Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add support for 2 new security_policy_name (2024-01) #35879

Merged
merged 5 commits into from
Feb 21, 2024
Merged

feat: Add support for 2 new security_policy_name (2024-01) #35879

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f3f5f5b
feat: Add support for 2 new security_policy_name: TransferSecurityPol…
robertgv Feb 19, 2024
778b29e
fix: Rename 35877.txt to 35879.txt to match PR number
robertgv Feb 19, 2024
d0867f8
r/aws_transfer_server: Restore 'TransferSecurityPolicy-2018-11' as th…
ewbankkit Feb 21, 2024
d15c2f2
Update 35879.txt
ewbankkit Feb 21, 2024
6597f82
r/aws_transfer_server: Restore 'TransferSecurityPolicy-2018-11' as th…
robertgv Feb 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .changelog/35879.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:note
resource/aws_transfer_server: The new default value for `security_policy_name` is `TransferSecurityPolicy-2024-01`.
```

```release-note:enhancement
resource/aws_transfer_server: Add support for 2 new `security_policy_name`: `TransferSecurityPolicy-2024-01` and `TransferSecurityPolicy-FIPS-2024-01`.
```
4 changes: 4 additions & 0 deletions internal/service/transfer/enum.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,10 @@ const (
SecurityPolicyName2020_06 = "TransferSecurityPolicy-2020-06"
SecurityPolicyNameFIPS_2020_06 = "TransferSecurityPolicy-FIPS-2020-06"
SecurityPolicyNameFIPS_2023_05 = "TransferSecurityPolicy-FIPS-2023-05"
SecurityPolicyNameFIPS_2024_01 = "TransferSecurityPolicy-FIPS-2024-01"
SecurityPolicyName2022_03 = "TransferSecurityPolicy-2022-03"
SecurityPolicyName2023_05 = "TransferSecurityPolicy-2023-05"
SecurityPolicyName2024_01 = "TransferSecurityPolicy-2024-01"
SecurityPolicyNamePQ_SSH_2023_04 = "TransferSecurityPolicy-PQ-SSH-Experimental-2023-04"
SecurityPolicyNamePQ_SSH_FIPS_2023_04 = "TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04"
)
Expand All @@ -20,8 +22,10 @@ func SecurityPolicyName_Values() []string {
SecurityPolicyName2020_06,
SecurityPolicyNameFIPS_2020_06,
SecurityPolicyNameFIPS_2023_05,
SecurityPolicyNameFIPS_2024_01,
SecurityPolicyName2022_03,
SecurityPolicyName2023_05,
SecurityPolicyName2024_01,
SecurityPolicyNamePQ_SSH_2023_04,
SecurityPolicyNamePQ_SSH_FIPS_2023_04,
}
Expand Down
2 changes: 1 addition & 1 deletion internal/service/transfer/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -224,7 +224,7 @@ func ResourceServer() *schema.Resource {
"security_policy_name": {
Type: schema.TypeString,
Optional: true,
Default: SecurityPolicyName2018_11,
Default: SecurityPolicyName2024_01,
ewbankkit marked this conversation as resolved.
Show resolved Hide resolved
ValidateFunc: validation.StringInSlice(SecurityPolicyName_Values(), false),
},
"structured_log_destinations": {
Expand Down
18 changes: 16 additions & 2 deletions internal/service/transfer/server_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ func testAccServer_basic(t *testing.T) {
resource.TestCheckResourceAttr(resourceName, "protocol_details.0.tls_session_resumption_mode", "ENFORCED"),
resource.TestCheckResourceAttr(resourceName, "protocols.#", "1"),
resource.TestCheckTypeSetElemAttr(resourceName, "protocols.*", "SFTP"),
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-2018-11"),
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-2024-01"),
resource.TestCheckResourceAttr(resourceName, "structured_log_destinations.#", "0"),
resource.TestCheckResourceAttr(resourceName, "tags.%", "0"),
resource.TestCheckResourceAttr(resourceName, "url", ""),
Expand Down Expand Up @@ -103,7 +103,7 @@ func testAccServer_basic(t *testing.T) {
resource.TestCheckResourceAttrPair(resourceName, "logging_role", iamRoleResourceName, "arn"),
resource.TestCheckResourceAttr(resourceName, "protocols.#", "1"),
resource.TestCheckTypeSetElemAttr(resourceName, "protocols.*", "SFTP"),
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-2018-11"),
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-2024-01"),
resource.TestCheckResourceAttr(resourceName, "tags.%", "0"),
resource.TestCheckResourceAttr(resourceName, "url", ""),
),
Expand Down Expand Up @@ -263,6 +263,13 @@ func testAccServer_securityPolicy(t *testing.T) {
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-PQ-SSH-Experimental-2023-04"),
),
},
{
Config: testAccServerConfig_securityPolicy(rName, "TransferSecurityPolicy-2024-01"),
Check: resource.ComposeTestCheckFunc(
testAccCheckServerExists(ctx, resourceName, &conf),
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-2024-01"),
),
},
},
})
}
Expand Down Expand Up @@ -292,6 +299,13 @@ func testAccServer_securityPolicyFIPS(t *testing.T) {
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"force_destroy"},
},
{
Config: testAccServerConfig_securityPolicy(rName, "TransferSecurityPolicy-FIPS-2024-01"),
Check: resource.ComposeTestCheckFunc(
testAccCheckServerExists(ctx, resourceName, &conf),
resource.TestCheckResourceAttr(resourceName, "security_policy_name", "TransferSecurityPolicy-FIPS-2024-01"),
),
},
},
})
}
Expand Down
12 changes: 11 additions & 1 deletion website/docs/cdktf/python/r/transfer_server.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,17 @@ This resource supports the following arguments:
* `post_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.
* `pre_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
* `protocol_details`- (Optional) The protocol settings that are configured for your server.
* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03`, `TransferSecurityPolicy-2023-05`, `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`. Default value is: `TransferSecurityPolicy-2018-11`.
* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2024-01`. The available values are:
* `TransferSecurityPolicy-2024-01`
* `TransferSecurityPolicy-2023-05`
* `TransferSecurityPolicy-2022-03`
* `TransferSecurityPolicy-2020-06`
* `TransferSecurityPolicy-2018-11`
* `TransferSecurityPolicy-FIPS-2024-01`
* `TransferSecurityPolicy-FIPS-2023-05`
* `TransferSecurityPolicy-FIPS-2020-06`
* `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`
* `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`
* `structured_log_destinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.
* `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
* `workflow_details` - (Optional) Specifies the workflow details. See Workflow Details below.
Expand Down
12 changes: 11 additions & 1 deletion website/docs/cdktf/typescript/r/transfer_server.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -254,7 +254,17 @@ This resource supports the following arguments:
* `postAuthenticationLoginBanner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.
* `preAuthenticationLoginBanner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
* `protocolDetails`- (Optional) The protocol settings that are configured for your server.
* `securityPolicyName` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03`, `TransferSecurityPolicy-2023-05`, `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`. Default value is: `TransferSecurityPolicy-2018-11`.
* `securityPolicyName` - (Optional) Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2024-01`. The available values are:
* `TransferSecurityPolicy-2024-01`
* `TransferSecurityPolicy-2023-05`
* `TransferSecurityPolicy-2022-03`
* `TransferSecurityPolicy-2020-06`
* `TransferSecurityPolicy-2018-11`
* `TransferSecurityPolicy-FIPS-2024-01`
* `TransferSecurityPolicy-FIPS-2023-05`
* `TransferSecurityPolicy-FIPS-2020-06`
* `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`
* `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`
* `structuredLogDestinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.
* `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`defaultTags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
* `workflowDetails` - (Optional) Specifies the workflow details. See Workflow Details below.
Expand Down
12 changes: 11 additions & 1 deletion website/docs/r/transfer_server.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,17 @@ This resource supports the following arguments:
* `post_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners.
* `pre_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed before the user authenticates.
* `protocol_details`- (Optional) The protocol settings that are configured for your server.
* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Possible values are `TransferSecurityPolicy-2018-11`, `TransferSecurityPolicy-2020-06`, `TransferSecurityPolicy-FIPS-2020-06`, `TransferSecurityPolicy-FIPS-2023-05`, `TransferSecurityPolicy-2022-03`, `TransferSecurityPolicy-2023-05`, `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04` and `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`. Default value is: `TransferSecurityPolicy-2018-11`.
* `security_policy_name` - (Optional) Specifies the name of the security policy that is attached to the server. Default value is: `TransferSecurityPolicy-2024-01`. The available values are:
* `TransferSecurityPolicy-2024-01`
* `TransferSecurityPolicy-2023-05`
* `TransferSecurityPolicy-2022-03`
* `TransferSecurityPolicy-2020-06`
* `TransferSecurityPolicy-2018-11`
* `TransferSecurityPolicy-FIPS-2024-01`
* `TransferSecurityPolicy-FIPS-2023-05`
* `TransferSecurityPolicy-FIPS-2020-06`
* `TransferSecurityPolicy-PQ-SSH-Experimental-2023-04`
* `TransferSecurityPolicy-PQ-SSH-FIPS-Experimental-2023-04`
* `structured_log_destinations` - (Optional) A set of ARNs of destinations that will receive structured logs from the transfer server such as CloudWatch Log Group ARNs. If provided this enables the transfer server to emit structured logs to the specified locations.
* `tags` - (Optional) A map of tags to assign to the resource. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
* `workflow_details` - (Optional) Specifies the workflow details. See Workflow Details below.
Expand Down
Loading