r/aws_s3_access_point & aws_s3control_access_point_policy: Switch to 'WithoutTimeout' CRUD handlers (#15090).

Acceptance test output:

% make testacc TESTARGS='-run=TestAccS3ControlAccessPoint' PKG=s3control ACCTEST_PARALLELISM=3
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/s3control/... -v -count 1 -parallel 3  -run=TestAccS3ControlAccessPoint -timeout 180m
=== RUN   TestAccS3ControlAccessPointPolicy_basic
=== PAUSE TestAccS3ControlAccessPointPolicy_basic
=== RUN   TestAccS3ControlAccessPointPolicy_disappears
=== PAUSE TestAccS3ControlAccessPointPolicy_disappears
=== RUN   TestAccS3ControlAccessPointPolicy_disappears_AccessPoint
=== PAUSE TestAccS3ControlAccessPointPolicy_disappears_AccessPoint
=== RUN   TestAccS3ControlAccessPointPolicy_update
=== PAUSE TestAccS3ControlAccessPointPolicy_update
=== RUN   TestAccS3ControlAccessPoint_basic
=== PAUSE TestAccS3ControlAccessPoint_basic
=== RUN   TestAccS3ControlAccessPoint_disappears
=== PAUSE TestAccS3ControlAccessPoint_disappears
=== RUN   TestAccS3ControlAccessPoint_Bucket_arn
=== PAUSE TestAccS3ControlAccessPoint_Bucket_arn
=== RUN   TestAccS3ControlAccessPoint_policy
=== PAUSE TestAccS3ControlAccessPoint_policy
=== RUN   TestAccS3ControlAccessPoint_publicAccessBlock
=== PAUSE TestAccS3ControlAccessPoint_publicAccessBlock
=== RUN   TestAccS3ControlAccessPoint_vpc
=== PAUSE TestAccS3ControlAccessPoint_vpc
=== CONT  TestAccS3ControlAccessPointPolicy_basic
=== CONT  TestAccS3ControlAccessPoint_disappears
=== CONT  TestAccS3ControlAccessPointPolicy_update
--- PASS: TestAccS3ControlAccessPoint_disappears (22.69s)
=== CONT  TestAccS3ControlAccessPoint_basic
--- PASS: TestAccS3ControlAccessPointPolicy_basic (25.78s)
=== CONT  TestAccS3ControlAccessPoint_publicAccessBlock
--- PASS: TestAccS3ControlAccessPointPolicy_update (41.65s)
=== CONT  TestAccS3ControlAccessPoint_vpc
--- PASS: TestAccS3ControlAccessPoint_basic (21.08s)
=== CONT  TestAccS3ControlAccessPointPolicy_disappears_AccessPoint
--- PASS: TestAccS3ControlAccessPoint_publicAccessBlock (20.66s)
=== CONT  TestAccS3ControlAccessPoint_policy
--- PASS: TestAccS3ControlAccessPointPolicy_disappears_AccessPoint (18.59s)
=== CONT  TestAccS3ControlAccessPointPolicy_disappears
--- PASS: TestAccS3ControlAccessPoint_vpc (22.30s)
=== CONT  TestAccS3ControlAccessPoint_Bucket_arn
    acctest.go:1368: skipping since no Outposts found
--- SKIP: TestAccS3ControlAccessPoint_Bucket_arn (0.76s)
--- PASS: TestAccS3ControlAccessPointPolicy_disappears (19.75s)
--- PASS: TestAccS3ControlAccessPoint_policy (51.57s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/s3control	103.083s

Author: ewbankkit

internal/provider/provider.go

@@ -2006,8 +2006,6 @@ func New(ctx context.Context) (*schema.Provider, error) {
 			"aws_s3_object_copy":                                 s3.ResourceObjectCopy(),
 			"aws_s3_bucket_object":                               s3.ResourceBucketObject(), // DEPRECATED: use aws_s3_object instead
 
