Merge pull request #34140 from jseiser/b-aws_lb-dns_record_client_gov

Fix aws_lb network in AWS GovCloud

.changelog/34135.txt

@@ -0,0 +1,7 @@
+```release-note:bug
+resource/aws_lb: Fix `InvalidConfigurationRequest: Load balancer attribute key 'dns_record.client_routing_policy' is not supported on load balancers with type 'network'` errors on resource Create in AWS GovCloud (US)
+```
+
+```release-note:enhancement
+data-source/aws_lb: Add `dns_record_client_routing_policy` attribute
+```

internal/flex/flex.go

@@ -289,12 +289,29 @@ func FlattenResourceId(idParts []string, partCount int, allowEmptyPart bool) (st
 	return strings.Join(idParts, ResourceIdSeparator), nil
 }
 
+// BoolValueToString converts a Go bool value to a string pointer.
+func BoolValueToString(v bool) *string {
+	return aws.String(strconv.FormatBool(v))
+}
+
 // StringToBoolValue converts a string pointer to a Go bool value.
 // Only the string "true" is converted to true, all other values return false.
 func StringToBoolValue(v *string) bool {
 	return aws.StringValue(v) == strconv.FormatBool(true)
 }
 
+// IntValueToString converts a Go int value to a string pointer.
+func IntValueToString(v int) *string {
+	return aws.String(strconv.Itoa(v))
+}
+
+// StringToIntValue converts a string pointer to a Go int value.
+// Invalid integer strings are converted to 0.
+func StringToIntValue(v *string) int {
+	i, _ := strconv.Atoi(aws.StringValue(v))
+	return i
+}
+
 // Takes a string of resource attributes separated by the ResourceIdSeparator constant
 // returns the number of parts
 func ResourceIdPartCount(id string) int {

internal/service/elbv2/const.go

@@ -4,7 +4,79 @@
 package elbv2
 
 const (
-	ErrValidationError = "ValidationError"
+	errCodeValidationError = "ValidationError"
 
-	TagsOnCreationErrMessage = "cannot specify tags on creation"
+	tagsOnCreationErrMessage = "cannot specify tags on creation"
 )
+
+// See https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_LoadBalancerAttribute.html#API_LoadBalancerAttribute_Contents.
+const (
+	// The following attributes are supported by all load balancers:
+	loadBalancerAttributeDeletionProtectionEnabled     = "deletion_protection.enabled"
+	loadBalancerAttributeLoadBalancingCrossZoneEnabled = "load_balancing.cross_zone.enabled"
+
+	// The following attributes are supported by both Application Load Balancers and Network Load Balancers:
+	loadBalancerAttributeAccessLogsS3Enabled   = "access_logs.s3.enabled"
+	loadBalancerAttributeAccessLogsS3Bucket    = "access_logs.s3.bucket"
+	loadBalancerAttributeAccessLogsS3Prefix    = "access_logs.s3.prefix"
+	loadBalancerAttributeIPv6DenyAllIGWTraffic = "ipv6.deny_all_igw_traffic"
+
+	// The following attributes are supported by only Application Load Balancers:
+	loadBalancerAttributeIdleTimeoutTimeoutSeconds                       = "idle_timeout.timeout_seconds"
+	loadBalancerAttributeConnectionLogsS3Enabled                         = "connection_logs.s3.enabled"
+	loadBalancerAttributeConnectionLogsS3Bucket                          = "connection_logs.s3.bucket"
+	loadBalancerAttributeConnectionLogsS3Prefix                          = "connection_logs.s3.prefix"
+	loadBalancerAttributeRoutingHTTPDesyncMitigationMode                 = "routing.http.desync_mitigation_mode"
+	loadBalancerAttributeRoutingHTTPDropInvalidHeaderFieldsEnabled       = "routing.http.drop_invalid_header_fields.enabled"
+	loadBalancerAttributeRoutingHTTPPreserveHostHeaderEnabled            = "routing.http.preserve_host_header.enabled"
+	loadBalancerAttributeRoutingHTTPXAmznTLSVersionAndCipherSuiteEnabled = "routing.http.x_amzn_tls_version_and_cipher_suite.enabled"
+	loadBalancerAttributeRoutingHTTPXFFClientPortEnabled                 = "routing.http.xff_client_port.enabled"
+	loadBalancerAttributeRoutingHTTPXFFHeaderProcessingMode              = "routing.http.xff_header_processing.mode"
+	loadBalancerAttributeRoutingHTTP2Enabled                             = "routing.http2.enabled"
+	loadBalancerAttributeWAFFailOpenEnabled                              = "waf.fail_open.enabled"
+
+	// The following attributes are supported by only Network Load Balancers:
+	loadBalancerAttributeDNSRecordClientRoutingPolicy = "dns_record.client_routing_policy"
+)
+
+const (
+	httpDesyncMitigationModeMonitor   = "monitor"
+	httpDesyncMitigationModeDefensive = "defensive"
+	httpDesyncMitigationModeStrictest = "strictest"
+)
+
+func httpDesyncMitigationMode_Values() []string {
+	return []string{
+		httpDesyncMitigationModeMonitor,
+		httpDesyncMitigationModeDefensive,
+		httpDesyncMitigationModeStrictest,
+	}
+}
+
+const (
+	dnsRecordClientRoutingPolicyAvailabilityZoneAffinity        = "availability_zone_affinity"
+	dnsRecordClientRoutingPolicyPartialAvailabilityZoneAffinity = "partial_availability_zone_affinity"
+	dnsRecordClientRoutingPolicyAnyAvailabilityZone             = "any_availability_zone"
+)
+
+func dnsRecordClientRoutingPolicy_Values() []string {
+	return []string{
+		dnsRecordClientRoutingPolicyAvailabilityZoneAffinity,
+		dnsRecordClientRoutingPolicyPartialAvailabilityZoneAffinity,
+		dnsRecordClientRoutingPolicyAnyAvailabilityZone,
+	}
+}
+
+const (
+	httpXFFHeaderProcessingModeAppend   = "append"
+	httpXFFHeaderProcessingModePreserve = "preserve"
+	httpXFFHeaderProcessingModeRemove   = "remove"
+)
+
+func httpXFFHeaderProcessingMode_Values() []string {
+	return []string{
+		httpXFFHeaderProcessingModeAppend,
+		httpXFFHeaderProcessingModePreserve,
+		httpXFFHeaderProcessingModeRemove,
+	}
+}

internal/service/elbv2/listener.go

@@ -480,7 +480,7 @@ func resourceListenerCreate(ctx context.Context, d *schema.ResourceData, meta in
 
 	// Tags are not supported on creation with some load balancer types (i.e. Gateway)
 	// Retry creation without tags
-	if input.Tags != nil && tfawserr.ErrMessageContains(err, ErrValidationError, TagsOnCreationErrMessage) {
+	if input.Tags != nil && tfawserr.ErrMessageContains(err, errCodeValidationError, tagsOnCreationErrMessage) {
 		input.Tags = nil
 
 		output, err = retryListenerCreate(ctx, conn, input, d.Timeout(schema.TimeoutCreate))