hashicorp · ewbankkit · Sep 6, 2022 · Sep 2, 2022 · Sep 2, 2022 · Sep 2, 2022
@@ -5,10 +5,11 @@ go 1.18
 require (
 	github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7
 	github.com/aws/aws-sdk-go v1.44.88
-	github.com/aws/aws-sdk-go-v2 v1.16.12
+	github.com/aws/aws-sdk-go-v2 v1.16.13
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.13
 	github.com/aws/aws-sdk-go-v2/service/comprehend v1.18.8
 	github.com/aws/aws-sdk-go-v2/service/fis v1.12.13
+	github.com/aws/aws-sdk-go-v2/service/identitystore v1.15.0
 	github.com/aws/aws-sdk-go-v2/service/kendra v1.33.1
 	github.com/aws/aws-sdk-go-v2/service/medialive v1.22.5
 	github.com/aws/aws-sdk-go-v2/service/rolesanywhere v1.0.5
@@ -48,14 +49,14 @@ require (
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
 	github.com/aws/aws-sdk-go-v2/config v1.15.4 // indirect
 	github.com/aws/aws-sdk-go-v2/credentials v1.12.0 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.19 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.13 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.20 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.14 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.11 // indirect
 	github.com/aws/aws-sdk-go-v2/service/iam v1.18.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sso v1.11.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.16.4 // indirect
-	github.com/aws/smithy-go v1.13.0 // indirect
+	github.com/aws/smithy-go v1.13.1 // indirect
 	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/evanphx/json-patch v0.5.2 // indirect

