Sync with hashicorp 14 #23

ab-cs13 · 2025-11-23T09:49:02Z

sync with hashicorp

Previously the check for whether tag policy compliance was enabled and included required tags for the current resource type was nested in the middle of the required tag validation logic. It is now moved to the start to exit as early as possible and prevent unnecessary processing of tag values. ```console % TF_ACC_REQUIRED_TAG_KEY=Owner make t K=iot T=TestAccIoTBillingGroup_requiredTags make: Verifying source code with gofmt... ==> Checking that code complies with gofmt requirements... make: Running acceptance tests on branch: 🌿 b-tag-policy-interceptor 🌿... TF_ACC=1 go1.24.10 test ./internal/service/iot/... -v -count 1 -parallel 20 -run='TestAccIoTBillingGroup_requiredTags' -timeout 360m -vet=off 2025/11/21 10:54:23 Creating Terraform AWS Provider (SDKv2-style)... 2025/11/21 10:54:23 Initializing Terraform AWS Provider (SDKv2-style)... --- PASS: TestAccIoTBillingGroup_requiredTags_defaultTags (21.24s) --- PASS: TestAccIoTBillingGroup_requiredTags (21.25s) --- PASS: TestAccIoTBillingGroup_requiredTags_disabled (35.96s) --- PASS: TestAccIoTBillingGroup_requiredTags_warning (39.28s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/iot 45.913s ``` ```console % TF_ACC_REQUIRED_TAG_KEY=Owner make t K=logs T=TestAccLogsLogGroup_requiredTags make: Verifying source code with gofmt... ==> Checking that code complies with gofmt requirements... make: Running acceptance tests on branch: 🌿 b-tag-policy-interceptor 🌿... TF_ACC=1 go1.24.10 test ./internal/service/logs/... -v -count 1 -parallel 20 -run='TestAccLogsLogGroup_requiredTags' -timeout 360m -vet=off 2025/11/21 10:57:30 Creating Terraform AWS Provider (SDKv2-style)... 2025/11/21 10:57:30 Initializing Terraform AWS Provider (SDKv2-style)... --- PASS: TestAccLogsLogGroup_requiredTags (19.66s) --- PASS: TestAccLogsLogGroup_requiredTags_defaultTags (19.75s) --- PASS: TestAccLogsLogGroup_requiredTags_disabled (35.51s) --- PASS: TestAccLogsLogGroup_requiredTags_warning (38.56s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/logs 45.089s ```

…} is nil, not map[string]interface {}' panic in 'expandAnalysisRuleCriteria'.

