feat(datazone): add domain and environment blueprint configuration resources

[cogwirrel]

Description

Add resources for DataZone:

• Domain
• Environment Blueprint Configuration

Additionally add a data source for Environment Blueprints in order to retrieve the IDs of managed blueprints without hardcoding.

Relations

Relates #33792

References

https://docs.aws.amazon.com/datazone/latest/userguide/datazone-concepts.html

Output from Acceptance Testing

$ AWS_REGION=ap-southeast-2 AWS_PROFILE=default make testacc TESTS=TestAccDataZone PKG=datazone
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.21.8 test ./internal/service/datazone/... -v -count 1 -parallel 20 -run='TestAccDataZone'  -timeout 360m
=== RUN   TestAccDataZoneDomain_basic
=== PAUSE TestAccDataZoneDomain_basic
=== RUN   TestAccDataZoneDomain_disappears
=== PAUSE TestAccDataZoneDomain_disappears
=== RUN   TestAccDataZoneDomain_kms_key_identifier
=== PAUSE TestAccDataZoneDomain_kms_key_identifier
=== RUN   TestAccDataZoneDomain_description
=== PAUSE TestAccDataZoneDomain_description
=== RUN   TestAccDataZoneDomain_single_sign_on
=== PAUSE TestAccDataZoneDomain_single_sign_on
=== RUN   TestAccDataZoneDomain_tags
=== PAUSE TestAccDataZoneDomain_tags
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== RUN   TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== PAUSE TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== CONT  TestAccDataZoneDomain_basic
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== CONT  TestAccDataZoneDomain_single_sign_on
=== CONT  TestAccDataZoneDomain_kms_key_identifier
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== CONT  TestAccDataZoneDomain_tags
=== CONT  TestAccDataZoneDomain_description
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== CONT  TestAccDataZoneDomain_disappears
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== CONT  TestAccDataZoneEnvironmentBlueprintDataSource_basic
--- PASS: TestAccDataZoneDomain_basic (137.87s)
--- PASS: TestAccDataZoneDomain_single_sign_on (139.36s)
--- PASS: TestAccDataZoneDomain_disappears (139.67s)
--- PASS: TestAccDataZoneDomain_description (141.29s)
--- PASS: TestAccDataZoneEnvironmentBlueprintDataSource_basic (164.53s)
--- PASS: TestAccDataZoneDomain_kms_key_identifier (171.80s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_disappears (207.23s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_basic (210.45s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn (220.59s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn (220.66s)
--- PASS: TestAccDataZoneDomain_tags (233.04s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions (269.25s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters (269.30s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/datazone   275.038s

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

• Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
• For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
• Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

[AdamTylerLynch]

Changes requested. I did not have time to review all files.

[AdamTylerLynch]

Attributes should be defined in alphabetical order (not the order that the AWS API defines them in).

[AdamTylerLynch]

Can you explain why it was necessary to use stringplanmodifier.UseStateForUnknown(),?

[cogwirrel]

It's to save explicitly updating the state from the plan for this computed value in Update - if it's preferred that I do that I'm happy to update it though!

[AdamTylerLynch]

Please alphabetize input parameters

[AdamTylerLynch]

We typically prefer the retry logic to be inline, not in another function.

You can see a recent pattern for this here in the Bedrock Custom Model resource.

terraform-provider-aws/internal/service/bedrock/custom_model.go

Line 302 in e6da217

outputRaw, err := tfresource.RetryWhenAWSErrMessageContains(ctx, propagationTimeout, func() (interface{}, error) {

[cogwirrel]

Ah awesome thanks for pointing me to an example! Much cleaner 😄

[AdamTylerLynch]

Well done! I love the conciseness of this.

[AdamTylerLynch]

Naming convention is normally:

Model.

example: customModelResourceModel

Suggested change

	type resourceDomainData struct {
	type domainResourceModel struct {

[cogwirrel]

Ah awesome, updated! :)

[AdamTylerLynch]

Really nice job on the AccTests! The use of _basic for all required attributes, and then individual tests for each other attribute/feature provide lasting maintainability that is forward compatable.

[cogwirrel]

Thank you! 😄

[AdamTylerLynch]

Suggested change

	Optional: true,
	CustomType: fwtypes.ARNType,
	Optional: true,

[cogwirrel]

Thanks! Updated :)

[AdamTylerLynch]

Suggested change

	Optional: true,
	CustomType: fwtypes.ARNType,
	Optional: true,

[nsb413]

Looking forward to Terraform support for Amazon Datazone.

[AdamTylerLynch]

@cogwirrel can you please re-run all of the acceptance tests and provide the outputs?

