Upgrade terraform-provider-aws to v6.15.0 (#5872)

This PR was generated via `$ upgrade-provider pulumi/pulumi-aws
--kind=provider --target-bridge-version=latest --target-version=6.15.0
--allow-missing-docs=true`.

---

- Upgrading terraform-provider-aws from 6.14.1  to 6.15.0.
	Fixes #5870

---------

Co-authored-by: guineveresaenger <[email protected]>

Author: blampe

examples/go.mod

@@ -10,7 +10,7 @@ Beyond a mechanical revert, during v5.74.0 release resolution there were some co
 resolved in favor of upstream.
 
 diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go
-index 5845e8cfd49..a2bc35373e9 100644
+index 07db1160be0..2f0f7076d4e 100644
 --- a/internal/service/rds/proxy.go
 +++ b/internal/service/rds/proxy.go
 @@ -19,7 +19,6 @@ import (
@@ -27,7 +27,7 @@ index 5845e8cfd49..a2bc35373e9 100644
  			"auth": {
 -				Type:     schema.TypeSet,
 +				Type:     schema.TypeList,
- 				Required: true,
+ 				Optional: true,
  				Elem: &schema.Resource{
  					Schema: map[string]*schema.Schema{
 @@ -88,7 +87,6 @@ func resourceProxy() *schema.Resource {
@@ -38,26 +38,8 @@ index 5845e8cfd49..a2bc35373e9 100644
  			},
  			"debug_logging": {
  				Type:     schema.TypeBool,
-@@ -147,7 +145,7 @@ func resourceProxyCreate(ctx context.Context, d *schema.ResourceData, meta any)
- 
- 	name := d.Get(names.AttrName).(string)
- 	input := &rds.CreateDBProxyInput{
--		Auth:         expandUserAuthConfigs(d.Get("auth").(*schema.Set).List()),
-+		Auth:         expandUserAuthConfigs(d.Get("auth").([]interface{})),
- 		DBProxyName:  aws.String(name),
- 		EngineFamily: types.EngineFamily(d.Get("engine_family").(string)),
- 		RoleArn:      aws.String(d.Get(names.AttrRoleARN).(string)),
-@@ -224,7 +222,7 @@ func resourceProxyUpdate(ctx context.Context, d *schema.ResourceData, meta any)
- 	if d.HasChangesExcept(names.AttrTags, names.AttrTagsAll) {
- 		oName, nName := d.GetChange(names.AttrName)
- 		input := &rds.ModifyDBProxyInput{
--			Auth:           expandUserAuthConfigs(d.Get("auth").(*schema.Set).List()),
-+			Auth:           expandUserAuthConfigs(d.Get("auth").([]interface{})),
- 			DBProxyName:    aws.String(oName.(string)),
- 			DebugLogging:   aws.Bool(d.Get("debug_logging").(bool)),
- 			NewDBProxyName: aws.String(nName.(string)),
 diff --git a/internal/service/rds/proxy_test.go b/internal/service/rds/proxy_test.go
-index 884f83084b8..0856302c30f 100644
+index 81262141b61..f649b4623a4 100644
 --- a/internal/service/rds/proxy_test.go
 +++ b/internal/service/rds/proxy_test.go
 @@ -40,12 +40,13 @@ func TestAccRDSProxy_basic(t *testing.T) {
@@ -74,8 +56,8 @@ index 884f83084b8..0856302c30f 100644
 +
  					resource.TestCheckTypeSetElemNestedAttrs(resourceName, "auth.*", map[string]string{
  						"auth_scheme":               "SECRETS",
- 						"client_password_auth_type": "MYSQL_NATIVE_PASSWORD",
-@@ -393,10 +394,7 @@ func TestAccRDSProxy_authIAMAuth(t *testing.T) {
+ 						"client_password_auth_type": "MYSQL_CACHING_SHA2_PASSWORD",
+@@ -394,10 +395,7 @@ func TestAccRDSProxy_authIAMAuth(t *testing.T) {
  				Config: testAccProxyConfig_authIAMAuth(rName, iamAuth),
  				Check: resource.ComposeTestCheckFunc(
  					testAccCheckProxyExists(ctx, resourceName, &dbProxy),
@@ -87,7 +69,7 @@ index 884f83084b8..0856302c30f 100644
  				),
  			},
  		},
-@@ -455,6 +453,8 @@ func TestAccRDSProxy_tags(t *testing.T) {
+@@ -547,6 +545,8 @@ func TestAccRDSProxy_tags(t *testing.T) {
  	var dbProxy types.DBProxy
  	resourceName := "aws_db_proxy.test"
  	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
@@ -96,7 +78,7 @@ index 884f83084b8..0856302c30f 100644
 
