inspector2: New delegated admin account resource

.changelog/27229.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+aws_inspector2_delegated_admin_account
+```

internal/diag/append.go → internal/errs/append.go

@@ -1,4 +1,4 @@
-package diag
+package errs
 
 import (
 	"fmt"

internal/diag/diag.go → internal/errs/diag.go

@@ -1,4 +1,4 @@
-package diag
+package errs
 
 import (
 	"fmt"

internal/errs/errs.go

@@ -0,0 +1,48 @@
+package errs
+
+import (
+	"errors"
+	"strings"
+
+	"github.com/aws/aws-sdk-go/aws/awserr"
+)
+
+// Messager is a simple interface for types with ErrorMessage().
+type Messager interface {
+	ErrorMessage() string
+}
+
+func AsContains(err error, target any, message string) bool {
+	if errors.As(err, target) {
+		if v, ok := target.(Messager); ok && strings.Contains(v.ErrorMessage(), message) {
+			return true
+		}
+	}
+	return false
+}
+
+// Contains returns true if the error matches all these conditions:
+//   - err as string contains needle
+func Contains(err error, needle string) bool {
+	if err != nil && strings.Contains(err.Error(), needle) {
+		return true
+	}
+	return false
+}
+
+// MessageContains unwraps the error and returns true if the error matches
+// all these conditions:
+//   - err is of type awserr.Error, Error.Code() equals code, and Error.Message() contains message
+//   - OR err if not of type awserr.Error as string contains both code and message
+func MessageContains(err error, code string, message string) bool {
+	var awsErr awserr.Error
+	if AsContains(err, &awsErr, message) {
+		return true
+	}
+
+	if Contains(err, code) && Contains(err, message) {
+		return true
+	}
+
+	return false
+}

internal/provider/provider.go

@@ -1634,6 +1634,7 @@ func New(_ context.Context) (*schema.Provider, error) {
 			"aws_inspector_resource_group":      inspector.ResourceResourceGroup(),
 
 			"aws_inspector2_organization_configuration": inspector2.ResourceOrganizationConfiguration(),
+			"aws_inspector2_delegated_admin_account":    inspector2.ResourceDelegatedAdminAccount(),
 
 			"aws_iot_authorizer":                 iot.ResourceAuthorizer(),
 			"aws_iot_certificate":                iot.ResourceCertificate(),

internal/sdktypes/duration.go

@@ -6,7 +6,7 @@ import (
 	"github.com/hashicorp/go-cty/cty"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
-	awsdiag "github.com/hashicorp/terraform-provider-aws/internal/diag"
+	"github.com/hashicorp/terraform-provider-aws/internal/errs"
 )
 
 const (
@@ -34,16 +34,16 @@ func (d Duration) Value() (time.Duration, bool, error) {
 func ValidateDuration(i any, path cty.Path) diag.Diagnostics {
 	v, ok := i.(string)
 	if !ok {
-		return diag.Diagnostics{awsdiag.NewIncorrectValueTypeAttributeError(path, "string")}
+		return diag.Diagnostics{errs.NewIncorrectValueTypeAttributeError(path, "string")}
 	}
 
 	duration, err := time.ParseDuration(v)
 	if err != nil {
-		return diag.Diagnostics{awsdiag.NewInvalidValueAttributeErrorf(path, "Cannot be parsed as duration: %s", err)}
+		return diag.Diagnostics{errs.NewInvalidValueAttributeErrorf(path, "Cannot be parsed as duration: %s", err)}
 	}
 
 	if duration < 0 {
-		return diag.Diagnostics{awsdiag.NewInvalidValueAttributeError(path, "Must be greater than zero")}
+		return diag.Diagnostics{errs.NewInvalidValueAttributeError(path, "Must be greater than zero")}
 	}
 
 	return nil

internal/sdktypes/rfc3339_duration.go

@@ -4,7 +4,7 @@ import (
 	"github.com/hashicorp/go-cty/cty"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
-	awsdiag "github.com/hashicorp/terraform-provider-aws/internal/diag"
+	"github.com/hashicorp/terraform-provider-aws/internal/errs"
 	"github.com/hashicorp/terraform-provider-aws/internal/types/duration"
 )
 
@@ -33,12 +33,12 @@ func (d RFC3339Duration) Value() (duration.Duration, bool, error) {
 func ValidateRFC3339Duration(i any, path cty.Path) diag.Diagnostics {
 	v, ok := i.(string)
 	if !ok {
-		return diag.Diagnostics{awsdiag.NewIncorrectValueTypeAttributeError(path, "string")}
+		return diag.Diagnostics{errs.NewIncorrectValueTypeAttributeError(path, "string")}
 	}
 
