f-aws_ec2_traffic_mirror_target

.changelog/26767.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_ec2_traffic_mirror_target: Add `gateway_load_balancer_endpoint_id` argument
+```

internal/service/ec2/vpc_traffic_mirror_target.go

@@ -36,11 +36,22 @@ func ResourceTrafficMirrorTarget() *schema.Resource {
 				Optional: true,
 				ForceNew: true,
 			},
+			"gateway_load_balancer_endpoint_id": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				ExactlyOneOf: []string{
+					"gateway_load_balancer_endpoint_id",
+					"network_interface_id",
+					"network_load_balancer_arn",
+				},
+			},
 			"network_interface_id": {
 				Type:     schema.TypeString,
 				Optional: true,
 				ForceNew: true,
 				ExactlyOneOf: []string{
+					"gateway_load_balancer_endpoint_id",
 					"network_interface_id",
 					"network_load_balancer_arn",
 				},
@@ -50,6 +61,7 @@ func ResourceTrafficMirrorTarget() *schema.Resource {
 				Optional: true,
 				ForceNew: true,
 				ExactlyOneOf: []string{
+					"gateway_load_balancer_endpoint_id",
 					"network_interface_id",
 					"network_load_balancer_arn",
 				},
@@ -76,6 +88,10 @@ func resourceTrafficMirrorTargetCreate(d *schema.ResourceData, meta interface{})
 		input.Description = aws.String(v.(string))
 	}
 
+	if v, ok := d.GetOk("gateway_load_balancer_endpoint_id"); ok {
+		input.GatewayLoadBalancerEndpointId = aws.String(v.(string))
+	}
+
 	if v, ok := d.GetOk("network_interface_id"); ok {
 		input.NetworkInterfaceId = aws.String(v.(string))
 	}
@@ -141,6 +157,7 @@ func resourceTrafficMirrorTargetRead(d *schema.ResourceData, meta interface{}) e
 
 	target := out.TrafficMirrorTargets[0]
 	d.Set("description", target.Description)
+	d.Set("gateway_load_balancer_endpoint_id", target.GatewayLoadBalancerEndpointId)
 	d.Set("network_interface_id", target.NetworkInterfaceId)
 	d.Set("network_load_balancer_arn", target.NetworkLoadBalancerArn)
 

internal/service/ec2/vpc_traffic_mirror_target_test.go

@@ -160,6 +160,37 @@ func TestAccVPCTrafficMirrorTarget_disappears(t *testing.T) {
 	})
 }
 
+func TestAccVPCTrafficMirrorTarget_gwlb(t *testing.T) {
+
+	resourceName := "aws_ec2_traffic_mirror_target.test"
+	rName := fmt.Sprintf("tf-acc-test-%s", sdkacctest.RandString(10))
+	description := "test gwlb endpoint target"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acctest.PreCheck(t)
+			testAccPreCheckTrafficMirrorTarget(t)
+		},
+		ErrorCheck:               acctest.ErrorCheck(t, ec2.EndpointsID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckTrafficMirrorTargetDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccVPCTrafficMirrorTargetConfig_gwlb(rName, description),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(resourceName, "description", description),
+					resource.TestMatchResourceAttr(resourceName, "gateway_load_balancer_endpoint_id", regexp.MustCompile("vpce-.*")),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func testAccCheckTrafficMirrorTargetExists(name string, target *ec2.TrafficMirrorTarget) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[name]
@@ -332,6 +363,19 @@ resource "aws_ec2_traffic_mirror_target" "test" {
 `, rName, description, tagKey1, tagValue1, tagKey2, tagValue2))
 }
 
+func testAccVPCTrafficMirrorTargetConfig_gwlb(rName, description string) string {
+	return acctest.ConfigCompose(
+		//testAccTrafficMirrorTargetConfigBase(rName),
+		testAccVPCEndpointConfig_gatewayLoadBalancer(rName),
+		fmt.Sprintf(`
+resource "aws_ec2_traffic_mirror_target" "test" {
+  description                       = %[2]q
+  gateway_load_balancer_endpoint_id = aws_vpc_endpoint.test.id
+  depends_on                        = [aws_vpc_endpoint.test]
+}
+`, rName, description))
+}
+
 func testAccPreCheckTrafficMirrorTarget(t *testing.T) {
 	conn := acctest.Provider.Meta().(*conns.AWSClient).EC2Conn
 

website/docs/r/ec2_traffic_mirror_target.html.markdown

@@ -25,6 +25,11 @@ resource "aws_ec2_traffic_mirror_target" "eni" {
   description          = "ENI target"
   network_interface_id = aws_instance.test.primary_network_interface_id
 }
+
+resource "aws_ec2_traffic_mirror_target" "gwlb" {
+  description                       = "GWLB target"
+  gateway_load_balancer_endpoint_id = aws_lb.lb.arn
+}
 ```
 
 ## Argument Reference
@@ -34,6 +39,7 @@ The following arguments are supported:
 * `description` - (Optional, Forces new) A description of the traffic mirror session.
 * `network_interface_id` - (Optional, Forces new) The network interface ID that is associated with the target.
 * `network_load_balancer_arn` - (Optional, Forces new) The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.
+* `gateway_load_balancer_endpoint_id` - (Optional, Forces new) The VPC Endpoint Id of the Gateway Load Balancer that is associated with the target.
 * `tags` - (Optional) Key-value map of resource tags. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
 
 **NOTE:** Either `network_interface_id` or `network_load_balancer_arn` should be specified and both should not be specified together