  	resource.ParallelTest(t, resource.TestCase{
  		PreCheck:                 func() { acctest.PreCheck(ctx, t); testAccDBProxyPreCheck(ctx, t) },
-@@ -463,7 +463,7 @@ func TestAccRDSProxy_tags(t *testing.T) {
+@@ -555,7 +555,7 @@ func TestAccRDSProxy_tags(t *testing.T) {
  		CheckDestroy:             testAccCheckProxyDestroy(ctx),
  		Steps: []resource.TestStep{
  			{
@@ -105,7 +87,7 @@ index 884f83084b8..0856302c30f 100644
  				Check: resource.ComposeTestCheckFunc(
  					testAccCheckProxyExists(ctx, resourceName, &dbProxy),
  					resource.TestCheckResourceAttr(resourceName, acctest.CtTagsPercent, "1"),
-@@ -476,7 +476,7 @@ func TestAccRDSProxy_tags(t *testing.T) {
+@@ -568,7 +568,7 @@ func TestAccRDSProxy_tags(t *testing.T) {
  				ImportStateVerify: true,
  			},
  			{
@@ -114,7 +96,7 @@ index 884f83084b8..0856302c30f 100644
  				Check: resource.ComposeTestCheckFunc(
  					testAccCheckProxyExists(ctx, resourceName, &dbProxy),
  					resource.TestCheckResourceAttr(resourceName, acctest.CtTagsPercent, "2"),
-@@ -485,7 +485,7 @@ func TestAccRDSProxy_tags(t *testing.T) {
+@@ -577,7 +577,7 @@ func TestAccRDSProxy_tags(t *testing.T) {
  				),
  			},
  			{
@@ -123,7 +105,7 @@ index 884f83084b8..0856302c30f 100644
  				Check: resource.ComposeTestCheckFunc(
  					testAccCheckProxyExists(ctx, resourceName, &dbProxy),
  					resource.TestCheckResourceAttr(resourceName, acctest.CtTagsPercent, "1"),
-@@ -585,7 +585,7 @@ func testAccCheckProxyExists(ctx context.Context, n string, v *types.DBProxy) re
+@@ -677,7 +677,7 @@ func testAccCheckProxyExists(ctx context.Context, n string, v *types.DBProxy) re
  	}
  }
 
@@ -132,7 +114,7 @@ index 884f83084b8..0856302c30f 100644
  	return fmt.Sprintf(`
  # Secrets Manager setup
 
-@@ -675,14 +675,14 @@ resource "aws_subnet" "test" {
+@@ -767,14 +767,14 @@ resource "aws_subnet" "test" {
  }
 
  func testAccProxyConfig_basic(rName string) string {
@@ -149,7 +131,7 @@ index 884f83084b8..0856302c30f 100644
    debug_logging          = false
    engine_family          = "MYSQL"
    idle_client_timeout    = 1800
-@@ -697,19 +697,23 @@ resource "aws_db_proxy" "test" {
+@@ -789,19 +789,23 @@ resource "aws_db_proxy" "test" {
      iam_auth    = "DISABLED"
      secret_arn  = aws_secretsmanager_secret.test.arn
    }
@@ -176,7 +158,7 @@ index 884f83084b8..0856302c30f 100644
    engine_family          = "MYSQL"
    role_arn               = aws_iam_role.test.arn
    vpc_security_group_ids = [aws_security_group.test.id]
-@@ -722,18 +726,18 @@ resource "aws_db_proxy" "test" {
+@@ -814,18 +818,18 @@ resource "aws_db_proxy" "test" {
      secret_arn  = aws_secretsmanager_secret.test.arn
    }
  }
@@ -198,7 +180,7 @@ index 884f83084b8..0856302c30f 100644
    debug_logging  = %[2]t
    engine_family  = "MYSQL"
    role_arn       = aws_iam_role.test.arn
-@@ -746,18 +750,18 @@ resource "aws_db_proxy" "test" {
+@@ -838,18 +842,18 @@ resource "aws_db_proxy" "test" {
      secret_arn  = aws_secretsmanager_secret.test.arn
    }
  }
@@ -220,7 +202,7 @@ index 884f83084b8..0856302c30f 100644
    idle_client_timeout = %[2]d
    engine_family       = "MYSQL"
    role_arn            = aws_iam_role.test.arn
-@@ -770,18 +774,18 @@ resource "aws_db_proxy" "test" {
+@@ -862,18 +866,18 @@ resource "aws_db_proxy" "test" {
      secret_arn  = aws_secretsmanager_secret.test.arn
    }
  }
@@ -242,7 +224,7 @@ index 884f83084b8..0856302c30f 100644
    require_tls    = %[2]t
    engine_family  = "MYSQL"
    role_arn       = aws_iam_role.test.arn
-@@ -794,18 +798,18 @@ resource "aws_db_proxy" "test" {
+@@ -886,18 +890,18 @@ resource "aws_db_proxy" "test" {
      secret_arn  = aws_secretsmanager_secret.test.arn
    }
  }
@@ -264,7 +246,7 @@ index 884f83084b8..0856302c30f 100644
    engine_family  = "MYSQL"
    role_arn       = aws_iam_role.test2.arn
    vpc_subnet_ids = aws_subnet.test[*].id
-@@ -818,8 +822,10 @@ resource "aws_db_proxy" "test" {
+@@ -910,8 +914,10 @@ resource "aws_db_proxy" "test" {
    }
  }
 
