v, ok := d.GetOk("user_data_base64"); ok {
 		input.UserData = aws.String(v.(string))
 	}
@@ -805,8 +797,7 @@ func userDataHashSum(userData string) string {
 	// Check whether the user_data is not Base64 encoded.
 	// Always calculate hash of base64 decoded value since we
 	// check against double-encoding when setting it.
-	v, err := base64.StdEncoding.DecodeString(userData)
-
+	v, err := itypes.Base64Decode(userData)
 	if err != nil {
 		v = []byte(userData)
 	}

internal/service/cognitoidp/user_pool_ui_customization.go

@@ -5,7 +5,6 @@ package cognitoidp
 
 import (
 	"context"
-	"encoding/base64"
 	"log"
 	"time"
 
@@ -95,7 +94,7 @@ func resourceUserPoolUICustomizationPut(ctx context.Context, d *schema.ResourceD
 	}
 
 	if v, ok := d.GetOk("image_file"); ok {
-		v, err := base64.StdEncoding.DecodeString(v.(string))
+		v, err := itypes.Base64Decode(v.(string))
 		if err != nil {
 			return sdkdiag.AppendFromErr(diags, err)
 		}

internal/service/datasync/exports_test.go

@@ -0,0 +1,33 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package datasync
+
+// Exports for use in tests only.
+var (
+	ResourceLocationAzureBlob            = resourceLocationAzureBlob
+	ResourceLocationEFS                  = resourceLocationEFS
+	ResourceLocationFSxLustreFileSystem  = resourceLocationFSxLustreFileSystem
+	ResourceLocationFSxONTAPFileSystem   = resourceLocationFSxONTAPFileSystem
+	ResourceLocationFSxOpenZFSFileSystem = resourceLocationFSxOpenZFSFileSystem
+	ResourceLocationFSxWindowsFileSystem = resourceLocationFSxWindowsFileSystem
+	ResourceLocationHDFS                 = resourceLocationHDFS
+	ResourceLocationNFS                  = resourceLocationNFS
+	ResourceLocationObjectStorage        = resourceLocationObjectStorage
+	ResourceLocationS3                   = resourceLocationS3
+	ResourceLocationSMB                  = resourceLocationSMB
+	ResourceTask                         = resourceTask
+
+	FindLocationAzureBlobByARN     = findLocationAzureBlobByARN
+	FindLocationEFSByARN           = findLocationEFSByARN
+	FindLocationFSxLustreByARN     = findLocationFSxLustreByARN
+	FindLocationFSxONTAPByARN      = findLocationFSxONTAPByARN
+	FindLocationFSxOpenZFSByARN    = findLocationFSxOpenZFSByARN
+	FindLocationFSxWindowsByARN    = findLocationFSxWindowsByARN
+	FindLocationHDFSByARN          = findLocationHDFSByARN
+	FindLocationNFSByARN           = findLocationNFSByARN
+	FindLocationObjectStorageByARN = findLocationObjectStorageByARN
+	FindLocationS3ByARN            = findLocationS3ByARN
+	FindLocationSMBByARN           = findLocationSMBByARN
+	FindTaskByARN                  = findTaskByARN
+)

internal/service/datasync/location_azure_blob.go

@@ -5,6 +5,7 @@ package datasync
 
 import (
 	"context"
+	"fmt"
 	"log"
 	"strings"
 
@@ -26,7 +27,7 @@ import (
 
 // @SDKResource("aws_datasync_location_azure_blob", name="Location Microsoft Azure Blob Storage")
 // @Tags(identifierAttribute="id")
-func ResourceLocationAzureBlob() *schema.Resource {
+func resourceLocationAzureBlob() *schema.Resource {
 	return &schema.Resource{
 		CreateWithoutTimeout: resourceLocationAzureBlobCreate,
 		ReadWithoutTimeout:   resourceLocationAzureBlobRead,
@@ -154,7 +155,7 @@ func resourceLocationAzureBlobRead(ctx context.Context, d *schema.ResourceData,
 	var diags diag.Diagnostics
 	conn := meta.(*conns.AWSClient).DataSyncConn(ctx)
 
