From 08366e3cbdc9fa29d74ceb2f4c63d4491b388339 Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 17:07:45 +0100 Subject: [PATCH 1/8] f-aws_transfer_server support for sftp authentication methods --- internal/service/transfer/server.go | 25 ++++- internal/service/transfer/server_test.go | 125 +++++++++++++++++++++++ 2 files changed, 149 insertions(+), 1 deletion(-) diff --git a/internal/service/transfer/server.go b/internal/service/transfer/server.go index 010c0b72b2a..ba2c8c20de7 100644 --- a/internal/service/transfer/server.go +++ b/internal/service/transfer/server.go @@ -243,6 +243,12 @@ func resourceServer() *schema.Resource { Default: SecurityPolicyName2018_11, ValidateFunc: validation.StringInSlice(SecurityPolicyName_Values(), false), }, + "sftp_authentication_methods": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validation.StringInSlice(transfer.SftpAuthenticationMethods_Values(), false), + }, "structured_log_destinations": { Type: schema.TypeSet, Elem: &schema.Schema{ @@ -372,6 +378,14 @@ func resourceServerCreate(ctx context.Context, d *schema.ResourceData, meta inte input.IdentityProviderDetails.InvocationRole = aws.String(v.(string)) } + if v, ok := d.GetOk("sftp_authentication_methods"); ok { + if input.IdentityProviderDetails == nil { + input.IdentityProviderDetails = &transfer.IdentityProviderDetails{} + } + + input.IdentityProviderDetails.SftpAuthenticationMethods = aws.String(v.(string)) + } + if v, ok := d.GetOk("logging_role"); ok { input.LoggingRole = aws.String(v.(string)) } @@ -514,6 +528,11 @@ func resourceServerRead(ctx context.Context, d *schema.ResourceData, meta interf } else { d.Set("invocation_role", "") } + if output.IdentityProviderDetails != nil { + d.Set("sftp_authentication_methods", output.IdentityProviderDetails.SftpAuthenticationMethods) + } else { + d.Set("sftp_authentication_methods", "") + } d.Set("logging_role", output.LoggingRole) d.Set("post_authentication_login_banner", output.PostAuthenticationLoginBanner) d.Set("pre_authentication_login_banner", output.PreAuthenticationLoginBanner) @@ -657,7 +676,7 @@ func resourceServerUpdate(ctx context.Context, d *schema.ResourceData, meta inte } } - if d.HasChanges("directory_id", "function", "invocation_role", "url") { + if d.HasChanges("directory_id", "function", "invocation_role", "sftp_authentication_methods", "url") { identityProviderDetails := &transfer.IdentityProviderDetails{} if attr, ok := d.GetOk("directory_id"); ok { @@ -672,6 +691,10 @@ func resourceServerUpdate(ctx context.Context, d *schema.ResourceData, meta inte identityProviderDetails.InvocationRole = aws.String(attr.(string)) } + if attr, ok := d.GetOk("sftp_authentication_methods"); ok { + identityProviderDetails.SftpAuthenticationMethods = aws.String(attr.(string)) + } + if attr, ok := d.GetOk("url"); ok { identityProviderDetails.Url = aws.String(attr.(string)) } diff --git a/internal/service/transfer/server_test.go b/internal/service/transfer/server_test.go index e43255f821a..51b379bda56 100644 --- a/internal/service/transfer/server_test.go +++ b/internal/service/transfer/server_test.go @@ -1005,6 +1005,7 @@ func testAccServer_apiGateway(t *testing.T) { testAccCheckServerExists(ctx, resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "API_GATEWAY"), resource.TestCheckResourceAttrPair(resourceName, "invocation_role", "aws_iam_role.test", "arn"), + resource.TestCheckResourceAttrSet(resourceName, "sftp_authentication_methods"), ), }, { @@ -1210,6 +1211,78 @@ func testAccServer_lambdaFunction(t *testing.T) { testAccCheckServerExists(ctx, resourceName, &conf), resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), + resource.TestCheckResourceAttrSet(resourceName, "sftp_authentication_methods"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"force_destroy"}, + }, + }, + }) +} + +func testAccServer_identityProviderType_sftpAuthenticationMethods(t *testing.T) { + ctx := acctest.Context(t) + var conf transfer.DescribedServer + resourceName := "aws_transfer_server.