 	_, err := duration.Parse(v)
 	if err != nil {
-		return diag.Diagnostics{awsdiag.NewInvalidValueAttributeErrorf(path, "Cannot be parsed as an RFC 3339 duration: %s", err)}
+		return diag.Diagnostics{errs.NewInvalidValueAttributeErrorf(path, "Cannot be parsed as an RFC 3339 duration: %s", err)}
 	}
 
 	return nil

internal/service/comprehend/document_classifier.go

@@ -24,8 +24,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
 	"github.com/hashicorp/terraform-provider-aws/internal/create"
-	awsdiag "github.com/hashicorp/terraform-provider-aws/internal/diag"
 	"github.com/hashicorp/terraform-provider-aws/internal/enum"
+	"github.com/hashicorp/terraform-provider-aws/internal/errs"
 	tfec2 "github.com/hashicorp/terraform-provider-aws/internal/service/ec2"
 	tftags "github.com/hashicorp/terraform-provider-aws/internal/tags"
 	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
@@ -369,7 +369,7 @@ func resourceDocumentClassifierUpdate(ctx context.Context, d *schema.ResourceDat
 		o, n := d.GetChange("tags_all")
 
 		if err := UpdateTags(ctx, conn, d.Id(), o, n); err != nil {
-			return awsdiag.AppendErrorf(diags, "updating tags for Comprehend Document Classifier (%s): %s", d.Id(), err)
+			return errs.AppendErrorf(diags, "updating tags for Comprehend Document Classifier (%s): %s", d.Id(), err)
 		}
 	}
 
@@ -568,7 +568,7 @@ func documentClassifierPublishVersion(ctx context.Context, conn *comprehend.Clie
 			ec2Conn := awsClient.EC2Conn
 			enis, err := findNetworkInterfaces(waitCtx, ec2Conn, in.VpcConfig.SecurityGroupIds, in.VpcConfig.Subnets)
 			if err != nil {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
 				return nil
 			}
 			initialENIIds := make(map[string]bool, len(enis))
@@ -578,11 +578,11 @@ func documentClassifierPublishVersion(ctx context.Context, conn *comprehend.Clie
 
 			newENI, err := waitNetworkInterfaceCreated(waitCtx, ec2Conn, initialENIIds, in.VpcConfig.SecurityGroupIds, in.VpcConfig.Subnets, d.Timeout(schema.TimeoutCreate))
 			if errors.Is(err, context.Canceled) {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, "ENI not found")
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, "ENI not found")
 				return nil
 			}
 			if err != nil {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
 				return nil
 			}
 
@@ -598,7 +598,7 @@ func documentClassifierPublishVersion(ctx context.Context, conn *comprehend.Clie
 				},
 			})
 			if err != nil {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
 				return nil
 			}
 
@@ -608,7 +608,7 @@ func documentClassifierPublishVersion(ctx context.Context, conn *comprehend.Clie
 
 	err = g.Wait().ErrorOrNil()
 	if err != nil {
-		diags = awsdiag.AppendErrorf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
+		diags = errs.AppendErrorf(diags, "waiting for Amazon Comprehend Document Classifier (%s) %s: %s", d.Id(), tobe, err)
 	}
 
 	return diags

internal/service/comprehend/entity_recognizer.go

@@ -22,8 +22,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
 	"github.com/hashicorp/terraform-provider-aws/internal/create"
-	awsdiag "github.com/hashicorp/terraform-provider-aws/internal/diag"
 	"github.com/hashicorp/terraform-provider-aws/internal/enum"
+	"github.com/hashicorp/terraform-provider-aws/internal/errs"
 	tfec2 "github.com/hashicorp/terraform-provider-aws/internal/service/ec2"
 	tftags "github.com/hashicorp/terraform-provider-aws/internal/tags"
 	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
@@ -399,7 +399,7 @@ func resourceEntityRecognizerUpdate(ctx context.Context, d *schema.ResourceData,
 		o, n := d.GetChange("tags_all")
 
 		if err := UpdateTags(ctx, conn, d.Id(), o, n); err != nil {
-			return awsdiag.AppendErrorf(diags, "updating tags for Comprehend Entity Recognizer (%s): %s", d.Id(), err)
+			return errs.AppendErrorf(diags, "updating tags for Comprehend Entity Recognizer (%s): %s", d.Id(), err)
 		}
 	}
 
@@ -596,7 +596,7 @@ func entityRecognizerPublishVersion(ctx context.Context, conn *comprehend.Client
 			ec2Conn := awsClient.EC2Conn
 			enis, err := findNetworkInterfaces(waitCtx, ec2Conn, in.VpcConfig.SecurityGroupIds, in.VpcConfig.Subnets)
 			if err != nil {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
 				return nil
 			}
 			initialENIIds := make(map[string]bool, len(enis))
@@ -606,11 +606,11 @@ func entityRecognizerPublishVersion(ctx context.Context, conn *comprehend.Client
 
 			newENI, err := waitNetworkInterfaceCreated(waitCtx, ec2Conn, initialENIIds, in.VpcConfig.SecurityGroupIds, in.VpcConfig.Subnets, d.Timeout(schema.TimeoutCreate))
 			if errors.Is(err, context.Canceled) {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, "ENI not found")
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, "ENI not found")
 				return nil
 			}
 			if err != nil {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
 				return nil
 			}
 
@@ -626,7 +626,7 @@ func entityRecognizerPublishVersion(ctx context.Context, conn *comprehend.Client
 				},
 			})
 			if err != nil {
-				diags = awsdiag.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
+				diags = errs.AppendWarningf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
 				return nil
 			}
 
@@ -636,7 +636,7 @@ func entityRecognizerPublishVersion(ctx context.Context, conn *comprehend.Client
 
 	err = g.Wait().ErrorOrNil()
 	if err != nil {
-		diags = awsdiag.AppendErrorf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
+		diags = errs.AppendErrorf(diags, "waiting for Amazon Comprehend Entity Recognizer (%s) %s: %s", d.Id(), tobe, err)
 	}
 
 	return diags