@@ -276,7 +258,7 @@ index 884f83084b8..0856302c30f 100644
    assume_role_policy = data.aws_iam_policy_document.assume.json
  }
 
-@@ -827,18 +833,18 @@ resource "aws_iam_role_policy" "test2" {
+@@ -919,18 +925,18 @@ resource "aws_iam_role_policy" "test2" {
    role   = aws_iam_role.test.id
    policy = data.aws_iam_policy_document.test.json
  }
@@ -298,7 +280,7 @@ index 884f83084b8..0856302c30f 100644
    engine_family          = "MYSQL"
    role_arn               = aws_iam_role.test.arn
    vpc_security_group_ids = [aws_security_group.test2.id]
-@@ -853,25 +859,21 @@ resource "aws_db_proxy" "test" {
+@@ -945,25 +951,21 @@ resource "aws_db_proxy" "test" {
  }
 
  resource "aws_security_group" "test2" {
@@ -328,7 +310,7 @@ index 884f83084b8..0856302c30f 100644
    engine_family          = "MYSQL"
    role_arn               = aws_iam_role.test.arn
    vpc_security_group_ids = [aws_security_group.test.id]
-@@ -879,23 +881,23 @@ resource "aws_db_proxy" "test" {
+@@ -971,23 +973,23 @@ resource "aws_db_proxy" "test" {
 
    auth {
      auth_scheme = "SECRETS"
@@ -356,7 +338,7 @@ index 884f83084b8..0856302c30f 100644
    engine_family          = "MYSQL"
    role_arn               = aws_iam_role.test.arn
    require_tls            = true
-@@ -905,22 +907,22 @@ resource "aws_db_proxy" "test" {
+@@ -997,22 +999,22 @@ resource "aws_db_proxy" "test" {
    auth {
      auth_scheme = "SECRETS"
      description = "test"
@@ -383,7 +365,7 @@ index 884f83084b8..0856302c30f 100644
    engine_family          = "MYSQL"
    role_arn               = aws_iam_role.test.arn
    vpc_security_group_ids = [aws_security_group.test.id]
-@@ -944,7 +946,7 @@ resource "aws_db_proxy" "test" {
+@@ -1036,7 +1038,7 @@ resource "aws_db_proxy" "test" {
  }
 
  resource "aws_secretsmanager_secret" "test2" {
@@ -392,13 +374,64 @@ index 884f83084b8..0856302c30f 100644
    recovery_window_in_days = 0
  }
 