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckAPIGatewayTypeEDGE(t); testAccPreCheck(ctx, t) }, + ErrorCheck: acctest.ErrorCheck(t, names.TransferServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckServerDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccServerConfig_identityProviderType_sftpAuthenticationMethods(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckServerExists(ctx, resourceName, &conf), + resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), + resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), + resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PASSWORD"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"force_destroy"}, + }, + }, + }) +} + +func testAccServer_updateIdentityProviderType_sftpAuthenticationMethods(t *testing.T) { + ctx := acctest.Context(t) + var conf transfer.DescribedServer + resourceName := "aws_transfer_server.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) }, + ErrorCheck: acctest.ErrorCheck(t, names.TransferServiceID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckServerDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccServerConfig_identityProviderType_sftpAuthenticationMethods(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckServerExists(ctx, resourceName, &conf), + resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), + resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), + resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PASSWORD"), + ), + }, + { + Config: testAccServerConfig_identityProviderType_sftpAuthenticationMethods_updated(rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckServerExists(ctx, resourceName, &conf), + resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), + resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), + resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PUBLIC_KEY_AND_PASSWORD"), ), }, { @@ -2160,6 +2233,58 @@ resource "aws_transfer_server" "test" { `, rName, forceDestroy)) } +func testAccServerConfig_identityProviderType_sftpAuthenticationMethods(rName string) string { + return acctest.ConfigCompose( + acctest.ConfigLambdaBase(rName, rName, rName), + testAccServerConfig_loggingRoleBase(rName+"-logging"), + fmt.Sprintf(` +resource "aws_lambda_function" "test" { + filename = "test-fixtures/lambdatest.zip" + function_name = %[1]q + role = aws_iam_role.iam_for_lambda.arn + handler = "index.handler" + runtime = "nodejs20.x" +} + +resource "aws_transfer_server" "test" { + identity_provider_type = "AWS_LAMBDA" + function = aws_lambda_function.test.arn + logging_role = aws_iam_role.test.arn + sftp_authentication_methods = "PASSWORD" + + tags = { + Name = %[1]q + } +} +`, rName)) +} + +func testAccServerConfig_identityProviderType_sftpAuthenticationMethods_updated(rName string) string { + return acctest.ConfigCompose( + acctest.ConfigLambdaBase(rName, rName, rName), + testAccServerConfig_loggingRoleBase(rName+"-logging"), + fmt.Sprintf(` +resource "aws_lambda_function" "test" { + filename = "test-fixtures/lambdatest.zip" + function_name = %[1]q + role = aws_iam_role.iam_for_lambda.arn + handler = "index.handler" + runtime = "nodejs20.x" +} + +resource "aws_transfer_server" "test" { + identity_provider_type = "AWS_LAMBDA" + function = aws_lambda_function.test.arn + logging_role = aws_iam_role.test.arn + sftp_authentication_methods = "PUBLIC_KEY_AND_PASSWORD" + + tags = { + Name = %[1]q + } +} +`, rName)) +} + func testAccServerConfig_workflow(rName string) string { return fmt.Sprintf(` resource "aws_iam_role" "test" { From 38ab5a85070d4e4cba260fd50558594dc6d0d78e Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 17:13:05 +0100 Subject: [PATCH 2/8] f-aws_transfer_server support for sftp authentication methods --- .changelog/37015.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/37015.txt diff --git a/.changelog/37015.txt b/.changelog/37015.txt new file mode 100644 index 00000000000..9e55f84bb0c --- /dev/null +++ b/.changelog/37015.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_transfer_server: Add `sftp_authentication_methods` argument +``` \ No newline at end of file From d00bf3966d3e205ab4ed8e3bdaa39fed3208790d Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 17:23:25 +0100 Subject: [PATCH 3/8] f-aws_transfer_server support for sftp authentication methods --- website/docs/r/transfer_server.