resource/networkmanager_vpn_attachment and update attachment_accepter

.changelog/27387.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+aws_networkmanager_site_to_site_vpn_attachment
+```

internal/provider/provider.go

@@ -1813,6 +1813,7 @@ func New(_ context.Context) (*schema.Provider, error) {
 			"aws_networkmanager_transit_gateway_registration":             networkmanager.ResourceTransitGatewayRegistration(),
 			"aws_networkmanager_transit_gateway_route_table_attachment":   networkmanager.ResourceTransitGatewayRouteTableAttachment(),
 			"aws_networkmanager_vpc_attachment":                           networkmanager.ResourceVPCAttachment(),
+			"aws_networkmanager_site_to_site_vpn_attachment":              networkmanager.ResourceSiteToSiteVPNAttachment(),
 
 			"aws_opensearch_domain":              opensearch.ResourceDomain(),
 			"aws_opensearch_domain_policy":       opensearch.ResourceDomainPolicy(),

internal/service/networkmanager/attachment_accepter.go

@@ -2,6 +2,7 @@ package networkmanager
 
 import (
 	"context"
+	"log"
 	"time"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -10,6 +11,7 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
 )
 
 // AttachmentAccepter does not require AttachmentType. However, querying attachments for status updates requires knowing tyupe
@@ -43,9 +45,8 @@ func ResourceAttachmentAccepter() *schema.Resource {
 				ForceNew: true,
 				ValidateFunc: validation.StringInSlice([]string{
 					networkmanager.AttachmentTypeVpc,
+					networkmanager.AttachmentTypeSiteToSiteVpn,
 				}, false),
-				// Implement Values() function for validation as more types are onboarded to provider
-				// networkmanager.AttachmentType_Values(), false),
 			},
 			"core_network_arn": {
 				Type:     schema.TypeString,
@@ -82,18 +83,38 @@ func ResourceAttachmentAccepter() *schema.Resource {
 func resourceAttachmentAccepterCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).NetworkManagerConn
 
-	if attachmentType := d.Get("attachment_type").(string); attachmentType != networkmanager.AttachmentTypeVpc {
-		return diag.Errorf("unsupported Network Manager Attachment type: %s", attachmentType)
-	}
-
+	var state string
 	attachmentID := d.Get("attachment_id").(string)
-	vpcAttachment, err := FindVPCAttachmentByID(ctx, conn, attachmentID)
+	attachmentType := d.Get("attachment_type").(string)
+
+	switch attachmentType {
+	case networkmanager.AttachmentTypeVpc:
+		vpcAttachment, err := FindVPCAttachmentByID(ctx, conn, attachmentID)
+
+		if err != nil {
+			return diag.Errorf("reading Network Manager VPC Attachment (%s): %s", attachmentID, err)
+		}
+
+		state = aws.StringValue(vpcAttachment.Attachment.State)
+
+		d.SetId(attachmentID)
+
+	case networkmanager.AttachmentTypeSiteToSiteVpn:
+		vpnAttachment, err := FindSiteToSiteVPNAttachmentByID(ctx, conn, attachmentID)
+
+		if err != nil {
+			return diag.Errorf("reading Network Manager Site To Site VPN Attachment (%s): %s", attachmentID, err)
+		}
+
+		state = aws.StringValue(vpnAttachment.Attachment.State)
+
+		d.SetId(attachmentID)
 
-	if err != nil {
-		return diag.Errorf("reading Network Manager VPC Attachment (%s): %s", attachmentID, err)
+	default:
+		return diag.Errorf("unsupported Network Manager Attachment type: %s", attachmentType)
 	}
 
-	if state := aws.StringValue(vpcAttachment.Attachment.State); state == networkmanager.AttachmentStatePendingAttachmentAcceptance || state == networkmanager.AttachmentStatePendingTagAcceptance {
+	if state == networkmanager.AttachmentStatePendingAttachmentAcceptance || state == networkmanager.AttachmentStatePendingTagAcceptance {
 		input := &networkmanager.AcceptAttachmentInput{
 			AttachmentId: aws.String(attachmentID),
 		}
@@ -104,34 +125,72 @@ func resourceAttachmentAccepterCreate(ctx context.Context, d *schema.ResourceDat
 			return diag.Errorf("accepting Network Manager Attachment (%s): %s", attachmentID, err)
 		}
 
