resource/aws_transfer_server: Add support for VPC security groups

.changelog/17539.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_transfer_server: Add `security_group_ids` argument to `endpoint_details` configuration block.
+```

.semgrep.yml

@@ -22,6 +22,7 @@ rules:
         - aws/validators.go
         - aws/*wafregional*.go
         - aws/resource_aws_serverlessapplicationrepository_cloudformation_stack.go
+        - aws/resource_aws_transfer_server.go
         - aws/*_test.go
         - aws/internal/keyvaluetags/
         - aws/internal/service/wafregional/

aws/internal/service/ec2/errors.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 
 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/service/ec2"
 	multierror "github.com/hashicorp/go-multierror"
 )
@@ -69,6 +70,7 @@ const (
 
 const (
 	ErrCodeInvalidVpcEndpointIdNotFound        = "InvalidVpcEndpointId.NotFound"
+	ErrCodeInvalidVpcEndpointNotFound          = "InvalidVpcEndpoint.NotFound"
 	ErrCodeInvalidVpcEndpointServiceIdNotFound = "InvalidVpcEndpointServiceId.NotFound"
 )
 
@@ -86,7 +88,7 @@ func UnsuccessfulItemError(apiObject *ec2.UnsuccessfulItemError) error {
 		return nil
 	}
 
-	return fmt.Errorf("%s: %s", aws.StringValue(apiObject.Code), aws.StringValue(apiObject.Message))
+	return awserr.New(aws.StringValue(apiObject.Code), aws.StringValue(apiObject.Message), nil)
 }
 
 func UnsuccessfulItemsError(apiObjects []*ec2.UnsuccessfulItem) error {

aws/internal/service/ec2/errors_test.go

@@ -0,0 +1,133 @@
+package ec2_test
+
+import (
+	"testing"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/ec2"
+	"github.com/hashicorp/aws-sdk-go-base/tfawserr"
+	tfec2 "github.com/terraform-providers/terraform-provider-aws/aws/internal/service/ec2"
+)
+
+func TestUnsuccessfulItemError(t *testing.T) {
+	unsuccessfulItemError := &ec2.UnsuccessfulItemError{
+		Code:    aws.String("test code"),
+		Message: aws.String("test message"),
+	}
+
+	err := tfec2.UnsuccessfulItemError(unsuccessfulItemError)
+
+	if !tfawserr.ErrCodeEquals(err, "test code") {
+		t.Errorf("tfawserr.ErrCodeEquals failed: %s", err)
+	}
+
+	if !tfawserr.ErrMessageContains(err, "test code", "est mess") {
+		t.Errorf("tfawserr.ErrMessageContains failed: %s", err)
+	}
+}
+
+func TestUnsuccessfulItemsError(t *testing.T) {
+	testCases := []struct {
+		Name     string
+		Items    []*ec2.UnsuccessfulItem
+		Expected bool
+	}{
+		{
+			Name: "no items",
+		},
+		{
+			Name: "one item no error",
+			Items: []*ec2.UnsuccessfulItem{
+				{
+					ResourceId: aws.String("test resource"),
+				},
+			},
+		},
+		{
+			Name: "one item",
+			Items: []*ec2.UnsuccessfulItem{
+				{
+					Error: &ec2.UnsuccessfulItemError{
+						Code:    aws.String("test code"),
+						Message: aws.String("test message"),
+					},
+					ResourceId: aws.String("test resource"),
+				},
+			},
+			Expected: true,
+		},
+		{
+			Name: "two items, first no error",
+			Items: []*ec2.UnsuccessfulItem{
+				{
+					ResourceId: aws.String("test resource 1"),
+				},
+				{
+					Error: &ec2.UnsuccessfulItemError{
+						Code:    aws.String("test code"),
+						Message: aws.String("test message"),
+					},
+					ResourceId: aws.String("test resource 2"),
+				},
+			},
+			Expected: true,
+		},
+		{
+			Name: "two items, first not as expected",
+			Items: []*ec2.UnsuccessfulItem{
+				{
+					Error: &ec2.UnsuccessfulItemError{
+						Code:    aws.String("not what is required"),
+						Message: aws.String("not what is wanted"),
+					},
+					ResourceId: aws.String("test resource 1"),
+				},
+				{
+					Error: &ec2.UnsuccessfulItemError{
+						Code:    aws.String("test code"),
+						Message: aws.String("test message"),
+					},
+					ResourceId: aws.String("test resource 2"),
+				},
+			},
+		},
+		{
+			Name: "two items, first as expected",
+			Items: []*ec2.UnsuccessfulItem{
+				{
+					Error: &ec2.UnsuccessfulItemError{
+						Code:    aws.String("test code"),
+						Message: aws.String("test message"),
+					},
+					ResourceId: aws.String("test resource 1"),
+				},
+				{
+					Error: &ec2.UnsuccessfulItemError{
+						Code:    aws.String("not what is required"),
+						Message: aws.String("not what is wanted"),
+					},
+					ResourceId: aws.String("test resource 2"),
+				},
+			},
+			Expected: true,
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.Name, func(t *testing.T) {
+			err := tfec2.UnsuccessfulItemsError(testCase.Items)
+
+			got := tfawserr.ErrCodeEquals(err, "test code")
+
+			if got != testCase.Expected {
+				t.Errorf("ErrCodeEquals got %t, expected %t", got, testCase.Expected)
+			}
+
+			got = tfawserr.ErrMessageContains(err, "test code", "est mess")
+
+			if got != testCase.Expected {
+				t.Errorf("ErrMessageContains got %t, expected %t", got, testCase.Expected)
+			}
+		})
+	}
+}

aws/internal/service/transfer/enum.go

@@ -0,0 +1,15 @@
+package transfer
+
+const (
+	SecurityPolicyName2018_11      = "TransferSecurityPolicy-2018-11"
+	SecurityPolicyName2020_06      = "TransferSecurityPolicy-2020-06"
+	SecurityPolicyNameFIPS_2020_06 = "TransferSecurityPolicy-FIPS-2020-06"
+)
+
+func SecurityPolicyName_Values() []string {
+	return []string{
+		SecurityPolicyName2018_11,
+		SecurityPolicyName2020_06,
+		SecurityPolicyNameFIPS_2020_06,
+	}
+}