@@ -23,8 +23,9 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkY
 github.com/aws/aws-sdk-go v1.44.88 h1:9jhiZsTx9koQQsM29RTgwI0g4mfyphCdc3bkUcKrdwA=
 github.com/aws/aws-sdk-go v1.44.88/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
 github.com/aws/aws-sdk-go-v2 v1.16.3/go.mod h1:ytwTPBG6fXTZLxxeeCCWj2/EMYp/xDUgX+OET6TLNNU=
-github.com/aws/aws-sdk-go-v2 v1.16.12 h1:wbMYa2PlFysFx2GLIQojr6FJV5+OWCM/BwyHXARxETA=
 github.com/aws/aws-sdk-go-v2 v1.16.12/go.mod h1:C+Ym0ag2LIghJbXhfXZ0YEEp49rBWowxKzJLUoob0ts=
+github.com/aws/aws-sdk-go-v2 v1.16.13 h1:HgF7OX2q0gSZtcXoo9DMEA8A2Qk/GCxmWyM0RI7Yz2Y=
+github.com/aws/aws-sdk-go-v2 v1.16.13/go.mod h1:xSyvSnzh0KLs5H4HJGeIEsNYemUWdNIl0b/rP6SIsLU=
 github.com/aws/aws-sdk-go-v2/config v1.15.4 h1:P4mesY1hYUxru4f9SU0XxNKXmzfxsD0FtMIPRBjkH7Q=
 github.com/aws/aws-sdk-go-v2/config v1.15.4/go.mod h1:ZijHHh0xd/A+ZY53az0qzC5tT46kt4JVCePf2NX9Lk4=
 github.com/aws/aws-sdk-go-v2/credentials v1.12.0 h1:4R/NqlcRFSkR0wxOhgHi+agGpbEr5qMCjn7VqUIJY+E=
@@ -33,11 +34,13 @@ github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.4/go.mod h1:u/s5/Z+ohUQOPXl0
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.13 h1:+uferi8SUDZtMloCDt24Zenyy/i71C/ua5mjUCpbpN0=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.13/go.mod h1:y0eXmsNBFIVjUE8ZBjES8myOHlMsXDz7qGT93+MVdjk=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.10/go.mod h1:F+EZtuIwjlv35kRJPyBGcsA4f7bnSoz15zOQ2lJq1Z4=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.19 h1:gC5mudiFrWGhzcdoWj1iCGUfrzCpQG0MQIQf0CXFFQQ=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.19/go.mod h1:llxE6bwUZhuCas0K7qGiu5OgMis3N7kdWtFSxoHmJ7E=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.20 h1:Rk8eqZSdFovt8Id+O+i2qT0c3CY13DPn2SfGOEVlxNs=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.20/go.mod h1:gdZ5gRUaxThXIZyZQ8MTtgYBk2jbHgp05BO3GcD9Cwc=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.4/go.mod h1:8glyUqVIM4AmeenIsPo0oVh3+NUwnsQml2OFupfQW+0=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.13 h1:qezY57na06d6kSE7uuB0N7XEflu914AXx/hg2L8Ykcw=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.13/go.mod h1:lB12mkZqCSo5PsdBFLNqc2M/OOYgNAy8UtaktyuWvE8=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.14 h1:6Yxuq9yrkoLYab5JXqJnto9tdRuIcYVdR+eiKjsJYWU=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.14/go.mod h1:GEV9jaDPIgayiU+uevxwozcvUOjc+P4aHE2BeSjm2vE=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.11 h1:6cZRymlLEIlDTEB0+5+An6Zj1CKt6rSE69tOmFeu1nk=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.11/go.mod h1:0MR+sS1b/yxsfAPvAESrw8NfwUoxMinDyw6EYR9BS2U=
 github.com/aws/aws-sdk-go-v2/service/comprehend v1.18.8 h1:0GNYWmqqR9KfwcYKyUOG9k0V6Mq9jZy2e9pwABsxQmM=
@@ -46,6 +49,8 @@ github.com/aws/aws-sdk-go-v2/service/fis v1.12.13 h1:tDH0KAjglMY+n8Gr+lmDI5icSWD
 github.com/aws/aws-sdk-go-v2/service/fis v1.12.13/go.mod h1:hPItFatx4DLydS1AqZ7N/rWaTi8ASGd3lGQrzfSc0Uk=
 github.com/aws/aws-sdk-go-v2/service/iam v1.18.4 h1:E41guA79mjEbwJdh0zXz1d8+Zt4zxRr+b1ipiVbKXzs=
 github.com/aws/aws-sdk-go-v2/service/iam v1.18.4/go.mod h1:FpNvAfCZyIQ3qeNJUOw4CShKvdizHblXqAvSk0qmyL4=
+github.com/aws/aws-sdk-go-v2/service/identitystore v1.15.0 h1:RkSEzzGoabfnnVXF9Mon9+/KYYVw2hLjK1i47ka/Tyg=
+github.com/aws/aws-sdk-go-v2/service/identitystore v1.15.0/go.mod h1:7dp7wVJ+ldmxHAD1Zo6Q65duUXCtNNoFk10Eu8uSCco=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.4 h1:b16QW0XWl0jWjLABFc1A+uh145Oqv+xDcObNk0iQgUk=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.4/go.mod h1:uKkN7qmSIsNJVyMtxNQoCEYMvFEXbOg9fwCJPdfp2u8=
 github.com/aws/aws-sdk-go-v2/service/kendra v1.33.1 h1:XOTWbVWu4wAVozPAny4v5fyWZtjXS+KZl4OAe04vJbw=
@@ -63,8 +68,9 @@ github.com/aws/aws-sdk-go-v2/service/sts v1.16.4/go.mod h1:lfSYenAXtavyX2A1LsVig
 github.com/aws/aws-sdk-go-v2/service/transcribe v1.21.5 h1:hYZofZdt2q8hvpM7XV8/gN49ZEd8wf236G66Oo6QW08=
 github.com/aws/aws-sdk-go-v2/service/transcribe v1.21.5/go.mod h1:mmV5KXzUW+R8AMqDFkgX1vJ1th6SiyaghjvqQm3TC8g=
 github.com/aws/smithy-go v1.11.2/go.mod h1:3xHYmszWVx2c0kIwQeEVf9uSm4fYZt67FBJnwub1bgM=
-github.com/aws/smithy-go v1.13.0 h1:YfyEmSJLo7fAv8FbuDK4R8F9aAmi9DZ88Zb/KJJmUl0=
 github.com/aws/smithy-go v1.13.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
+github.com/aws/smithy-go v1.13.1 h1:q09BdpUiaqpothcv393ACfWJJHzlzjB5HaNL1XHKmoQ=
+github.com/aws/smithy-go v1.13.1/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
 github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
 github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
 github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI=

@@ -8,6 +8,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
 	"github.com/aws/aws-sdk-go-v2/service/comprehend"
 	"github.com/aws/aws-sdk-go-v2/service/fis"
+	"github.com/aws/aws-sdk-go-v2/service/identitystore"
 	"github.com/aws/aws-sdk-go-v2/service/kendra"
 	"github.com/aws/aws-sdk-go-v2/service/medialive"
 	"github.com/aws/aws-sdk-go-v2/service/rolesanywhere"
@@ -208,6 +209,12 @@ func (c *Config) Client(ctx context.Context) (interface{}, diag.Diagnostics) {
 		}
 	})
 
+	client.IdentityStoreConn = identitystore.NewFromConfig(cfg, func(o *identitystore.Options) {
+		if endpoint := c.Endpoints[names.IdentityStore]; endpoint != "" {
+			o.EndpointResolver = identitystore.EndpointResolverFromURL(endpoint)
+		}
+	})
+
 	client.KendraConn = kendra.NewFromConfig(cfg, func(o *kendra.Options) {
 		if endpoint := c.Endpoints[names.Kendra]; endpoint != "" {
 			o.EndpointResolver = kendra.EndpointResolverFromURL(endpoint)