-		if _, err := waitVPCAttachmentCreated(ctx, conn, attachmentID, d.Timeout(schema.TimeoutCreate)); err != nil {
-			return diag.Errorf("waiting for Network Manager VPC Attachment (%s) create: %s", attachmentID, err)
+		switch attachmentType {
+		case networkmanager.AttachmentTypeVpc:
+			if _, err := waitVPCAttachmentCreated(ctx, conn, attachmentID, d.Timeout(schema.TimeoutCreate)); err != nil {
+				return diag.Errorf("waiting for Network Manager VPC Attachment (%s) create: %s", attachmentID, err)
+			}
+
+		case networkmanager.AttachmentTypeSiteToSiteVpn:
+			if _, err := waitSiteToSiteVPNAttachmentAvailable(ctx, conn, attachmentID, d.Timeout(schema.TimeoutCreate)); err != nil {
+				return diag.Errorf("waiting for Network Manager VPN Attachment (%s) create: %s", attachmentID, err)
+			}
 		}
 	}
 
-	d.SetId(attachmentID)
-
 	return resourceAttachmentAccepterRead(ctx, d, meta)
 }
 
 func resourceAttachmentAccepterRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).NetworkManagerConn
 
-	vpcAttachment, err := FindVPCAttachmentByID(ctx, conn, d.Id())
+	switch aType := d.Get("attachment_type"); aType {
+	case networkmanager.AttachmentTypeVpc:
+		vpcAttachment, err := FindVPCAttachmentByID(ctx, conn, d.Id())
 
-	if err != nil {
-		return diag.Errorf("reading Network Manager VPC Attachment (%s): %s", d.Id(), err)
-	}
+		if !d.IsNewResource() && tfresource.NotFound(err) {
+			log.Printf("[WARN] Network Manager VPC Attachment %s not found, removing from state", d.Id())
+			d.SetId("")
+			return nil
+		}
+
+		if err != nil {
+			return diag.Errorf("reading Network Manager VPC Attachment (%s): %s", d.Id(), err)
+		}
+
+		a := vpcAttachment.Attachment
+		d.Set("attachment_policy_rule_number", a.AttachmentPolicyRuleNumber)
+		d.Set("core_network_arn", a.CoreNetworkArn)
+		d.Set("core_network_id", a.CoreNetworkId)
+		d.Set("edge_location", a.EdgeLocation)
+		d.Set("owner_account_id", a.OwnerAccountId)
+		d.Set("resource_arn", a.ResourceArn)
+		d.Set("segment_name", a.SegmentName)
+		d.Set("state", a.State)
+
+	case networkmanager.AttachmentTypeSiteToSiteVpn:
+		vpnAttachment, err := FindSiteToSiteVPNAttachmentByID(ctx, conn, d.Id())
+
+		if !d.IsNewResource() && tfresource.NotFound(err) {
+			log.Printf("[WARN] Network Manager Site To Site VPN Attachment %s not found, removing from state", d.Id())
+			d.SetId("")
+			return nil
+		}
 
-	a := vpcAttachment.Attachment
-	d.Set("attachment_policy_rule_number", a.AttachmentPolicyRuleNumber)
-	d.Set("core_network_arn", a.CoreNetworkArn)
-	d.Set("core_network_id", a.CoreNetworkId)
-	d.Set("edge_location", a.EdgeLocation)
-	d.Set("owner_account_id", a.OwnerAccountId)
-	d.Set("resource_arn", a.ResourceArn)
-	d.Set("segment_name", a.SegmentName)
-	d.Set("state", a.State)
+		if err != nil {
+			return diag.Errorf("reading Network Manager Site To Site VPN Attachment (%s): %s", d.Id(), err)
+		}
+
+		a := vpnAttachment.Attachment
+		d.Set("attachment_policy_rule_number", a.AttachmentPolicyRuleNumber)
+		d.Set("core_network_arn", a.CoreNetworkArn)
+		d.Set("core_network_id", a.CoreNetworkId)
+		d.Set("edge_location", a.EdgeLocation)
+		d.Set("owner_account_id", a.OwnerAccountId)
+		d.Set("resource_arn", a.ResourceArn)
+		d.Set("segment_name", a.SegmentName)
+		d.Set("state", a.State)
+	}
 
 	return nil
 }