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/transfer_server.html.markdown b/website/docs/r/transfer_server.html.markdown index bf114fe8316..1b7631f363b 100644 --- a/website/docs/r/transfer_server.html.markdown +++ b/website/docs/r/transfer_server.html.markdown @@ -140,6 +140,7 @@ This resource supports the following arguments: * `identity_provider_type` - (Optional) The mode of authentication enabled for this service. The default value is `SERVICE_MANAGED`, which allows you to store and access SFTP user credentials within the service. `API_GATEWAY` indicates that user authentication requires a call to an API Gateway endpoint URL provided by you to integrate an identity provider of your choice. Using `AWS_DIRECTORY_SERVICE` will allow for authentication against AWS Managed Active Directory or Microsoft Active Directory in your on-premises environment, or in AWS using AD Connectors. Use the `AWS_LAMBDA` value to directly use a Lambda function as your identity provider. If you choose this value, you must specify the ARN for the lambda function in the `function` argument. * `directory_id` - (Optional) The directory service ID of the directory service you want to connect to with an `identity_provider_type` of `AWS_DIRECTORY_SERVICE`. * `function` - (Optional) The ARN for a lambda function to use for the Identity provider. +* `sftp_authentication_methods` - (Optional) For SFTP-enabled servers, and for custom identity providers only. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`. * `logging_role` - (Optional) Amazon Resource Name (ARN) of an IAM role that allows the service to write your SFTP users’ activity to your Amazon CloudWatch logs for monitoring and auditing purposes. * `force_destroy` - (Optional) A boolean that indicates all users associated with the server should be deleted so that the Server can be destroyed without error. The default value is `false`. This option only applies to servers configured with a `SERVICE_MANAGED` `identity_provider_type`. * `post_authentication_login_banner`- (Optional) Specify a string to display when users connect to a server. This string is displayed after the user authenticates. The SFTP protocol does not support post-authentication display banners. From 1146615ede4ab8dd77b5535f03f4ad2b221e7816 Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 17:26:11 +0100 Subject: [PATCH 4/8] f-aws_transfer_server support for sftp authentication methods --- internal/service/transfer/server.go | 2 +- internal/service/transfer/server_test.go | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/internal/service/transfer/server.go b/internal/service/transfer/server.go index ba2c8c20de7..8d46fd8b987 100644 --- a/internal/service/transfer/server.go +++ b/internal/service/transfer/server.go @@ -246,7 +246,7 @@ func resourceServer() *schema.Resource { "sftp_authentication_methods": { Type: schema.TypeString, Optional: true, - Computed: true, + Default: transfer.SftpAuthenticationMethodsPublicKeyOrPassword, ValidateFunc: validation.StringInSlice(transfer.SftpAuthenticationMethods_Values(), false), }, "structured_log_destinations": { diff --git a/internal/service/transfer/server_test.go b/internal/service/transfer/server_test.go index 51b379bda56..49e740d1342 100644 --- a/internal/service/transfer/server_test.go +++ b/internal/service/transfer/server_test.go @@ -1005,7 +1005,7 @@ func testAccServer_apiGateway(t *testing.T) { testAccCheckServerExists(ctx, resourceName, &conf), resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "API_GATEWAY"), resource.TestCheckResourceAttrPair(resourceName, "invocation_role", "aws_iam_role.test", "arn"), - resource.TestCheckResourceAttrSet(resourceName, "sftp_authentication_methods"), + resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PUBLIC_KEY_OR_PASSWORD"), ), }, { @@ -1211,7 +1211,7 @@ func testAccServer_lambdaFunction(t *testing.T) { testAccCheckServerExists(ctx, resourceName, &conf), resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), - resource.TestCheckResourceAttrSet(resourceName, "sftp_authentication_methods"), + resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PUBLIC_KEY_OR_PASSWORD"), ), }, { @@ -2247,9 +2247,9 @@ resource "aws_lambda_function" "test" { } resource "aws_transfer_server" "test" { - identity_provider_type = "AWS_LAMBDA" - function = aws_lambda_function.test.arn - logging_role = aws_iam_role.test.arn + identity_provider_type = "AWS_LAMBDA" + function = aws_lambda_function.test.arn + logging_role = aws_iam_role.test.arn sftp_authentication_methods = "PASSWORD" tags = { @@ -2273,9 +2273,9 @@ resource "aws_lambda_function" "test" { } resource "aws_transfer_server" "test" { - identity_provider_type = "AWS_LAMBDA" - function = aws_lambda_function.test.arn - logging_role = aws_iam_role.test.arn + identity_provider_type = "AWS_LAMBDA" + function = aws_lambda_function.test.arn + logging_role = aws_iam_role.test.arn sftp_authentication_methods = "PUBLIC_KEY_AND_PASSWORD" tags = { From 4607e577759632ed1d748e8b5424c0b0886903af Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 17:58:13 +0100 Subject: [PATCH 5/8] f-aws_transfer_server support for sftp authentication methods --- internal/service/transfer/server.go | 1 + internal/service/transfer/server_test.go | 52 ++++++++---------------- 2 files changed, 17 insertions(+), 36 deletions(-) diff --git a/internal/service/transfer/server.go b/internal/service/transfer/server.go index 8d46fd8b987..d6698c178cc 100644 --- a/internal/service/transfer/server.go +++ b/internal/service/transfer/server.go @@ -246,6 +246,7 @@ func resourceServer() *schema.Resource { "sftp_authentication_methods": { Type: schema.TypeString, Optional: true, + Computed: true, Default: transfer.SftpAuthenticationMethodsPublicKeyOrPassword, ValidateFunc: validation.StringInSlice(transfer.SftpAuthenticationMethods_Values(), false), }, diff --git a/internal/service/transfer/server_test.go b/internal/service/transfer/server_test.go index 49e740d1342..66d1b6667e6 100644 --- a/internal/service/transfer/server_test.go +++ b/internal/service/transfer/server_test.go @@ -1240,8 +1240,8 @@ func testAccServer_identityProviderType_sftpAuthenticationMethods(t *testing.T) Config: testAccServerConfig_identityProviderType_sftpAuthenticationMethods(rName), Check: resource.ComposeTestCheckFunc( testAccCheckServerExists(ctx, resourceName, &conf), - resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), - resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), + resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "API_GATEWAY"), + resource.TestCheckResourceAttrPair(resourceName, "invocation_role", "aws_iam_role.test", "arn"), resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PASSWORD"), ), }, @@ -1262,7 +1262,7 @@ func testAccServer_updateIdentityProviderType_sftpAuthenticationMethods(t *testi rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resource.Test(t, resource.TestCase{ - PreCheck: func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) }, + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckAPIGatewayTypeEDGE(t); testAccPreCheck(ctx, t) }, ErrorCheck: acctest.ErrorCheck(t, names.TransferServiceID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckServerDestroy(ctx), @@ -1271,8 +1271,8 @@ func testAccServer_updateIdentityProviderType_sftpAuthenticationMethods(t *testi Config: testAccServerConfig_identityProviderType_sftpAuthenticationMethods(rName), Check: resource.ComposeTestCheckFunc( testAccCheckServerExists(ctx, resourceName, &conf), - resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), - resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), + resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "API_GATEWAY"), + resource.TestCheckResourceAttrPair(resourceName, "invocation_role", "aws_iam_role.test", "arn"), resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PASSWORD"), ), }, @@ -1280,8 +1280,8 @@ func testAccServer_updateIdentityProviderType_sftpAuthenticationMethods(t *testi Config: testAccServerConfig_identityProviderType_sftpAuthenticationMethods_updated(rName), Check: resource.ComposeTestCheckFunc( testAccCheckServerExists(ctx, resourceName, &conf), - resource.TestCheckResourceAttrPair(resourceName, "function", "aws_lambda_function.test", "arn"), - resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "AWS_LAMBDA"), + resource.TestCheckResourceAttr(resourceName, "identity_provider_type", "API_GATEWAY"), + resource.TestCheckResourceAttrPair(resourceName, "invocation_role", "aws_iam_role.test", "arn"), resource.TestCheckResourceAttr(resourceName, "sftp_authentication_methods", "PUBLIC_KEY_AND_PASSWORD"), ), }, @@ -1301,7 +1301,7 @@ func testAccServer_authenticationLoginBanners(t *testing.T) { resourceName := "aws_transfer_server.test" resource.Test(t, resource.TestCase{ - PreCheck: func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) }, + PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckAPIGatewayTypeEDGE(t); testAccPreCheck(ctx, t) }, ErrorCheck: acctest.ErrorCheck(t, names.TransferServiceID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckServerDestroy(ctx), @@ -2234,21 +2234,11 @@ resource "aws_transfer_server" "test" { } func testAccServerConfig_identityProviderType_sftpAuthenticationMethods(rName string) string { - return acctest.ConfigCompose( - acctest.ConfigLambdaBase(rName, rName, rName), - testAccServerConfig_loggingRoleBase(rName+"-logging"), - fmt.Sprintf(` -resource "aws_lambda_function" "test" { - filename = "test-fixtures/lambdatest.zip" - function_name = %[1]q - role = aws_iam_role.iam_for_lambda.arn - handler = "index.handler" - runtime = "nodejs20.x" -} - + return acctest.ConfigCompose(testAccServerConfig_apiGatewayBase(rName), testAccServerConfig_loggingRoleBase(rName), fmt.Sprintf(` resource "aws_transfer_server" "test" { - identity_provider_type = "AWS_LAMBDA" - function = aws_lambda_function.test.arn + identity_provider_type = "API_GATEWAY" + url = "${aws_api_gateway_deployment.test.invoke_url}${aws_api_gateway_resource.test.path}" + invocation_role = aws_iam_role.test.arn logging_role = aws_iam_role.test.arn sftp_authentication_methods = "PASSWORD" @@ -2260,21 +2250,11 @@ resource "aws_transfer_server" "test" { } func testAccServerConfig_identityProviderType_sftpAuthenticationMethods_updated(rName string) string { - return acctest.ConfigCompose( - acctest.ConfigLambdaBase(rName, rName, rName), - testAccServerConfig_loggingRoleBase(rName+"-logging"), - fmt.Sprintf(` -resource "aws_lambda_function" "test" { - filename = "test-fixtures/lambdatest.zip" - function_name = %[1]q - role = aws_iam_role.iam_for_lambda.arn - handler = "index.handler" - runtime = "nodejs20.x" -} - + return acctest.ConfigCompose(testAccServerConfig_apiGatewayBase(rName), testAccServerConfig_loggingRoleBase(rName), fmt.Sprintf(` resource "aws_transfer_server" "test" { - identity_provider_type = "AWS_LAMBDA" - function = aws_lambda_function.test.arn + identity_provider_type = "API_GATEWAY" + url = "${aws_api_gateway_deployment.test.invoke_url}${aws_api_gateway_resource.test.path}" + invocation_role = aws_iam_role.test.arn logging_role = aws_iam_role.test.arn sftp_authentication_methods = "PUBLIC_KEY_AND_PASSWORD" From 7c5e85e8b5984e1ffb13393b8815c1f4b9dbd850 Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 19:16:54 +0100 Subject: [PATCH 6/8] f-aws_transfer_server support for sftp authentication methods --- internal/service/transfer/server.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/internal/service/transfer/server.go b/internal/service/transfer/server.go index d6698c178cc..24f1ade754d 100644 --- a/internal/service/transfer/server.go +++ b/internal/service/transfer/server.go @@ -246,8 +246,7 @@ func resourceServer() *schema.Resource { "sftp_authentication_methods": { Type: schema.TypeString, Optional: true, - Computed: true, - Default: transfer.SftpAuthenticationMethodsPublicKeyOrPassword, + computed: true, ValidateFunc: validation.StringInSlice(transfer.SftpAuthenticationMethods_Values(), false), }, "structured_log_destinations": { From a119f4162e065bd2b6b72d8809c1a7b8c14ff3b7 Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 19:18:41 +0100 Subject: [PATCH 7/8] f-aws_transfer_server support for sftp authentication methods --- internal/service/transfer/server.