@@ -1,19 +1,23 @@
 package identitystore
 
 import (
-	"fmt"
+	"context"
 	"regexp"
 
-	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/service/identitystore"
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/identitystore"
+	"github.com/aws/aws-sdk-go-v2/service/identitystore/types"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/create"
+	"github.com/hashicorp/terraform-provider-aws/names"
 )
 
 func DataSourceGroup() *schema.Resource {
 	return &schema.Resource{
-		Read: dataSourceGroupRead,
+		ReadContext: dataSourceGroupRead,
 
 		Schema: map[string]*schema.Schema{
 			"display_name": {
@@ -60,70 +64,74 @@ func DataSourceGroup() *schema.Resource {
 	}
 }
 
-func dataSourceGroupRead(d *schema.ResourceData, meta interface{}) error {
+const (
+	DSNameGroup = "Group Data Source"
+)
+
+func dataSourceGroupRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).IdentityStoreConn
 
+	identityStoreId := d.Get("identity_store_id").(string)
+
+	// Filters has been marked as deprecated in favour of GetGroupId, which
+	// allows only a single filter. Keep using it to maintain backwards
+	// compatibility of the data source.
+
 	input := &identitystore.ListGroupsInput{
-		IdentityStoreId: aws.String(d.Get("identity_store_id").(string)),
+		IdentityStoreId: aws.String(identityStoreId),
 		Filters:         expandFilters(d.Get("filter").(*schema.Set).List()),
 	}
 
-	var results []*identitystore.Group
+	var results []types.Group
+
+	paginator := identitystore.NewListGroupsPaginator(conn, input)
+
+	for paginator.HasMorePages() {
+		page, err := paginator.NextPage(ctx)
 
-	err := conn.ListGroupsPages(input, func(page *identitystore.ListGroupsOutput, lastPage bool) bool {
-		if page == nil {
-			return !lastPage
+		if err != nil {
+			return create.DiagError(names.IdentityStore, create.ErrActionReading, DSNameGroup, identityStoreId, err)
 		}
 
 		for _, group := range page.Groups {
-			if group == nil {
-				continue
-			}
-
-			if v, ok := d.GetOk("group_id"); ok && v.(string) != aws.StringValue(group.GroupId) {
+			if v, ok := d.GetOk("group_id"); ok && v.(string) != aws.ToString(group.GroupId) {
 				continue
 			}
 
 			results = append(results, group)
 		}
-
-		return !lastPage
-	})
-
-	if err != nil {
-		return fmt.Errorf("error listing Identity Store Groups: %w", err)
 	}
 
 	if len(results) == 0 {
-		return fmt.Errorf("no Identity Store Group found matching criteria\n%v; try different search", input.Filters)
+		return diag.Errorf("no Identity Store Group found matching criteria\n%v; try different search", input.Filters)
 	}
 
 	if len(results) > 1 {
-		return fmt.Errorf("multiple Identity Store Groups found matching criteria\n%v; try different search", input.Filters)
+		return diag.Errorf("multiple Identity Store Groups found matching criteria\n%v; try different search", input.Filters)
 	}
 
 	group := results[0]
 
-	d.SetId(aws.StringValue(group.GroupId))
+	d.SetId(aws.ToString(group.GroupId))
 	d.Set("display_name", group.DisplayName)
 	d.Set("group_id", group.GroupId)
 
 	return nil
 }
 
-func expandFilters(l []interface{}) []*identitystore.Filter {
+func expandFilters(l []interface{}) []types.Filter {
 	if len(l) == 0 || l[0] == nil {
 		return nil
 	}
 
-	filters := make([]*identitystore.Filter, 0, len(l))
+	filters := make([]types.Filter, 0, len(l))
 	for _, v := range l {
 		tfMap, ok := v.(map[string]interface{})
 		if !ok {
 			continue
 		}
 
-		filter := &identitystore.Filter{}
+		filter := types.Filter{}
 
 		if v, ok := tfMap["attribute_path"].(string); ok && v != "" {
 			filter.AttributePath = aws.String(v)

@@ -1,19 +1,23 @@
 package identitystore
 
 import (
-	"fmt"
+	"context"
 	"regexp"
 
-	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/service/identitystore"
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/identitystore"
+	"github.com/aws/aws-sdk-go-v2/service/identitystore/types"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/create"
+	"github.com/hashicorp/terraform-provider-aws/names"
 )
 
 func DataSourceUser() *schema.Resource {
 	return &schema.Resource{
-		Read: dataSourceUserRead,
+		ReadContext: dataSourceUserRead,
 
 		Schema: map[string]*schema.Schema{
 			"filter": {
@@ -60,51 +64,55 @@ func DataSourceUser() *schema.Resource {
 	}
 }
 
