Merge pull request #35879 from robertgv/f-aws_transfer_family-add_tra…

…nsfersecuritypolicy_2024_01 feat: Add support for 2 new security_policy_name (2024-01)
hashicorp · Feb 21, 2024 · 7a38b05 · 7a38b05
2 parents 564a4d2 + 6597f82
commit 7a38b05
Show file tree

Hide file tree

Showing 10 changed files with 59 additions and 7 deletions.
diff --git a/.changelog/35879.txt b/.changelog/35879.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_transfer_server: Add `TransferSecurityPolicy-2024-01` and `TransferSecurityPolicy-FIPS-2024-01` as valid values for `security_policy_name`
+```
diff --git a/internal/service/transfer/enum.go b/internal/service/transfer/enum.go
@@ -8,8 +8,10 @@ const (
 	SecurityPolicyName2020_06             = "TransferSecurityPolicy-2020-06"
 	SecurityPolicyNameFIPS_2020_06        = "TransferSecurityPolicy-FIPS-2020-06"
 	SecurityPolicyNameFIPS_2023_05        = "TransferSecurityPolicy-FIPS-2023-05"
+	SecurityPolicyNameFIPS_2024_01        = "TransferSecurityPolicy-FIPS-2024-01"
 	SecurityPolicyName2022_03             = "TransferSecurityPolicy-2022-03"
 	SecurityPolicyName2023_05             = "TransferSecurityPolicy-2023-05"
+	SecurityPolicyName2024_01             = "TransferSecurityPolicy-2024-01"
 	SecurityPolicyNamePQ_SSH_2023_04      = "TransferSecurityPolicy-PQ-SSH-Experimental-2023-04"
 	SecurityPolicyNamePQ_SSH_FIPS_2023_04 = "TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04"
 )
@@ -20,8 +22,10 @@ func SecurityPolicyName_Values() []string {
 		SecurityPolicyName2020_06,
 		SecurityPolicyNameFIPS_2020_06,
 		SecurityPolicyNameFIPS_2023_05,
+		SecurityPolicyNameFIPS_2024_01,
 		SecurityPolicyName2022_03,
 		SecurityPolicyName2023_05,
+		SecurityPolicyName2024_01,
 		SecurityPolicyNamePQ_SSH_2023_04,
 		SecurityPolicyNamePQ_SSH_FIPS_2023_04,
 	}

diff --git a/internal/service/transfer/exports_test.go b/internal/service/transfer/exports_test.go
@@ -5,5 +5,6 @@ package transfer
 
 // Exports for use in tests only.
 var (
-	ResourceTag = resourceTag
+	ResourceServer = resourceServer
+	ResourceTag    = resourceTag
 )
diff --git a/internal/service/transfer/server.go b/internal/service/transfer/server.go
@@ -30,7 +30,7 @@ import ( // nosemgrep:ci.semgrep.aws.multiple-service-imports
 
 // @SDKResource("aws_transfer_server", name="Server")
 // @Tags(identifierAttribute="arn")
-func ResourceServer() *schema.Resource {
+func resourceServer() *schema.Resource {
 	return &schema.Resource{
 		CreateWithoutTimeout: resourceServerCreate,
 		ReadWithoutTimeout:   resourceServerRead,

diff --git a/internal/service/transfer/server_test.go b/internal/service/transfer/server_test.go
@@ -264,6 +264,13 @@ func testAccServer_securityPolicy(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-PQ-SSH-Experimental-2023-04"),
 				),
 			},
+			{
+				Config: testAccServerConfig_securityPolicy(rName, "TransferSecurityPolicy-2024-01"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckServerExists(ctx, resourceName, &conf),
+					resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-2024-01"),
+				),
+			},
 		},
 	})
 }
@@ -293,6 +300,13 @@ func testAccServer_securityPolicyFIPS(t *testing.T) {
 				ImportStateVerify:       true,
 				ImportStateVerifyIgnore: []string{"force_destroy"},
 			},
+			{
+				Config: testAccServerConfig_securityPolicy(rName, "TransferSecurityPolicy-FIPS-2024-01"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckServerExists(ctx, resourceName, &conf),
+					resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-FIPS-2024-01"),
+				),
+			},
 		},
 	})
 }

diff --git a/internal/service/transfer/service_package_gen.go b/internal/service/transfer/service_package_gen.go
diff --git a/internal/service/transfer/sweep.go b/internal/service/transfer/sweep.go
@@ -45,7 +45,7 @@ func sweepServers(region string) error {
 		}
 
 		for _, server := range page.Servers {
-			r := ResourceServer()
+			r := resourceServer()
 			d := r.Data(nil)
 			d.SetId(aws.StringValue(server.ServerId))
 			d.Set("force_destroy", true) // In lieu of an aws_transfer_user sweeper.

