diff --git a/.changelog/28450.txt b/.changelog/28450.txt new file mode 100644 index 00000000000..de9abe1f16c --- /dev/null +++ b/.changelog/28450.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_networkmanager_vpc_attachment: Add `options.appliance_mode_support` argument +``` \ No newline at end of file diff --git a/go.mod b/go.mod index 2a96bded9ad..170d1f96d57 100644 --- a/go.mod +++ b/go.mod @@ -19,6 +19,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/ivschat v1.2.0 github.com/aws/aws-sdk-go-v2/service/kendra v1.36.1 github.com/aws/aws-sdk-go-v2/service/medialive v1.26.0 + github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.0.2 github.com/aws/aws-sdk-go-v2/service/pipes v1.0.1 github.com/aws/aws-sdk-go-v2/service/rds v1.35.0 github.com/aws/aws-sdk-go-v2/service/resourceexplorer2 v1.0.3 @@ -80,7 +81,6 @@ require ( github.com/aws/aws-sdk-go-v2/service/iam v1.18.4 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.20 // indirect github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.20 // indirect - github.com/aws/aws-sdk-go-v2/service/opensearchserverless v1.0.2 // indirect github.com/aws/aws-sdk-go-v2/service/sso v1.11.4 // indirect github.com/aws/aws-sdk-go-v2/service/sts v1.16.4 // indirect github.com/bgentry/speakeasy v0.1.0 // indirect diff --git a/internal/service/networkmanager/vpc_attachment.go b/internal/service/networkmanager/vpc_attachment.go index 1cbc7f01d92..cedd93d2767 100644 --- a/internal/service/networkmanager/vpc_attachment.go +++ b/internal/service/networkmanager/vpc_attachment.go @@ -71,9 +71,13 @@ func ResourceVPCAttachment() *schema.Resource { MaxItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ + "appliance_mode_support": { + Type: schema.TypeBool, + Optional: true, + }, "ipv6_support": { Type: schema.TypeBool, - Required: true, + Optional: true, }, }, }, @@ -407,6 +411,10 @@ func expandVpcOptions(tfMap map[string]interface{}) *networkmanager.VpcOptions { apiObject := &networkmanager.VpcOptions{} + if v, ok := tfMap["appliance_mode_support"].(bool); ok { + apiObject.ApplianceModeSupport = aws.Bool(v) + } + if v, ok := tfMap["ipv6_support"].(bool); ok { apiObject.Ipv6Support = aws.Bool(v) } @@ -421,6 +429,10 @@ func flattenVpcOptions(apiObject *networkmanager.VpcOptions) map[string]interfac tfMap := map[string]interface{}{} + if v := apiObject.ApplianceModeSupport; v != nil { + tfMap["appliance_mode_support"] = aws.BoolValue(v) + } + if v := apiObject.Ipv6Support; v != nil { tfMap["ipv6_support"] = aws.BoolValue(v) } diff --git a/internal/service/networkmanager/vpc_attachment_test.go b/internal/service/networkmanager/vpc_attachment_test.go index 71962674806..6abc99986d8 100644 --- a/internal/service/networkmanager/vpc_attachment_test.go +++ b/internal/service/networkmanager/vpc_attachment_test.go @@ -40,6 +40,7 @@ func TestAccNetworkManagerVPCAttachment_basic(t *testing.T) { resource.TestCheckResourceAttrSet(resourceName, "core_network_id"), resource.TestCheckResourceAttr(resourceName, "edge_location", acctest.Region()), resource.TestCheckResourceAttr(resourceName, "options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.appliance_mode_support", "false"), resource.TestCheckResourceAttr(resourceName, "options.0.ipv6_support", "false"), acctest.CheckResourceAttrAccountID(resourceName, "owner_account_id"), resource.TestCheckResourceAttrPair(resourceName, "resource_arn", vpcResourceName, "arn"), @@ -139,35 +140,39 @@ func TestAccNetworkManagerVPCAttachment_update(t *testing.T) { CheckDestroy: testAccCheckVPCAttachmentDestroy, Steps: []resource.TestStep{ { - Config: testAccVPCAttachmentConfig_updates(rName, 2, false), + Config: testAccVPCAttachmentConfig_updates(rName, 2, true, false), Check: resource.ComposeTestCheckFunc( testAccCheckVPCAttachmentExists(resourceName, &v), resource.TestCheckResourceAttr(resourceName, "subnet_arns.