-	output, err := FindLocationAzureBlobByARN(ctx, conn, d.Id())
+	output, err := findLocationAzureBlobByARN(ctx, conn, d.Id())
 
 	if !d.IsNewResource() && tfresource.NotFound(err) {
 		log.Printf("[WARN] DataSync Location Microsoft Azure Blob Storage (%s) not found, removing from state", d.Id())
@@ -167,19 +168,25 @@ func resourceLocationAzureBlobRead(ctx context.Context, d *schema.ResourceData,
 	}
 
 	uri := aws.StringValue(output.LocationUri)
+	accountHostName, err := globalIDFromLocationURI(aws.StringValue(output.LocationUri))
+	if err != nil {
+		return sdkdiag.AppendFromErr(diags, err)
+	}
 	subdirectory, err := subdirectoryFromLocationURI(uri)
 	if err != nil {
 		return sdkdiag.AppendFromErr(diags, err)
 	}
+	containerName := subdirectory[:strings.IndexAny(subdirectory[1:], "/")+1]
+	containerURL := fmt.Sprintf("https://%s%s", accountHostName, containerName)
 
 	d.Set("access_tier", output.AccessTier)
 	d.Set("agent_arns", aws.StringValueSlice(output.AgentArns))
 	d.Set("arn", output.LocationArn)
 	d.Set("authentication_type", output.AuthenticationType)
 	d.Set("blob_type", output.BlobType)
-	d.Set("container_url", d.Get("container_url"))
+	d.Set("container_url", containerURL)
 	d.Set("sas_configuration", d.Get("sas_configuration"))
-	d.Set("subdirectory", subdirectory)
+	d.Set("subdirectory", subdirectory[strings.IndexAny(subdirectory[1:], "/")+1:])
 	d.Set("uri", uri)
 
 	return diags
@@ -248,7 +255,7 @@ func resourceLocationAzureBlobDelete(ctx context.Context, d *schema.ResourceData
 	return diags
 }
 
-func FindLocationAzureBlobByARN(ctx context.Context, conn *datasync.DataSync, arn string) (*datasync.DescribeLocationAzureBlobOutput, error) {
+func findLocationAzureBlobByARN(ctx context.Context, conn *datasync.DataSync, arn string) (*datasync.DescribeLocationAzureBlobOutput, error) {
 	input := &datasync.DescribeLocationAzureBlobInput{
 		LocationArn: aws.String(arn),
 	}