diff --git a/website/docs/cdktf/python/r/transfer_server.html.markdown b/website/docs/cdktf/python/r/transfer_server.html.markdown
@@ -221,7 +221,17 @@ This resource supports the following arguments:
 * `post_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.
 * `pre_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
 * `protocol_details`- (Optional) The protocol settings that are configured for your server.
-* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03`, `TransferSecurityPolicy-2023-05`, `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`. Default value is: `TransferSecurityPolicy-2018-11`.
+* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2018-11`. The available values are:
+    * `TransferSecurityPolicy-2024-01`
+    * `TransferSecurityPolicy-2023-05`
+    * `TransferSecurityPolicy-2022-03`
+    * `TransferSecurityPolicy-2020-06`
+    * `TransferSecurityPolicy-2018-11`
+    * `TransferSecurityPolicy-FIPS-2024-01`
+    * `TransferSecurityPolicy-FIPS-2023-05`
+    * `TransferSecurityPolicy-FIPS-2020-06`
+    * `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`
+    * `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`
 * `structured_log_destinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.
 * `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
 * `workflow_details` - (Optional) Specifies the workflow details. See Workflow Details below.

diff --git a/website/docs/cdktf/typescript/r/transfer_server.html.markdown b/website/docs/cdktf/typescript/r/transfer_server.html.markdown
@@ -254,7 +254,17 @@ This resource supports the following arguments:
 * `postAuthenticationLoginBanner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.
 * `preAuthenticationLoginBanner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
 * `protocolDetails`- (Optional) The protocol settings that are configured for your server.
-* `securityPolicyName` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03`, `TransferSecurityPolicy-2023-05`, `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`. Default value is: `TransferSecurityPolicy-2018-11`.
+* `securityPolicyName` - (Optional) Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2018-11`. The available values are:
+    * `TransferSecurityPolicy-2024-01`
+    * `TransferSecurityPolicy-2023-05`
+    * `TransferSecurityPolicy-2022-03`
+    * `TransferSecurityPolicy-2020-06`
+    * `TransferSecurityPolicy-2018-11`
+    * `TransferSecurityPolicy-FIPS-2024-01`
+    * `TransferSecurityPolicy-FIPS-2023-05`
+    * `TransferSecurityPolicy-FIPS-2020-06`
+    * `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`
+    * `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`
 * `structuredLogDestinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.
 * `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`defaultTags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
 * `workflowDetails` - (Optional) Specifies the workflow details. See Workflow Details below.

diff --git a/website/docs/r/transfer_server.html.markdown b/website/docs/r/transfer_server.html.markdown
@@ -145,7 +145,17 @@ This resource supports the following arguments:
 * `post_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.
 * `pre_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
 * `protocol_details`- (Optional) The protocol settings that are configured for your server.
-* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03`, `TransferSecurityPolicy-2023-05`, `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`. Default value is: `TransferSecurityPolicy-2018-11`.
+* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2018-11`. The available values are:
+    * `TransferSecurityPolicy-2024-01`
+    * `TransferSecurityPolicy-2023-05`
+    * `TransferSecurityPolicy-2022-03`
+    * `TransferSecurityPolicy-2020-06`
+    * `TransferSecurityPolicy-2018-11`
+    * `TransferSecurityPolicy-FIPS-2024-01`
+    * `TransferSecurityPolicy-FIPS-2023-05`
+    * `TransferSecurityPolicy-FIPS-2020-06`
+    * `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`
+    * `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`
 * `structured_log_destinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.
 * `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
 * `workflow_details` - (Optional) Specifies the workflow details. See Workflow Details below.