Previously the validate required tags interceptor would crash when the planned value for the `tags` attribute included unknown tag values. Validation now skips when planned values are not wholly known. Without the patch: ```console % go test -count=1 ./internal/provider/framework/... -run Test_resourceValidateRequiredTagsInterceptor --- FAIL: Test_resourceValidateRequiredTagsInterceptor (0.00s) --- FAIL: Test_resourceValidateRequiredTagsInterceptor/create,_unknown_tag_values (0.00s) --- FAIL: Test_resourceValidateRequiredTagsInterceptor (0.00s) --- FAIL: Test_resourceValidateRequiredTagsInterceptor/update,_unknown_tag_values (0.00s) panic: Value Conversion Error An unexpected error was encountered trying to build a value. This is always an error in the provider. Please report the following to the provider developer: Received unknown value, however the target type cannot handle unknown values. Use the corresponding `types` package type or a custom type that handles unknown values. Path: ["foo"] Target Type: *string Suggested Type: basetypes.StringValue ["foo"] [recovered] panic: Value Conversion Error An unexpected error was encountered trying to build a value. This is always an error in the provider. Please report the following to the provider developer: Received unknown value, however the target type cannot handle unknown values. Use the corresponding `types` package type or a custom type that handles unknown values. Path: ["foo"] Target Type: *string Suggested Type: basetypes.StringValue ["foo"] goroutine 28 [running]: testing.tRunner.func1.2({0x101701aa0, 0x14001282150}) /Users/jaredbaker/sdk/go1.24.10/src/testing/testing.go:1734 +0x1ac testing.tRunner.func1() /Users/jaredbaker/sdk/go1.24.10/src/testing/testing.go:1737 +0x334 panic({0x101701aa0?, 0x14001282150?}) /Users/jaredbaker/sdk/go1.24.10/src/runtime/panic.go:792 +0x124 github.com/hashicorp/terraform-provider-aws/internal/errs.Must[...](...) /Users/jaredbaker/development/_worktrees/b-tag-policy-interceptor/internal/errs/must.go:13 github.com/hashicorp/terraform-provider-aws/internal/errs/fwdiag.Must[...]({0x0?, 0x0}, {0x14001280920, 0x1016b17a0?, 0x1400009a298?}) /Users/jaredbaker/development/_worktrees/b-tag-policy-interceptor/internal/errs/fwdiag/must.go:17 +0x58 github.com/hashicorp/terraform-provider-aws/internal/framework/flex.must(...) /Users/jaredbaker/development/_worktrees/b-tag-policy-interceptor/internal/framework/flex/errs.go:13 github.com/hashicorp/terraform-provider-aws/internal/framework/flex.ExpandFrameworkStringMap({0x1017c9e08, 0x140011020c0}, {0x1017cea10, 0x1400138c1c0}) /Users/jaredbaker/development/_worktrees/b-tag-policy-interceptor/internal/framework/flex/map.go:17 +0x94 github.com/hashicorp/terraform-provider-aws/internal/tags.New({0x1017c9e08, 0x140011020c0}, {0x101795120?, 0x1400110dd68}) /Users/jaredbaker/development/_worktrees/b-tag-policy-interceptor/internal/tags/key_value_tags.go:650 +0x2fc github.com/hashicorp/terraform-provider-aws/internal/provider/framework.resourceValidateRequiredTagsInterceptor.modifyPlan({}, {0x1017c9e08, 0x140011020c0}, {{0x1017cfb58, 0x14000aec160}, 0x140000fc700, 0x14001049580, 0x1}) /Users/jaredbaker/development/_worktrees/b-tag-policy-interceptor/internal/provider/framework/tags_interceptor.go:308 +0x4d8 github.com/hashicorp/terraform-provider-aws/internal/provider/framework.Test_resourceValidateRequiredTagsInterceptor.func2(0x14000003c00) /Users/jaredbaker/development/_worktrees/b-tag-policy-interceptor/internal/provider/framework/tags_interceptor_test.go:404 +0x16c testing.tRunner(0x14000003c00, 0x14001063570) /Users/jaredbaker/sdk/go1.24.10/src/testing/testing.go:1792 +0xe4 created by testing.(*T).Run in goroutine 24 /Users/jaredbaker/sdk/go1.24.10/src/testing/testing.go:1851 +0x374 FAIL github.com/hashicorp/terraform-provider-aws/internal/provider/framework 0.850s ``` ```console % TF_ACC_REQUIRED_TAG_KEY=Owner make t K=iot T=TestAccIoTBillingGroup_requiredTags && TF_ACC_REQUIRED_TAG_KEY=Owner make t K=logs T=TestAccLogsLogGroup_requiredTags make: Verifying source code with gofmt... ==> Checking that code complies with gofmt requirements... make: Running acceptance tests on branch: 🌿 b-tag-policy-interceptor 🌿... TF_ACC=1 go1.24.10 test ./internal/service/iot/... -v -count 1 -parallel 20 -run='TestAccIoTBillingGroup_requiredTags' -timeout 360m -vet=off 2025/11/21 11:54:39 Creating Terraform AWS Provider (SDKv2-style)... 2025/11/21 11:54:39 Initializing Terraform AWS Provider (SDKv2-style)... --- PASS: TestAccIoTBillingGroup_requiredTags_defaultTags (19.31s) --- PASS: TestAccIoTBillingGroup_requiredTags (19.33s) --- PASS: TestAccIoTBillingGroup_requiredTags_disabled (34.01s) --- PASS: TestAccIoTBillingGroup_requiredTags_warning (37.18s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/iot 43.681s make: Verifying source code with gofmt... ==> Checking that code complies with gofmt requirements... make: Running acceptance tests on branch: 🌿 b-tag-policy-interceptor 🌿... TF_ACC=1 go1.24.10 test ./internal/service/logs/... -v -count 1 -parallel 20 -run='TestAccLogsLogGroup_requiredTags' -timeout 360m -vet=off 2025/11/21 11:55:37 Creating Terraform AWS Provider (SDKv2-style)... 2025/11/21 11:55:37 Initializing Terraform AWS Provider (SDKv2-style)... --- PASS: TestAccLogsLogGroup_requiredTags (19.59s) --- PASS: TestAccLogsLogGroup_requiredTags_defaultTags (19.67s) --- PASS: TestAccLogsLogGroup_requiredTags_disabled (35.34s) --- PASS: TestAccLogsLogGroup_requiredTags_warning (38.32s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/logs 44.717s ```