[AdamTylerLynch]

 make testacc TESTS=TestAccDataZone PKG=datazone
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.21.8 test ./internal/service/datazone/... -v -count 1 -parallel 20 -run='TestAccDataZone'  -timeout 360m
=== RUN   TestAccDataZoneDomain_basic
=== PAUSE TestAccDataZoneDomain_basic
=== RUN   TestAccDataZoneDomain_disappears
=== PAUSE TestAccDataZoneDomain_disappears
=== RUN   TestAccDataZoneDomain_kms_key_identifier
=== PAUSE TestAccDataZoneDomain_kms_key_identifier
=== RUN   TestAccDataZoneDomain_description
=== PAUSE TestAccDataZoneDomain_description
=== RUN   TestAccDataZoneDomain_single_sign_on
=== PAUSE TestAccDataZoneDomain_single_sign_on
=== RUN   TestAccDataZoneDomain_tags
=== PAUSE TestAccDataZoneDomain_tags
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== RUN   TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== PAUSE TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== CONT  TestAccDataZoneDomain_basic
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== CONT  TestAccDataZoneDomain_disappears
=== CONT  TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== CONT  TestAccDataZoneDomain_single_sign_on
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== CONT  TestAccDataZoneDomain_kms_key_identifier
=== CONT  TestAccDataZoneDomain_description
=== CONT  TestAccDataZoneDomain_tags
--- PASS: TestAccDataZoneDomain_disappears (28.28s)
--- PASS: TestAccDataZoneEnvironmentBlueprintDataSource_basic (29.17s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_disappears (30.35s)
--- PASS: TestAccDataZoneDomain_single_sign_on (30.87s)
--- PASS: TestAccDataZoneDomain_basic (30.87s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn (32.46s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn (32.71s)
--- PASS: TestAccDataZoneDomain_description (33.07s)
--- PASS: TestAccDataZoneDomain_kms_key_identifier (33.79s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_basic (35.13s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters (42.22s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions (45.80s)
--- PASS: TestAccDataZoneDomain_tags (49.42s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/datazone	55.041s

[AdamTylerLynch]

LGTM 🚀

[YakDriver]

LGTM 🎉

% make t T=TestAccDataZone K=datazone
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/datazone/... -v -count 1 -parallel 20 -run='TestAccDataZone'  -timeout 360m
=== RUN   TestAccDataZoneDomain_basic
=== PAUSE TestAccDataZoneDomain_basic
=== RUN   TestAccDataZoneDomain_disappears
=== PAUSE TestAccDataZoneDomain_disappears
=== RUN   TestAccDataZoneDomain_kms_key_identifier
=== PAUSE TestAccDataZoneDomain_kms_key_identifier
=== RUN   TestAccDataZoneDomain_description
=== PAUSE TestAccDataZoneDomain_description
=== RUN   TestAccDataZoneDomain_single_sign_on
=== PAUSE TestAccDataZoneDomain_single_sign_on
=== RUN   TestAccDataZoneDomain_tags
=== PAUSE TestAccDataZoneDomain_tags
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
=== RUN   TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== PAUSE TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== RUN   TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== PAUSE TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== CONT  TestAccDataZoneDomain_basic
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_disappears
=== CONT  TestAccDataZoneDomain_single_sign_on
=== CONT  TestAccDataZoneDomain_disappears
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions
=== CONT  TestAccDataZoneEnvironmentBlueprintDataSource_basic
=== CONT  TestAccDataZoneDomain_kms_key_identifier
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters
=== CONT  TestAccDataZoneDomain_description
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_basic
=== CONT  TestAccDataZoneDomain_tags
=== CONT  TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn
--- PASS: TestAccDataZoneDomain_disappears (43.25s)
--- PASS: TestAccDataZoneEnvironmentBlueprintDataSource_basic (43.40s)
--- PASS: TestAccDataZoneDomain_single_sign_on (45.28s)
--- PASS: TestAccDataZoneDomain_description (46.07s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_disappears (47.39s)
--- PASS: TestAccDataZoneDomain_basic (47.78s)
--- PASS: TestAccDataZoneDomain_kms_key_identifier (49.15s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_manage_access_role_arn (51.09s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_basic (51.34s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_provisioning_role_arn (51.52s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_regional_parameters (62.79s)
--- PASS: TestAccDataZoneEnvironmentBlueprintConfiguration_enabled_regions (65.12s)
--- PASS: TestAccDataZoneDomain_tags (72.36s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/datazone	74.834s

[github-actions]

This functionality has been released in v5.49.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.