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/service/transfer/server.go b/internal/service/transfer/server.go index 24f1ade754d..ba2c8c20de7 100644 --- a/internal/service/transfer/server.go +++ b/internal/service/transfer/server.go @@ -246,7 +246,7 @@ func resourceServer() *schema.Resource { "sftp_authentication_methods": { Type: schema.TypeString, Optional: true, - computed: true, + Computed: true, ValidateFunc: validation.StringInSlice(transfer.SftpAuthenticationMethods_Values(), false), }, "structured_log_destinations": { From 26e1a58d2dc41aa257f62ec576df9c84d6e4b670 Mon Sep 17 00:00:00 2001 From: nikhil Date: Sat, 20 Apr 2024 19:40:50 +0100 Subject: [PATCH 8/8] f-aws_transfer_server support for sftp authentication methods --- internal/service/transfer/transfer_test.go | 44 +++++++++++----------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/internal/service/transfer/transfer_test.go b/internal/service/transfer/transfer_test.go index 06ab4673cbf..a67bd0d049d 100644 --- a/internal/service/transfer/transfer_test.go +++ b/internal/service/transfer/transfer_test.go @@ -25,27 +25,29 @@ func TestAccTransfer_serial(t *testing.T) { "tags": testAccAgreement_tags, }, "Server": { - "basic": testAccServer_basic, - "disappears": testAccServer_disappears, - "tags": testAccServer_tags, - "APIGateway": testAccServer_apiGateway, - "APIGatewayForceDestroy": testAccServer_apiGateway_forceDestroy, - "AuthenticationLoginBanners": testAccServer_authenticationLoginBanners, - "DataSourceBasic": testAccServerDataSource_basic, - "DataSourceServiceManaged": testAccServerDataSource_Service_managed, - "DataSourceAPIGateway": testAccServerDataSource_apigateway, - "DirectoryService": testAccServer_directoryService, - "Domain": testAccServer_domain, - "ForceDestroy": testAccServer_forceDestroy, - "HostKey": testAccServer_hostKey, - "LambdaFunction": testAccServer_lambdaFunction, - "Protocols": testAccServer_protocols, - "ProtocolDetails": testAccServer_protocolDetails, - "S3StorageOptions": testAccServer_s3StorageOptions, - "SecurityPolicy": testAccServer_securityPolicy, - "SecurityPolicyFIPS": testAccServer_securityPolicyFIPS, - "StructuredLogDestinations": testAccServer_structuredLogDestinations, - "UpdateEndpointTypePublicToVPC": testAccServer_updateEndpointType_publicToVPC, + "basic": testAccServer_basic, + "disappears": testAccServer_disappears, + "tags": testAccServer_tags, + "APIGateway": testAccServer_apiGateway, + "APIGatewayForceDestroy": testAccServer_apiGateway_forceDestroy, + "AuthenticationLoginBanners": testAccServer_authenticationLoginBanners, + "DataSourceBasic": testAccServerDataSource_basic, + "DataSourceServiceManaged": testAccServerDataSource_Service_managed, + "DataSourceAPIGateway": testAccServerDataSource_apigateway, + "DirectoryService": testAccServer_directoryService, + "Domain": testAccServer_domain, + "ForceDestroy": testAccServer_forceDestroy, + "HostKey": testAccServer_hostKey, + "LambdaFunction": testAccServer_lambdaFunction, + "Protocols": testAccServer_protocols, + "ProtocolDetails": testAccServer_protocolDetails, + "S3StorageOptions": testAccServer_s3StorageOptions, + "SecurityPolicy": testAccServer_securityPolicy, + "SecurityPolicyFIPS": testAccServer_securityPolicyFIPS, + "SftpAuthenticationMethods": testAccServer_identityProviderType_sftpAuthenticationMethods, + "UpdateSftpAuthenticationMethods": testAccServer_updateIdentityProviderType_sftpAuthenticationMethods, + "StructuredLogDestinations": testAccServer_structuredLogDestinations, + "UpdateEndpointTypePublicToVPC": testAccServer_updateEndpointType_publicToVPC, "UpdateEndpointTypePublicToVPCAddressAllocationIDs": testAccServer_updateEndpointType_publicToVPC_addressAllocationIDs, "UpdateEndpointTypeVPCEndpointToVPC": testAccServer_updateEndpointType_vpcEndpointToVPC, "UpdateEndpointTypeVPCEndpointToVPCAddressAllocationIDs": testAccServer_updateEndpointType_vpcEndpointToVPC_addressAllocationIDs,