…es/dot-ci/tools/github.com/rhysd/actionlint-1.7.9 Bump github.com/rhysd/actionlint from 1.7.8 to 1.7.9 in /.ci/tools

…r_analyzer.resource_tags-crash r/aws_accessanalyzer_analyzer Fix crash when `resource_tags` are `null`

…eptor Provider: Fix required tag validation regressions

…lidation b/aws_odb_cloud_vm_cluster: Fix validation error when using variables

…ter_6.22.1_release Add CHANGELOG entry for v6.23.0

…ize-ri-parsing generators: Centralize Resource Identity annotation parsing

Support of tenancy for lambda function creation and invocation

github-actions · 2025-11-23T09:49:14Z

Community Guidelines

This comment is added to every new Pull Request to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

Please vote on this Pull Request by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
Please see our prioritization guide for additional information on how the maintainers handle prioritization.
Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Pull Request and do not help prioritize the request.

Pull Request Authors

Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

github-actions · 2025-11-23T09:59:57Z

Warning

This Issue has been closed, meaning that any additional comments are much easier for the maintainers to miss. Please assume that the maintainers will not see them.

Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.

ewbankkit added 30 commits November 20, 2025 15:07

go get github.com/aws/aws-sdk-go-v2/service/codecommit.

0df9c8b

go get github.com/aws/aws-sdk-go-v2/service/codeconnections.

483cd4d

go get github.com/aws/aws-sdk-go-v2/service/codedeploy.

74b43f6

go get github.com/aws/aws-sdk-go-v2/service/codeguruprofiler.

fca36b2

go get github.com/aws/aws-sdk-go-v2/service/codegurureviewer.

68d6969

go get github.com/aws/aws-sdk-go-v2/service/codepipeline.

0fa44d5

go get github.com/aws/aws-sdk-go-v2/service/codestarconnections.

5c809e3

go get github.com/aws/aws-sdk-go-v2/service/codestarnotifications.

ae5cd66

go get github.com/aws/aws-sdk-go-v2/service/cognitoidentity.

98e5602

go get github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider.

0fee127

go get github.com/aws/aws-sdk-go-v2/service/comprehend.

14e5f9d

go get github.com/aws/aws-sdk-go-v2/service/computeoptimizer.

4c4f744

go get github.com/aws/aws-sdk-go-v2/service/configservice.

42808d5

go get github.com/aws/aws-sdk-go-v2/service/connect.

c2e56dd

go get github.com/aws/aws-sdk-go-v2/service/connectcases.

8985ea9

go get github.com/aws/aws-sdk-go-v2/service/controltower.

5dc8ac3

go get github.com/aws/aws-sdk-go-v2/service/costandusagereportservice.

406a778

go get github.com/aws/aws-sdk-go-v2/service/costexplorer.

fdc47d0

go get github.com/aws/aws-sdk-go-v2/service/costoptimizationhub.

bc9987a

go get github.com/aws/aws-sdk-go-v2/service/customerprofiles.

cdbe034

go get github.com/aws/aws-sdk-go-v2/service/databasemigrationservice.

91b4d75

go get github.com/aws/aws-sdk-go-v2/service/databrew.

f8e857f

go get github.com/aws/aws-sdk-go-v2/service/dataexchange.