internal/service/datasync/location_azure_blob_test.go

@@ -41,10 +41,10 @@ func TestAccDataSyncLocationAzureBlob_basic(t *testing.T) {
 					acctest.MatchResourceAttrRegionalARN(resourceName, "arn", "datasync", regexache.MustCompile(`location/loc-.+`)),
 					resource.TestCheckResourceAttr(resourceName, "authentication_type", "SAS"),
 					resource.TestCheckResourceAttr(resourceName, "blob_type", "BLOCK"),
-					resource.TestCheckResourceAttr(resourceName, "container_url", "https://example.com/path"),
+					resource.TestCheckResourceAttr(resourceName, "container_url", "https://myaccount.blob.core.windows.net/mycontainer"),
 					resource.TestCheckResourceAttr(resourceName, "sas_configuration.#", "1"),
 					resource.TestCheckResourceAttrSet(resourceName, "sas_configuration.0.token"),
-					resource.TestCheckResourceAttr(resourceName, "subdirectory", "/path/"),
+					resource.TestCheckResourceAttr(resourceName, "subdirectory", "/myvdir1/myvdir2/"),
 					resource.TestCheckResourceAttr(resourceName, "tags.%", "0"),
 					resource.TestMatchResourceAttr(resourceName, "uri", regexache.MustCompile(`^azure-blob://.+/`)),
 				),
@@ -53,7 +53,7 @@ func TestAccDataSyncLocationAzureBlob_basic(t *testing.T) {
 				ResourceName:            resourceName,
 				ImportState:             true,
 				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"container_url", "sas_configuration"},
+				ImportStateVerifyIgnore: []string{"sas_configuration"},
 			},
 		},
 	})
@@ -107,7 +107,7 @@ func TestAccDataSyncLocationAzureBlob_tags(t *testing.T) {
 				ResourceName:            resourceName,
 				ImportState:             true,
 				ImportStateVerify:       true,
-				ImportStateVerifyIgnore: []string{"container_url", "sas_configuration"},
+				ImportStateVerifyIgnore: []string{"sas_configuration"},
 			},
 			{
 				Config: testAccLocationAzureBlobConfig_tags2(rName, "key1", "value1updated", "key2", "value2"),
@@ -151,10 +151,10 @@ func TestAccDataSyncLocationAzureBlob_update(t *testing.T) {
 					acctest.MatchResourceAttrRegionalARN(resourceName, "arn", "datasync", regexache.MustCompile(`location/loc-.+`)),
 					resource.TestCheckResourceAttr(resourceName, "authentication_type", "SAS"),
 					resource.TestCheckResourceAttr(resourceName, "blob_type", "BLOCK"),
-					resource.TestCheckResourceAttr(resourceName, "container_url", "https://example.com/path"),
+					resource.TestCheckResourceAttr(resourceName, "container_url", "https://myaccount.blob.core.windows.net/mycontainer"),
 					resource.TestCheckResourceAttr(resourceName, "sas_configuration.#", "1"),
 					resource.TestCheckResourceAttrSet(resourceName, "sas_configuration.0.token"),
-					resource.TestCheckResourceAttr(resourceName, "subdirectory", "/path/"),
+					resource.TestCheckResourceAttr(resourceName, "subdirectory", "/myvdir1/myvdir2/"),
 					resource.TestCheckResourceAttr(resourceName, "tags.%", "0"),
 					resource.TestMatchResourceAttr(resourceName, "uri", regexache.MustCompile(`^azure-blob://.+/`)),
 				),
@@ -168,10 +168,10 @@ func TestAccDataSyncLocationAzureBlob_update(t *testing.T) {
 					acctest.MatchResourceAttrRegionalARN(resourceName, "arn", "datasync", regexache.MustCompile(`location/loc-.+`)),
 					resource.TestCheckResourceAttr(resourceName, "authentication_type", "SAS"),
 					resource.TestCheckResourceAttr(resourceName, "blob_type", "BLOCK"),
-					resource.TestCheckResourceAttr(resourceName, "container_url", "https://example.com/path"),
+					resource.TestCheckResourceAttr(resourceName, "container_url", "https://myaccount.blob.core.windows.net/mycontainer"),
 					resource.TestCheckResourceAttr(resourceName, "sas_configuration.#", "1"),
 					resource.TestCheckResourceAttrSet(resourceName, "sas_configuration.0.token"),
-					resource.TestCheckResourceAttr(resourceName, "subdirectory", "/path/"),
+					resource.TestCheckResourceAttr(resourceName, "subdirectory", "/"),
 					resource.TestCheckResourceAttr(resourceName, "tags.%", "0"),
 					resource.TestMatchResourceAttr(resourceName, "uri", regexache.MustCompile(`^azure-blob://.+/`)),
 				),
@@ -241,7 +241,8 @@ func testAccLocationAzureBlobConfig_basic(rName string) string {
 resource "aws_datasync_location_azure_blob" "test" {
   agent_arns          = [aws_datasync_agent.test.arn]
   authentication_type = "SAS"
-  container_url       = "https://example.com/path"
+  container_url       = "https://myaccount.blob.core.windows.net/mycontainer"
+  subdirectory        = "/myvdir1/myvdir2"
 
   sas_configuration {
     token = "sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%%2FXTI9E%%2F%%2Fmq171%%2BZU178wcwqU%%3D"
@@ -255,7 +256,7 @@ func testAccLocationAzureBlobConfig_tags1(rName, key1, value1 string) string {
 resource "aws_datasync_location_azure_blob" "test" {
   agent_arns          = [aws_datasync_agent.test.arn]
   authentication_type = "SAS"
-  container_url       = "https://example.com/path"
+  container_url       = "https://myaccount.blob.core.windows.net/mycontainer"
 
   sas_configuration {
     token = "sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%%2FXTI9E%%2F%%2Fmq171%%2BZU178wcwqU%%3D"
@@ -273,7 +274,7 @@ func testAccLocationAzureBlobConfig_tags2(rName, key1, value1, key2, value2 stri
 resource "aws_datasync_location_azure_blob" "test" {
   agent_arns          = [aws_datasync_agent.test.arn]
   authentication_type = "SAS"
-  container_url       = "https://example.com/path"
+  container_url       = "https://myaccount.blob.core.windows.net/mycontainer"
 