-func dataSourceUserRead(d *schema.ResourceData, meta interface{}) error {
+const (
+	DSNameUser = "User Data Source"
+)
+
+func dataSourceUserRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).IdentityStoreConn
 
+	identityStoreId := d.Get("identity_store_id").(string)
+
+	// Filters has been marked as deprecated in favour of GetUserId, which
+	// allows only a single filter. Keep using it to maintain backwards
+	// compatibility of the data source.
+
 	input := &identitystore.ListUsersInput{
-		IdentityStoreId: aws.String(d.Get("identity_store_id").(string)),
+		IdentityStoreId: aws.String(identityStoreId),
 		Filters:         expandFilters(d.Get("filter").(*schema.Set).List()),
 	}
 
-	var results []*identitystore.User
+	var results []types.User
+
+	paginator := identitystore.NewListUsersPaginator(conn, input)
+
+	for paginator.HasMorePages() {
+		page, err := paginator.NextPage(ctx)
 
-	err := conn.ListUsersPages(input, func(page *identitystore.ListUsersOutput, lastPage bool) bool {
-		if page == nil {
-			return !lastPage
+		if err != nil {
+			return create.DiagError(names.IdentityStore, create.ErrActionReading, DSNameUser, identityStoreId, err)
 		}
 
 		for _, user := range page.Users {
-			if user == nil {
-				continue
-			}
-
-			if v, ok := d.GetOk("user_id"); ok && v.(string) != aws.StringValue(user.UserId) {
+			if v, ok := d.GetOk("user_id"); ok && v.(string) != aws.ToString(user.UserId) {
 				continue
 			}
 
 			results = append(results, user)
 		}
-
-		return !lastPage
-	})
-
-	if err != nil {
-		return fmt.Errorf("error listing Identity Store Users: %w", err)
 	}
 
 	if len(results) == 0 {
-		return fmt.Errorf("no Identity Store User found matching criteria\n%v; try different search", input.Filters)
+		return diag.Errorf("no Identity Store User found matching criteria\n%v; try different search", input.Filters)
 	}
 
 	if len(results) > 1 {
-		return fmt.Errorf("multiple Identity Store Users found matching criteria\n%v; try different search", input.Filters)
+		return diag.Errorf("multiple Identity Store Users found matching criteria\n%v; try different search", input.Filters)
 	}
 
 	user := results[0]
 
-	d.SetId(aws.StringValue(user.UserId))
+	d.SetId(aws.ToString(user.UserId))
 	d.Set("user_id", user.UserId)
 	d.Set("user_name", user.UserName)
 

@@ -24,6 +24,7 @@ import (
 // This "should" be defined by the AWS Go SDK v2, but currently isn't.
 const (
 	ComprehendEndpointID     = "comprehend"
+	IdentityStoreEndpointID  = "identitystore"
 	KendraEndpointID         = "kendra"
 	MediaLiveEndpointID      = "medialive"
 	RolesAnywhereEndpointID  = "rolesanywhere"

@@ -326,7 +326,7 @@ ssm-contacts,ssmcontacts,ssmcontacts,ssmcontacts,,ssmcontacts,,,SSMContacts,SSMC
 ssm-incidents,ssmincidents,ssmincidents,ssmincidents,,ssmincidents,,,SSMIncidents,SSMIncidents,,1,,aws_ssmincidents_,,ssmincidents_,SSM Incident Manager Incidents,AWS,,,,,
 sso,sso,sso,sso,,sso,,,SSO,SSO,,1,,aws_sso_,,sso_,SSO (Single Sign-On),AWS,,,,,
 sso-admin,ssoadmin,ssoadmin,ssoadmin,,ssoadmin,,,SSOAdmin,SSOAdmin,,1,,aws_ssoadmin_,,ssoadmin_,SSO Admin,AWS,,,,,
-identitystore,identitystore,identitystore,identitystore,,identitystore,,,IdentityStore,IdentityStore,,1,,aws_identitystore_,,identitystore_,SSO Identity Store,AWS,,,,,
+identitystore,identitystore,identitystore,identitystore,,identitystore,,,IdentityStore,IdentityStore,x,2,,aws_identitystore_,,identitystore_,SSO Identity Store,AWS,,,,,
 sso-oidc,ssooidc,ssooidc,ssooidc,,ssooidc,,,SSOOIDC,SSOOIDC,,1,,aws_ssooidc_,,ssooidc_,SSO OIDC,AWS,,,,,
 storagegateway,storagegateway,storagegateway,storagegateway,,storagegateway,,,StorageGateway,StorageGateway,,1,,aws_storagegateway_,,storagegateway_,Storage Gateway,AWS,,,,,
 sts,sts,sts,sts,,sts,,,STS,STS,x,1,aws_caller_identity,aws_sts_,,caller_identity,STS (Security Token),AWS,,,AWS_STS_ENDPOINT,TF_AWS_STS_ENDPOINT,