650b8c7

go get github.com/aws/aws-sdk-go-v2/service/datapipeline.

e3faadb

go get github.com/aws/aws-sdk-go-v2/service/datasync.

99958ae

go get github.com/aws/aws-sdk-go-v2/service/datazone.

eeb8cde

go get github.com/aws/aws-sdk-go-v2/service/dax.

21751e4

go get github.com/aws/aws-sdk-go-v2/service/detective.

a256774

go get github.com/aws/aws-sdk-go-v2/service/devicefarm.

97b2639

go get github.com/aws/aws-sdk-go-v2/service/devopsguru.

ab2788e

jar-b and others added 27 commits November 21, 2025 11:02

Update CHANGELOG.md for hashicorp#45176

01fdaa4

testAccAnalyzer_nullInResourceTags: Don't require an Organization.

1f89c3a

r/aws_accessanalyzer_analyzer: Fix 'interface conversion: interface {…

0e5174e

…} is nil, not map[string]interface {}' panic in 'expandAnalysisRuleCriteria'.

Fix 'testAccAnalyzer_nullInResourceTags'.

950268a

aws_odb_cloud_vm_cluster: check only that values are null for validation

36deb3e

Add CHAGELOG entry.

4168c01

Fix terrafmt error.

18e4ce2

Merge pull request hashicorp#45184 from hashicorp/dependabot/go_modul…

5e59bb9

…es/dot-ci/tools/github.com/rhysd/actionlint-1.7.9 Bump github.com/rhysd/actionlint from 1.7.8 to 1.7.9 in /.ci/tools

aws_odb_cloud_vm_cluster: add test for variable validation

3675df4

linter fix

c44ab7f

add CHANGELOG entry

f256ec5

update CHANGELOG entry

67b49e2

Merge pull request hashicorp#45202 from hashicorp/b-aws_accessanalyze…

83fb37e

…r_analyzer.resource_tags-crash r/aws_accessanalyzer_analyzer Fix crash when `resource_tags` are `null`

Update CHANGELOG.md for hashicorp#45202

f84529a

linter fix

01dba23

Merge pull request hashicorp#45201 from hashicorp/b-tag-policy-interc…

432fd5e

…eptor Provider: Fix required tag validation regressions

Merge pull request hashicorp#45205 from hashicorp/b-odb_vm_cluster_va…

ee5b715

…lidation b/aws_odb_cloud_vm_cluster: Fix validation error when using variables

Update CHANGELOG.md for hashicorp#45205

3c1ebd3

chore: v6.22.1 release prep (hashicorp#45207)

b770a49

Bumped product version to 6.22.2.

a38c4b8

Add changelog entry for v6.23.0

93c9bce

Merge pull request hashicorp#45209 from hashicorp/changelog_update_af…

f87c9ec

…ter_6.22.1_release Add CHANGELOG entry for v6.23.0

Merge pull request hashicorp#45039 from hashicorp/td-test-gen-central…

1b70869

…ize-ri-parsing generators: Centralize Resource Identity annotation parsing

Merge pull request hashicorp#45170 from sasidhar-aws/f_lambda_tenancy

203c377

Support of tenancy for lambda function creation and invocation

Merge remote-tracking branch 'upstream/main' into sync-with-hashicorp-14

50e4ad9

ab-cs13 merged commit 4e8f435 into main Nov 23, 2025
17 of 21 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Sync with hashicorp 14 #23

Sync with hashicorp 14 #23

Uh oh!

ab-cs13 commented Nov 23, 2025

Uh oh!

github-actions bot commented Nov 23, 2025

Uh oh!

Uh oh!

github-actions bot commented Nov 23, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants

Sync with hashicorp 14 #23

Sync with hashicorp 14 #23

Uh oh!

Conversation

ab-cs13 commented Nov 23, 2025

Uh oh!

github-actions bot commented Nov 23, 2025

Community Guidelines

Voting for Prioritization

Pull Request Authors

Uh oh!

Uh oh!

github-actions bot commented Nov 23, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants