diff --git a/.changelog/35129.txt b/.changelog/35129.txt new file mode 100644 index 00000000000..006bc72880d --- /dev/null +++ b/.changelog/35129.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_transfer_server: Add `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04` as valid values for `security_policy_name` +``` \ No newline at end of file diff --git a/internal/service/transfer/enum.go b/internal/service/transfer/enum.go index d0e6d1871b0..39b6d79abaf 100644 --- a/internal/service/transfer/enum.go +++ b/internal/service/transfer/enum.go @@ -4,12 +4,14 @@ package transfer const ( - SecurityPolicyName2018_11 = "TransferSecurityPolicy-2018-11" - SecurityPolicyName2020_06 = "TransferSecurityPolicy-2020-06" - SecurityPolicyNameFIPS_2020_06 = "TransferSecurityPolicy-FIPS-2020-06" - SecurityPolicyNameFIPS_2023_05 = "TransferSecurityPolicy-FIPS-2023-05" - SecurityPolicyName2022_03 = "TransferSecurityPolicy-2022-03" - SecurityPolicyName2023_05 = "TransferSecurityPolicy-2023-05" + SecurityPolicyName2018_11 = "TransferSecurityPolicy-2018-11" + SecurityPolicyName2020_06 = "TransferSecurityPolicy-2020-06" + SecurityPolicyNameFIPS_2020_06 = "TransferSecurityPolicy-FIPS-2020-06" + SecurityPolicyNameFIPS_2023_05 = "TransferSecurityPolicy-FIPS-2023-05" + SecurityPolicyName2022_03 = "TransferSecurityPolicy-2022-03" + SecurityPolicyName2023_05 = "TransferSecurityPolicy-2023-05" + SecurityPolicyNamePQ_SSH_2023_04 = "TransferSecurityPolicy-PQ-SSH-Experimental-2023-04" + SecurityPolicyNamePQ_SSH_FIPS_2023_04 = "TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04" ) func SecurityPolicyName_Values() []string { @@ -20,5 +22,7 @@ func SecurityPolicyName_Values() []string { SecurityPolicyNameFIPS_2023_05, SecurityPolicyName2022_03, SecurityPolicyName2023_05, + SecurityPolicyNamePQ_SSH_2023_04, + SecurityPolicyNamePQ_SSH_FIPS_2023_04, } } diff --git a/internal/service/transfer/server_test.go b/internal/service/transfer/server_test.go index 0317207c99d..7d3ea9e4013 100644 --- a/internal/service/transfer/server_test.go +++ b/internal/service/transfer/server_test.go @@ -256,6 +256,13 @@ func testAccServer_securityPolicy(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-2023-05"), ), }, + { + Config: testAccServerConfig_securityPolicy(rName, "TransferSecurityPolicy-PQ-SSH-Experimental-2023-04"), + Check: resource.ComposeTestCheckFunc( + testAccCheckServerExists(ctx, resourceName, &conf), + resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-PQ-SSH-Experimental-2023-04"), + ), + }, }, }) } diff --git a/website/docs/r/transfer_server.html.markdown b/website/docs/r/transfer_server.html.markdown index d771934e771..7ab5394cc02 100644 --- a/website/docs/r/transfer_server.html.markdown +++ b/website/docs/r/transfer_server.html.markdown @@ -145,7 +145,7 @@ This resource supports the following arguments: * `post_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners. * `pre_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates. * `protocol_details`- (Optional) The protocol settings that are configured for your server. -* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03` and `TransferSecurityPolicy-2023-05`. Default value is: `TransferSecurityPolicy-2018-11`. +* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03`, `TransferSecurityPolicy-2023-05`, `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`. Default value is: `TransferSecurityPolicy-2018-11`. * `structured_log_destinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations. * `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. * `workflow_details` - (Optional) Specifies the workflow details. See Workflow Details below.