   sas_configuration {
     token = "sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%%2FXTI9E%%2F%%2Fmq171%%2BZU178wcwqU%%3D"
@@ -293,7 +294,8 @@ resource "aws_datasync_location_azure_blob" "test" {
   access_tier         = "COOL"
   agent_arns          = [aws_datasync_agent.test.arn]
   authentication_type = "SAS"
-  container_url       = "https://example.com/path"
+  container_url       = "https://myaccount.blob.core.windows.net/mycontainer"
+  subdirectory        = "/"
 
   sas_configuration {
     token = "sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%%2FXTI9E%%2F%%2Fmq171%%2BZU178wcwqU%%3D"

internal/service/datasync/location_efs.go

@@ -5,10 +5,12 @@ package datasync
 
 import (
 	"context"
+	"fmt"
 	"log"
 	"strings"
 
 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/arn"
 	"github.com/aws/aws-sdk-go/service/datasync"
 	"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
@@ -26,7 +28,7 @@ import (
 
 // @SDKResource("aws_datasync_location_efs", name="Location EFS")
 // @Tags(identifierAttribute="id")
-func ResourceLocationEFS() *schema.Resource {
+func resourceLocationEFS() *schema.Resource {
 	return &schema.Resource{
 		CreateWithoutTimeout: resourceLocationEFSCreate,
 		ReadWithoutTimeout:   resourceLocationEFSRead,
@@ -157,7 +159,7 @@ func resourceLocationEFSRead(ctx context.Context, d *schema.ResourceData, meta i
 	var diags diag.Diagnostics
 	conn := meta.(*conns.AWSClient).DataSyncConn(ctx)
 
-	output, err := FindLocationEFSByARN(ctx, conn, d.Id())
+	output, err := findLocationEFSByARN(ctx, conn, d.Id())
 
 	if !d.IsNewResource() && tfresource.NotFound(err) {
 		log.Printf("[WARN] DataSync Location EFS (%s) not found, removing from state", d.Id())
@@ -170,16 +172,27 @@ func resourceLocationEFSRead(ctx context.Context, d *schema.ResourceData, meta i
 	}
 
 	uri := aws.StringValue(output.LocationUri)
+	globalID, err := globalIDFromLocationURI(uri)
+	if err != nil {
+		return sdkdiag.AppendFromErr(diags, err)
+	}
 	subdirectory, err := subdirectoryFromLocationURI(uri)
 	if err != nil {
 		return sdkdiag.AppendFromErr(diags, err)
 	}
+	locationARN, err := arn.Parse(d.Id())
+	if err != nil {
+		return sdkdiag.AppendFromErr(diags, err)
+	}
+	globalIDParts := strings.Split(globalID, ".") // Global ID format for EFS location is <region>.<efs_file_system_id>
 
 	d.Set("access_point_arn", output.AccessPointArn)
 	d.Set("arn", output.LocationArn)
 	if err := d.Set("ec2_config", flattenEC2Config(output.Ec2Config)); err != nil {
 		return sdkdiag.AppendErrorf(diags, "setting ec2_config: %s", err)
 	}
+	efsFileSystemARN := fmt.Sprintf("arn:%s:elasticfilesystem:%s:%s:file-system/%s", locationARN.Partition, globalIDParts[0], locationARN.AccountID, globalIDParts[1])
+	d.Set("efs_file_system_arn", efsFileSystemARN)
 	d.Set("file_system_access_role_arn", output.FileSystemAccessRoleArn)
 	d.Set("in_transit_encryption", output.InTransitEncryption)
 	d.Set("subdirectory", subdirectory)
@@ -216,7 +229,7 @@ func resourceLocationEFSDelete(ctx context.Context, d *schema.ResourceData, meta
 	return diags
 }
 
-func FindLocationEFSByARN(ctx context.Context, conn *datasync.DataSync, arn string) (*datasync.DescribeLocationEfsOutput, error) {
+func findLocationEFSByARN(ctx context.Context, conn *datasync.DataSync, arn string) (*datasync.DescribeLocationEfsOutput, error) {
 	input := &datasync.DescribeLocationEfsInput{
 		LocationArn: aws.String(arn),
 	}