Fork Sync: Update from parent repository

.changelog/33641.txt

@@ -0,0 +1,4 @@
+
+```release-note:bug
+resource/aws_datasync_location_fsx_ontap_file_system: Correct handling of `protocol.smb.domain`, `protocol.smb.user` and `protocol.smb.password`
+```

CHANGELOG.md

@@ -22,6 +22,7 @@ FEATURES:
 ENHANCEMENTS:
 
 * data-source/aws_opensearch_domain: Add `off_peak_window_options` attribute ([#30965](https://github.com/hashicorp/terraform-provider-aws/issues/30965))
+* resource/aws_cloud9_environment_ec2: Add `ubuntu-22.04-x86_64` and `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64` as valid values for `image_id` ([#33662](https://github.com/hashicorp/terraform-provider-aws/issues/33662))
 * resource/aws_fsx_ontap_volume: Add `bypass_snaplock_enterprise_retention` argument and `snaplock_configuration` configuration block to support [SnapLock](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock.html) ([#32530](https://github.com/hashicorp/terraform-provider-aws/issues/32530))
 * resource/aws_fsx_ontap_volume: Add `copy_tags_to_backups` and `snapshot_policy` arguments ([#32530](https://github.com/hashicorp/terraform-provider-aws/issues/32530))
 * resource/aws_fsx_openzfs_volume: Add `delete_volume_options` argument ([#32530](https://github.com/hashicorp/terraform-provider-aws/issues/32530))
@@ -39,6 +40,7 @@ BUG FIXES:
 * resource/aws_cloudfront_distribution: Fix `IllegalUpdate` errors when updating a staging distribution associated with an `aws_cloudfront_continuous_deployment_policy` ([#33578](https://github.com/hashicorp/terraform-provider-aws/issues/33578))
 * resource/aws_cloudfront_distribution: Fix `PreconditionFailed` errors when destroying a distribution associated with an `aws_cloudfront_continuous_deployment_policy` ([#33578](https://github.com/hashicorp/terraform-provider-aws/issues/33578))
 * resource/aws_cloudfront_distribution: Fix `StagingDistributionInUse` errors when destroying a distribution associated with an `aws_cloudfront_continuous_deployment_policy` ([#33578](https://github.com/hashicorp/terraform-provider-aws/issues/33578))
+* resource/aws_datasync_location_fsx_ontap_file_system: Correct handling of `protocol.smb.domain`, `protocol.smb.user` and `protocol.smb.password` ([#33641](https://github.com/hashicorp/terraform-provider-aws/issues/33641))
 * resource/aws_glacier_vault_lock: Fail validation if duplicated keys are found in `policy` ([#33570](https://github.com/hashicorp/terraform-provider-aws/issues/33570))
 * resource/aws_iam_group_policy: Fail validation if duplicated keys are found in `policy` ([#33570](https://github.com/hashicorp/terraform-provider-aws/issues/33570))
 * resource/aws_iam_policy: Fail validation if duplicated keys are found in `policy` ([#33570](https://github.com/hashicorp/terraform-provider-aws/issues/33570))

internal/service/cloudfront/distribution.go

@@ -987,7 +987,7 @@ func resourceDistributionDelete(ctx context.Context, d *schema.ResourceData, met
 			return create.DiagError(names.CloudFront, create.ErrActionDeleting, ResNameDistribution, d.Id(), err)
 		}
 
-		if err := WaitDistributionDeployed(ctx, conn, d.Id()); err != nil {
+		if err := WaitDistributionDeployed(ctx, conn, d.Id()); err != nil && !tfresource.NotFound(err) {
 			return diag.Errorf("waiting until CloudFront Distribution (%s) is deployed: %s", d.Id(), err)
 		}
 	}
@@ -1022,7 +1022,7 @@ func resourceDistributionDelete(ctx context.Context, d *schema.ResourceData, met
 	if tfawserr.ErrCodeEquals(err, cloudfront.ErrCodePreconditionFailed, cloudfront.ErrCodeInvalidIfMatchVersion) {
 		_, err = tfresource.RetryWhenAWSErrCodeEquals(ctx, 1*time.Minute, func() (interface{}, error) {
 			return nil, deleteDistribution(ctx, conn, d.Id())
-		}, cloudfront.ErrCodePreconditionFailed)
+		}, cloudfront.ErrCodePreconditionFailed, cloudfront.ErrCodeInvalidIfMatchVersion)
 	}
 
 	if tfawserr.ErrCodeEquals(err, cloudfront.ErrCodeNoSuchDistribution) {
@@ -1059,7 +1059,7 @@ func deleteDistribution(ctx context.Context, conn *cloudfront.CloudFront, id str
 		return err
 	}
 
-	if err := WaitDistributionDeleted(ctx, conn, id); err != nil && !tfawserr.ErrCodeEquals(err, cloudfront.ErrCodeNoSuchDistribution) {
+	if err := WaitDistributionDeleted(ctx, conn, id); err != nil {
 		return err
 	}
 
@@ -1076,15 +1076,22 @@ func distroETag(ctx context.Context, conn *cloudfront.CloudFront, id string) (st
 }
 
 func disableDistribution(ctx context.Context, conn *cloudfront.CloudFront, id string) error {
-	if err := WaitDistributionDeployed(ctx, conn, id); err != nil {
-		return err
-	}
-
 	out, err := FindDistributionByID(ctx, conn, id)
 	if err != nil {
 		return err
 	}
 
+	if aws.StringValue(out.Distribution.Status) == "InProgress" {
+		if err := WaitDistributionDeployed(ctx, conn, id); err != nil {
+			return err
+		}
+
+		out, err = FindDistributionByID(ctx, conn, id)
+		if err != nil {
+			return err
+		}
+	}
+
 	if !aws.BoolValue(out.Distribution.DistributionConfig.Enabled) {
 		return nil
 	}
@@ -1133,44 +1140,17 @@ func FindDistributionByID(ctx context.Context, conn *cloudfront.CloudFront, id s
 	return output, nil
 }
 
-func FindDistributionByDomainName(ctx context.Context, conn *cloudfront.CloudFront, name string) (*cloudfront.DistributionSummary, error) {
-	var dist *cloudfront.DistributionSummary
-
-	input := &cloudfront.ListDistributionsInput{}
-
-	err := conn.ListDistributionsPagesWithContext(ctx, input, func(page *cloudfront.ListDistributionsOutput, lastPage bool) bool {
-		if page == nil {
-			return !lastPage
-		}
-
-		for _, d := range page.DistributionList.Items {
-			if d == nil {
-				continue
-			}
-
-			if aws.StringValue(d.DomainName) == name {
-				dist = d
-				return false
-			}
-		}
-
-		return !lastPage
-	})
-
-	return dist, err
-}
-
 // resourceAwsCloudFrontWebDistributionWaitUntilDeployed blocks until the
 // distribution is deployed. It currently takes exactly 15 minutes to deploy
 // but that might change in the future.
 func WaitDistributionDeployed(ctx context.Context, conn *cloudfront.CloudFront, id string) error {
 	stateConf := &retry.StateChangeConf{
 		Pending:    []string{"InProgress"},
 		Target:     []string{"Deployed"},
-		Refresh:    distributionRefreshFunc(ctx, conn, id),
+		Refresh:    distributionDeployRefreshFunc(ctx, conn, id),
 		Timeout:    90 * time.Minute,
 		MinTimeout: 15 * time.Second,
-		Delay:      1 * time.Minute,
+		Delay:      30 * time.Second,
 	}
 
 	_, err := stateConf.WaitForStateContext(ctx)
@@ -1181,33 +1161,46 @@ func WaitDistributionDeleted(ctx context.Context, conn *cloudfront.CloudFront, i
 	stateConf := &retry.StateChangeConf{
 		Pending:    []string{"InProgress", "Deployed"},
 		Target:     []string{},
-		Refresh:    distributionRefreshFunc(ctx, conn, id),
+		Refresh:    distributionDeleteRefreshFunc(ctx, conn, id),
 		Timeout:    90 * time.Minute,
 		MinTimeout: 15 * time.Second,
-		Delay:      1 * time.Minute,
+		Delay:      15 * time.Second,
 	}
 
 	_, err := stateConf.WaitForStateContext(ctx)
 	return err
 }
 
-// The refresh function for resourceAwsCloudFrontWebDistributionWaitUntilDeployed.
-func distributionRefreshFunc(ctx context.Context, conn *cloudfront.CloudFront, id string) retry.StateRefreshFunc {
+func distributionDeleteRefreshFunc(ctx context.Context, conn *cloudfront.CloudFront, id string) retry.StateRefreshFunc {
 	return func() (interface{}, string, error) {
-		params := &cloudfront.GetDistributionInput{
-			Id: aws.String(id),
+		out, err := FindDistributionByID(ctx, conn, id)
+		if tfresource.NotFound(err) {
+			return nil, "", nil
 		}
 
-		resp, err := conn.GetDistributionWithContext(ctx, params)
 		if err != nil {
-			log.Printf("[WARN] Error retrieving CloudFront Distribution %q details: %s", id, err)
 			return nil, "", err
 		}
 
-		if resp == nil {
+		if out == nil {
+			return nil, "", nil
+		}
+
+		return out.Distribution, aws.StringValue(out.Distribution.Status), nil
+	}
+}
+
+func distributionDeployRefreshFunc(ctx context.Context, conn *cloudfront.CloudFront, id string) retry.StateRefreshFunc {
+	return func() (interface{}, string, error) {
+		out, err := FindDistributionByID(ctx, conn, id)
+		if err != nil {
+			return nil, "", err
+		}
+
+		if out == nil {
 			return nil, "", nil
 		}
 
-		return resp.Distribution, *resp.Distribution.Status, nil
+		return out.Distribution, aws.StringValue(out.Distribution.Status), nil
 	}
 }

internal/service/cloudfront/sweep.go

@@ -162,7 +162,6 @@ func sweepCachePolicies(region string) error {
 func sweepDistributions(region string) error {
 	var result *multierror.Error
 
-	// sweep:
 	// 1. Production Distributions
 	if err := sweepDistributionsByProductionStaging(region, false); err != nil {
 		result = multierror.Append(result, err)
@@ -241,7 +240,6 @@ func sweepDistributionsByProductionStaging(region string, staging bool) error {
 	}
 
 	err = sweep.SweepOrchestrator(ctx, sweepResources)
-
 	if err != nil {
 		return fmt.Errorf("error sweeping CloudFront Distributions (%s): %w", region, err)
 	}
@@ -258,29 +256,37 @@ func sweepContinuousDeploymentPolicies(region string) error {
 	conn := client.CloudFrontConn(ctx)
 	input := &cloudfront.ListContinuousDeploymentPoliciesInput{}
 
+	log.Printf("[INFO] Sweeping continuous deployment policies")
+	var result *multierror.Error
+
 	// ListContinuousDeploymentPolicies does not have a paginator
 	for {
 		output, err := conn.ListContinuousDeploymentPoliciesWithContext(ctx, input)
 		if err != nil {
 			log.Printf("[WARN] %s", err)
+			result = multierror.Append(result, err)
 			break
 		}
 
-		if output == nil || output.ContinuousDeploymentPolicyList == nil || len(output.ContinuousDeploymentPolicyList.Items) == 0 {
+		if output == nil || output.ContinuousDeploymentPolicyList == nil {
+			log.Printf("[WARN] CloudFront ListContinuousDeploymentPolicies empty response")
 			break
 		}
 
 		for _, cdp := range output.ContinuousDeploymentPolicyList.Items {
-			DeleteCDP(ctx, conn, aws.StringValue(cdp.ContinuousDeploymentPolicy.Id))
+			if err := DeleteCDP(ctx, conn, aws.StringValue(cdp.ContinuousDeploymentPolicy.Id)); err != nil {
+				result = multierror.Append(result, err)
+			}
 		}
 
 		if output.ContinuousDeploymentPolicyList.NextMarker == nil {
 			break
 		}
+
 		input.Marker = output.ContinuousDeploymentPolicyList.NextMarker
 	}
 
-	return nil
+	return result.ErrorOrNil()
 }
 
 func sweepFunctions(region string) error {

internal/service/datasync/common_fsx_protocol_functions.go

@@ -4,6 +4,7 @@
 package datasync
 
 import (
+	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/datasync"
 )
 
@@ -66,6 +67,15 @@ func expandSMB(l []interface{}) *datasync.FsxProtocolSmb {
 	protocol := &datasync.FsxProtocolSmb{
 		MountOptions: expandSMBMountOptions(m["mount_options"].([]interface{})),
 	}
+	if v, ok := m["domain"].(string); ok && v != "" {
+		protocol.Domain = aws.String(v)
+	}
+	if v, ok := m["password"].(string); ok && v != "" {
+		protocol.Password = aws.String(v)
+	}
+	if v, ok := m["user"].(string); ok && v != "" {
+		protocol.User = aws.String(v)
+	}
 
 	return protocol
 }
@@ -91,6 +101,15 @@ func flattenSMB(smb *datasync.FsxProtocolSmb) []interface{} {
 	m := map[string]interface{}{
 		"mount_options": flattenSMBMountOptions(smb.MountOptions),
 	}
+	if v := smb.Domain; v != nil {
+		m["domain"] = aws.StringValue(v)
+	}
+	if v := smb.Password; v != nil {
+		m["password"] = aws.StringValue(v)
+	}
+	if v := smb.User; v != nil {
+		m["user"] = aws.StringValue(v)
+	}
 
 	return []interface{}{m}
 }

internal/service/datasync/location_fsx_ontap_file_system.go

@@ -244,6 +244,12 @@ func resourceLocationFSxONTAPFileSystemRead(ctx context.Context, d *schema.Resou
 	d.Set("arn", output.LocationArn)
 	d.Set("creation_time", output.CreationTime.Format(time.RFC3339))
 	d.Set("fsx_filesystem_arn", output.FsxFilesystemArn)
+	// SMB Password is not returned from the API.
+	if output.Protocol != nil && output.Protocol.SMB != nil && aws.StringValue(output.Protocol.SMB.Password) == "" {
+		if smbPassword := d.Get("protocol.0.smb.0.password").(string); smbPassword != "" {
+			output.Protocol.SMB.Password = aws.String(smbPassword)
+		}
+	}
 	if err := d.Set("protocol", flattenProtocol(output.Protocol)); err != nil {
 		return sdkdiag.AppendErrorf(diags, "setting protocol: %s", err)
 	}