#", "2"), + resource.TestCheckResourceAttr(resourceName, "options.0.appliance_mode_support", "true"), resource.TestCheckResourceAttr(resourceName, "options.0.ipv6_support", "false"), ), }, { - Config: testAccVPCAttachmentConfig_updates(rName, 1, true), + Config: testAccVPCAttachmentConfig_updates(rName, 1, false, true), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "subnet_arns.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.appliance_mode_support", "false"), resource.TestCheckResourceAttr(resourceName, "options.0.ipv6_support", "true"), ), }, { - Config: testAccVPCAttachmentConfig_updates(rName, 2, false), + Config: testAccVPCAttachmentConfig_updates(rName, 2, false, false), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr(resourceName, "subnet_arns.#", "2"), + resource.TestCheckResourceAttr(resourceName, "options.0.appliance_mode_support", "false"), resource.TestCheckResourceAttr(resourceName, "options.0.ipv6_support", "false"), ), }, // Cannot currently update ipv6 on its own, must also update subnet_arn - // { - // Config: testAccVPCAttachmentConfig_updates(rName, 2, true), - // Check: resource.ComposeTestCheckFunc( - // resource.TestCheckResourceAttr(resourceName, "subnet_arns.#", "2"), - // resource.TestCheckResourceAttr(resourceName, "options.0.ipv6_support", "true"), - // ), - // }, + { + Config: testAccVPCAttachmentConfig_updates(rName, 2, true, true), + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr(resourceName, "subnet_arns.#", "2"), + resource.TestCheckResourceAttr(resourceName, "options.0.appliance_mode_support", "true"), + resource.TestCheckResourceAttr(resourceName, "options.0.ipv6_support", "true"), + ), + }, { ResourceName: resourceName, ImportState: true, @@ -264,6 +269,10 @@ resource "aws_networkmanager_global_network" "test" { resource "aws_networkmanager_core_network" "test" { global_network_id = aws_networkmanager_global_network.test.id policy_document = data.aws_networkmanager_core_network_policy_document.test.json + + tags = { + Name = %[1]q + } } data "aws_networkmanager_core_network_policy_document" "test" { @@ -363,7 +372,7 @@ resource "aws_networkmanager_attachment_accepter" "test" { `, tagKey1, tagValue1, tagKey2, tagValue2)) } -func testAccVPCAttachmentConfig_updates(rName string, nSubnets int, ipv6Support bool) string { +func testAccVPCAttachmentConfig_updates(rName string, nSubnets int, applianceModeSupport, ipv6Support bool) string { return acctest.ConfigCompose(testAccVPCAttachmentConfig_base(rName), fmt.Sprintf(` resource "aws_networkmanager_vpc_attachment" "test" { subnet_arns = slice(aws_subnet.test[*].arn, 0, %[2]d) @@ -371,7 +380,8 @@ resource "aws_networkmanager_vpc_attachment" "test" { vpc_arn = aws_vpc.test.arn options { - ipv6_support = %[3]t + appliance_mode_support = %[3]t + ipv6_support = %[4]t } tags = { @@ -383,5 +393,5 @@ resource "aws_networkmanager_attachment_accepter" "test" { attachment_id = aws_networkmanager_vpc_attachment.test.id attachment_type = aws_networkmanager_vpc_attachment.test.attachment_type } -`, rName, nSubnets, ipv6Support)) +`, rName, nSubnets, applianceModeSupport, ipv6Support)) } diff --git a/website/docs/r/networkmanager_vpc_attachment.html.markdown b/website/docs/r/networkmanager_vpc_attachment.html.markdown index 347871003dd..cb53f94bb74 100644 --- a/website/docs/r/networkmanager_vpc_attachment.html.markdown +++ b/website/docs/r/networkmanager_vpc_attachment.html.markdown @@ -37,7 +37,8 @@ The following arguments are optional: ### options -* `ipv6_support` - (Required) Indicates whether IPv6 is supported. +* `appliance_mode_support` - (Optional) Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. +* `ipv6_support` - (Optional) Indicates whether IPv6 is supported. ## Attributes Reference