-@@ -952,46 +954,18 @@ resource "aws_secretsmanager_secret_version" "test2" {
+@@ -1044,97 +1046,18 @@ resource "aws_secretsmanager_secret_version" "test2" {
    secret_id     = aws_secretsmanager_secret.test2.id
    secret_string = "{\"username\":\"db_user\",\"password\":\"db_user_password\"}"
  }
 -`, rName, nName))
 -}
 -
+-func testAccProxyConfig_defaultAuthSchemeIAMAUTH(rName string) string {
+-	return acctest.ConfigCompose(testAccProxyConfig_base(rName), fmt.Sprintf(`
+-resource "aws_db_proxy" "test" {
+-  depends_on = [
+-    aws_secretsmanager_secret_version.test,
+-    aws_iam_role_policy.test
+-  ]
+-
+-  name                   = %[1]q
+-  debug_logging          = false
+-  engine_family          = "MYSQL"
+-  idle_client_timeout    = 1800
+-  require_tls            = true
+-  role_arn               = aws_iam_role.test.arn
+-  vpc_security_group_ids = [aws_security_group.test.id]
+-  vpc_subnet_ids         = aws_subnet.test[*].id
+-
+-  default_auth_scheme = "IAM_AUTH"
+-}
+-`, rName))
+-}
+-
+-func testAccProxyConfig_defaultAuthSchemeNONE(rName string) string {
+-	return acctest.ConfigCompose(testAccProxyConfig_base(rName), fmt.Sprintf(`
+-resource "aws_db_proxy" "test" {
+-  depends_on = [
+-    aws_secretsmanager_secret_version.test,
+-    aws_iam_role_policy.test
+-  ]
+-
+-  name                   = %[1]q
+-  debug_logging          = false
+-  engine_family          = "MYSQL"
+-  idle_client_timeout    = 1800
+-  require_tls            = true
+-  role_arn               = aws_iam_role.test.arn
+-  vpc_security_group_ids = [aws_security_group.test.id]
+-  vpc_subnet_ids         = aws_subnet.test[*].id
+-
+-  auth {
+-    auth_scheme = "SECRETS"
+-    description = "test"
+-    iam_auth    = "DISABLED"
+-    secret_arn  = aws_secretsmanager_secret.test.arn
+-  }
+-
+-  default_auth_scheme = "NONE"
+-}
+-`, rName))
+-}
+-
 -func testAccProxyConfig_tags1(rName, tagKey1, tagValue1 string) string {
 -	return acctest.ConfigCompose(testAccProxyConfig_base(rName), fmt.Sprintf(`
 -resource "aws_db_proxy" "test" {
@@ -443,7 +476,7 @@ index 884f83084b8..0856302c30f 100644
    engine_family          = "MYSQL"
    role_arn               = aws_iam_role.test.arn
    vpc_security_group_ids = [aws_security_group.test.id]
-@@ -1005,9 +979,8 @@ resource "aws_db_proxy" "test" {
+@@ -1148,9 +1071,8 @@ resource "aws_db_proxy" "test" {
    }
 
    tags = {

examples/go.sum

@@ -6,7 +6,7 @@ Subject: [PATCH] Speed up providerlint by re-using build cache and ignoring
 
 
 diff --git a/GNUmakefile b/GNUmakefile
-index 6f1a93f77ed..818ce604c9f 100644
+index 5ad2bf48f75..9eddf67c108 100644
 --- a/GNUmakefile
 +++ b/GNUmakefile
 @@ -386,9 +386,10 @@ prereq-go: ## If $(GO_VER) is not installed, install it

patches/0019-Revert-r-aws_db_proxy-Change-auth-from-TypeList-to-T.patch

@@ -8,10 +8,10 @@ set `bootstrapSelfManagedAddons: false` and selectively add the addons
 they want with the `aws.eks.Addon` resource.
 
 diff --git a/internal/service/eks/cluster.go b/internal/service/eks/cluster.go
-index 49b43f0f012..5af26588bd3 100644
+index fe559e43665..9807fd236c3 100644
 --- a/internal/service/eks/cluster.go
 +++ b/internal/service/eks/cluster.go
-@@ -185,6 +185,14 @@ func resourceCluster() *schema.Resource {
+@@ -152,6 +152,14 @@ func resourceCluster() *schema.Resource {
  				Optional: true,
  				Computed: true,
  			},
@@ -26,7 +26,7 @@ index 49b43f0f012..5af26588bd3 100644
  			"enabled_cluster_log_types": {
  				Type:     schema.TypeSet,
  				Optional: true,
-@@ -617,6 +625,10 @@ func resourceClusterCreate(ctx context.Context, d *schema.ResourceData, meta any
+@@ -577,6 +585,10 @@ func resourceClusterCreate(ctx context.Context, d *schema.ResourceData, meta any
  		return sdkdiag.AppendErrorf(diags, "waiting for EKS Cluster (%s) create: %s", d.Id(), err)
  	}