-			"aws_s3_access_point":                             s3control.ResourceAccessPoint(),
-			"aws_s3control_access_point_policy":               s3control.ResourceAccessPointPolicy(),
 			"aws_s3_account_public_access_block":              s3control.ResourceAccountPublicAccessBlock(),
 			"aws_s3control_bucket":                            s3control.ResourceBucket(),
 			"aws_s3control_bucket_lifecycle_configuration":    s3control.ResourceBucketLifecycleConfiguration(),

internal/service/s3control/access_point.go

@@ -1,6 +1,7 @@
 package s3control
 
 import (
+	"context"
 	"fmt"
 	"log"
 	"strings"
@@ -9,6 +10,8 @@ import (
 	"github.com/aws/aws-sdk-go/aws/arn"
 	"github.com/aws/aws-sdk-go/service/s3control"
 	"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
@@ -17,12 +20,16 @@ import (
 	"github.com/hashicorp/terraform-provider-aws/internal/verify"
 )
 
-func ResourceAccessPoint() *schema.Resource {
+func init() {
+	_sp.registerSDKResourceFactory("aws_s3_access_point", resourceAccessPoint)
+}
+
+func resourceAccessPoint() *schema.Resource {
 	return &schema.Resource{
-		Create: resourceAccessPointCreate,
-		Read:   resourceAccessPointRead,
-		Update: resourceAccessPointUpdate,
-		Delete: resourceAccessPointDelete,
+		CreateWithoutTimeout: resourceAccessPointCreate,
+		ReadWithoutTimeout:   resourceAccessPointRead,
+		UpdateWithoutTimeout: resourceAccessPointUpdate,
+		DeleteWithoutTimeout: resourceAccessPointDelete,
 
 		Importer: &schema.ResourceImporter{
 			State: schema.ImportStatePassthrough,
@@ -140,7 +147,7 @@ func ResourceAccessPoint() *schema.Resource {
 	}
 }
 
-func resourceAccessPointCreate(d *schema.ResourceData, meta interface{}) error {
+func resourceAccessPointCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).S3ControlConn()
 
 	accountID := meta.(*conns.AWSClient).AccountID
@@ -163,23 +170,22 @@ func resourceAccessPointCreate(d *schema.ResourceData, meta interface{}) error {
 		input.VpcConfiguration = expandVPCConfiguration(v.([]interface{})[0].(map[string]interface{}))
 	}
 
-	log.Printf("[DEBUG] Creating S3 Access Point: %s", input)
-	output, err := conn.CreateAccessPoint(input)
+	output, err := conn.CreateAccessPointWithContext(ctx, input)
 
 	if err != nil {
-		return fmt.Errorf("error creating S3 Access Point (%s): %w", name, err)
+		return diag.Errorf("creating S3 Access Point (%s): %s", name, err)
 	}
 
 	resourceID, err := AccessPointCreateResourceID(aws.StringValue(output.AccessPointArn))
 
 	if err != nil {
-		return err
+		return diag.FromErr(err)
 	}
 
 	accountID, name, err = AccessPointParseResourceID(resourceID)
 
 	if err != nil {
-		return err
+		return diag.FromErr(err)
 	}
 
 	d.SetId(resourceID)
@@ -188,7 +194,7 @@ func resourceAccessPointCreate(d *schema.ResourceData, meta interface{}) error {
 		policy, err := structure.NormalizeJsonString(v.(string))
 
 		if err != nil {
-			return fmt.Errorf("policy (%s) is invalid JSON: %w", v.(string), err)
+			return diag.Errorf("policy (%s) is invalid JSON: %s", v.(string), err)
 		}
 
 		input := &s3control.PutAccessPointPolicyInput{
@@ -197,29 +203,28 @@ func resourceAccessPointCreate(d *schema.ResourceData, meta interface{}) error {
 			Policy:    aws.String(policy),
 		}
 
-		log.Printf("[DEBUG] Creating S3 Access Point policy: %s", input)
-		_, err = conn.PutAccessPointPolicy(input)
+		_, err = conn.PutAccessPointPolicyWithContext(ctx, input)
 
 		if err != nil {
-			return fmt.Errorf("error creating S3 Access Point (%s) policy: %w", d.Id(), err)
+			return diag.Errorf("creating S3 Access Point (%s) policy: %s", d.Id(), err)
 		}
 	}
 
-	return resourceAccessPointRead(d, meta)
+	return resourceAccessPointRead(ctx, d, meta)
 }
 
-func resourceAccessPointRead(d *schema.ResourceData, meta interface{}) error {
+func resourceAccessPointRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).S3ControlConn()
 
 	accountID, name, err := AccessPointParseResourceID(d.Id())
 
 	if err != nil {
-		return err
+		return diag.FromErr(err)
 	}
 
 	s3OnOutposts := arn.IsARN(name)
 
-	output, err := FindAccessPointByAccountIDAndName(conn, accountID, name)
+	output, err := FindAccessPointByTwoPartKey(ctx, conn, accountID, name)
 
 	if !d.IsNewResource() && tfresource.NotFound(err) {
 		log.Printf("[WARN] S3 Access Point (%s) not found, removing from state", d.Id())
@@ -228,14 +233,14 @@ func resourceAccessPointRead(d *schema.ResourceData, meta interface{}) error {
 	}
 
 	if err != nil {
-		return fmt.Errorf("error reading S3 Access Point (%s): %w", d.Id(), err)
+		return diag.Errorf("reading S3 Access Point (%s): %s", d.Id(), err)
 	}
 
 	if s3OnOutposts {
 		accessPointARN, err := arn.Parse(name)
 
 		if err != nil {
-			return err
+			return diag.FromErr(err)
 		}
 
 		// https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3onoutposts.html#amazons3onoutposts-resources-for-iam-policies.
@@ -276,20 +281,20 @@ func resourceAccessPointRead(d *schema.ResourceData, meta interface{}) error {
 	d.Set("network_origin", output.NetworkOrigin)
 	if output.PublicAccessBlockConfiguration != nil {
 		if err := d.Set("public_access_block_configuration", []interface{}{flattenPublicAccessBlockConfiguration(output.PublicAccessBlockConfiguration)}); err != nil {
-			return fmt.Errorf("error setting public_access_block_configuration: %w", err)
+			return diag.Errorf("setting public_access_block_configuration: %s", err)
 		}
 	} else {
 		d.Set("public_access_block_configuration", nil)
 	}
 	if output.VpcConfiguration != nil {
 		if err := d.Set("vpc_configuration", []interface{}{flattenVPCConfiguration(output.VpcConfiguration)}); err != nil {
-			return fmt.Errorf("error setting vpc_configuration: %w", err)
+			return diag.Errorf("setting vpc_configuration: %s", err)
 		}
 	} else {
 		d.Set("vpc_configuration", nil)
 	}
 
-	policy, status, err := FindAccessPointPolicyAndStatusByAccountIDAndName(conn, accountID, name)
+	policy, status, err := FindAccessPointPolicyAndStatusByTwoPartKey(ctx, conn, accountID, name)
 
 	if err == nil && policy != "" {
 		if s3OnOutposts {
@@ -301,35 +306,35 @@ func resourceAccessPointRead(d *schema.ResourceData, meta interface{}) error {
 		policyToSet, err := verify.PolicyToSet(d.Get("policy").(string), policy)
 
 		if err != nil {
-			return err
+			return diag.FromErr(err)
 		}
 
 		d.Set("policy", policyToSet)
 	} else if policy == "" || tfresource.NotFound(err) {
 		d.Set("has_public_access_policy", false)
 		d.Set("policy", nil)
 	} else {
-		return fmt.Errorf("error reading S3 Access Point (%s) policy: %w", d.Id(), err)
+		return diag.Errorf("reading S3 Access Point (%s) policy: %s", d.Id(), err)
 	}
 
 	return nil
 }
 
-func resourceAccessPointUpdate(d *schema.ResourceData, meta interface{}) error {
+func resourceAccessPointUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).S3ControlConn()
 
 	accountID, name, err := AccessPointParseResourceID(d.Id())
 
 	if err != nil {
-		return err
+		return diag.FromErr(err)
 	}
 
 	if d.HasChange("policy") {
 		if v, ok := d.GetOk("policy"); ok && v.(string) != "" && v.(string) != "{}" {
 			policy, err := structure.NormalizeJsonString(v.(string))
 
 			if err != nil {
-				return fmt.Errorf("policy (%s) is invalid JSON: %w", v.(string), err)
+				return diag.Errorf("policy (%s) is invalid JSON: %s", v.(string), err)
 			}
 
 			input := &s3control.PutAccessPointPolicyInput{
@@ -338,39 +343,37 @@ func resourceAccessPointUpdate(d *schema.ResourceData, meta interface{}) error {
 				Policy:    aws.String(policy),
 			}
 
-			log.Printf("[DEBUG] Updating S3 Access Point policy: %s", input)
-			_, err = conn.PutAccessPointPolicy(input)
+			_, err = conn.PutAccessPointPolicyWithContext(ctx, input)
 
 			if err != nil {
-				return fmt.Errorf("error updating S3 Access Point (%s) policy: %w", d.Id(), err)
+				return diag.Errorf("updating S3 Access Point (%s) policy: %s", d.Id(), err)
 			}
 		} else {
-			log.Printf("[DEBUG] Deleting S3 Access Point policy: %s", d.Id())
-			_, err := conn.DeleteAccessPointPolicy(&s3control.DeleteAccessPointPolicyInput{
+			_, err := conn.DeleteAccessPointPolicyWithContext(ctx, &s3control.DeleteAccessPointPolicyInput{
 				AccountId: aws.String(accountID),
 				Name:      aws.String(name),
 			})
 
 			if err != nil {
-				return fmt.Errorf("error deleting S3 Access Point (%s) policy: %w", d.Id(), err)
+				return diag.Errorf("deleting S3 Access Point (%s) policy: %s", d.Id(), err)
 			}
 		}
 	}
 
-	return resourceAccessPointRead(d, meta)
+	return resourceAccessPointRead(ctx, d, meta)
 }
 
-func resourceAccessPointDelete(d *schema.ResourceData, meta interface{}) error {
+func resourceAccessPointDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).S3ControlConn()
 
 	accountID, name, err := AccessPointParseResourceID(d.Id())
 
 	if err != nil {
-		return err
+		return diag.FromErr(err)
 	}
 
 	log.Printf("[DEBUG] Deleting S3 Access Point: %s", d.Id())
-	_, err = conn.DeleteAccessPoint(&s3control.DeleteAccessPointInput{
+	_, err = conn.DeleteAccessPointWithContext(ctx, &s3control.DeleteAccessPointInput{
 		AccountId: aws.String(accountID),
 		Name:      aws.String(name),
 	})
@@ -380,12 +383,38 @@ func resourceAccessPointDelete(d *schema.ResourceData, meta interface{}) error {
 	}
 
 	if err != nil {
-		return fmt.Errorf("error deleting S3 Access Point (%s): %w", d.Id(), err)
+		return diag.Errorf("deleting S3 Access Point (%s): %s", d.Id(), err)
 	}
 
 	return nil
 }
 
+func FindAccessPointByTwoPartKey(ctx context.Context, conn *s3control.S3Control, accountID string, name string) (*s3control.GetAccessPointOutput, error) {
+	input := &s3control.GetAccessPointInput{
+		AccountId: aws.String(accountID),
+		Name:      aws.String(name),
+	}
+
+	output, err := conn.GetAccessPointWithContext(ctx, input)
+
+	if tfawserr.ErrCodeEquals(err, errCodeNoSuchAccessPoint) {
+		return nil, &resource.NotFoundError{
+			LastError:   err,
+			LastRequest: input,
+		}
+	}
+
+	if err != nil {
+		return nil, err
+	}
+
+	if output == nil {
+		return nil, tfresource.NewEmptyResultError(input)
+	}
+
+	return output, nil
+}
+
 const accessPointResourceIDSeparator = ":"
 
 func AccessPointCreateResourceID(accessPointARN string) (string, error) {