Merge pull request #13944 from DrFaust92/d/security_group_arn

d/security_groups - add `arns` attribute

.changelog/13944.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+data-source/aws_security_groups: Adds `arns` attribute
+```

aws/data_source_aws_ami.go

@@ -321,7 +321,7 @@ func amiDescriptionAttributes(d *schema.ResourceData, image *ec2.Image, meta int
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
 		Resource:  fmt.Sprintf("image/%s", d.Id()),
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 	}.String()
 
 	d.Set("arn", imageArn)

aws/data_source_aws_customer_gateway.go

@@ -102,7 +102,7 @@ func dataSourceAwsCustomerGatewayRead(d *schema.ResourceData, meta interface{})
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("customer-gateway/%s", d.Id()),

aws/data_source_aws_ebs_snapshot.go

@@ -162,7 +162,7 @@ func snapshotDescriptionAttributes(d *schema.ResourceData, snapshot *ec2.Snapsho
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
 		Resource:  fmt.Sprintf("snapshot/%s", d.Id()),
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 	}.String()
 
 	d.Set("arn", snapshotArn)

aws/data_source_aws_ebs_volume.go

@@ -140,7 +140,7 @@ func volumeDescriptionAttributes(d *schema.ResourceData, client *AWSClient, volu
 	arn := arn.ARN{
 		Partition: client.partition,
 		Region:    client.region,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		AccountID: client.accountid,
 		Resource:  fmt.Sprintf("volume/%s", d.Id()),
 	}

aws/data_source_aws_ec2_transit_gateway_route_table.go

@@ -92,7 +92,7 @@ func dataSourceAwsEc2TransitGatewayRouteTableRead(d *schema.ResourceData, meta i
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("transit-gateway-route-table/%s", d.Id()),

aws/data_source_aws_instance.go

@@ -425,7 +425,7 @@ func dataSourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error {
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("instance/%s", d.Id()),
 	}

aws/data_source_aws_internet_gateway.go

@@ -98,7 +98,7 @@ func dataSourceAwsInternetGatewayRead(d *schema.ResourceData, meta interface{})
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("internet-gateway/%s", d.Id()),

aws/data_source_aws_launch_template.go

@@ -457,7 +457,7 @@ func dataSourceAwsLaunchTemplateRead(d *schema.ResourceData, meta interface{}) e
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("launch-template/%s", d.Id()),

aws/data_source_aws_security_group.go

@@ -101,7 +101,7 @@ func dataSourceAwsSecurityGroupRead(d *schema.ResourceData, meta interface{}) er
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: *sg.OwnerId,
 		Resource:  fmt.Sprintf("security-group/%s", *sg.GroupId),

aws/data_source_aws_security_groups.go

@@ -5,6 +5,7 @@ import (
 	"log"
 
 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/arn"
 	"github.com/aws/aws-sdk-go/service/ec2"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags"
@@ -28,6 +29,11 @@ func dataSourceAwsSecurityGroups() *schema.Resource {
 				Computed: true,
 				Elem:     &schema.Schema{Type: schema.TypeString},
 			},
+			"arns": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
 		},
 	}
 }
@@ -55,7 +61,7 @@ func dataSourceAwsSecurityGroupsRead(d *schema.ResourceData, meta interface{}) e
 
 	log.Printf("[DEBUG] Reading Security Groups with request: %s", req)
 
-	var ids, vpc_ids []string
+	var ids, vpcIds, arns []string
 	for {
 		resp, err := conn.DescribeSecurityGroups(req)
 		if err != nil {
@@ -64,7 +70,17 @@ func dataSourceAwsSecurityGroupsRead(d *schema.ResourceData, meta interface{}) e
 
 		for _, sg := range resp.SecurityGroups {
 			ids = append(ids, aws.StringValue(sg.GroupId))
-			vpc_ids = append(vpc_ids, aws.StringValue(sg.VpcId))
+			vpcIds = append(vpcIds, aws.StringValue(sg.VpcId))
+
+			arn := arn.ARN{
+				Partition: meta.(*AWSClient).partition,
+				Service:   ec2.ServiceName,
+				Region:    meta.(*AWSClient).region,
+				AccountID: aws.StringValue(sg.OwnerId),
+				Resource:  fmt.Sprintf("security-group/%s", aws.StringValue(sg.GroupId)),
+			}.String()
+
+			arns = append(arns, arn)
 		}
 
 		if resp.NextToken == nil {
@@ -86,6 +102,13 @@ func dataSourceAwsSecurityGroupsRead(d *schema.ResourceData, meta interface{}) e
 		return err
 	}
 
-	err = d.Set("vpc_ids", vpc_ids)
-	return err
+	if err = d.Set("vpc_ids", vpcIds); err != nil {
+		return fmt.Errorf("error setting vpc_ids: %s", err)
+	}
+
+	if err = d.Set("arns", arns); err != nil {
+		return fmt.Errorf("error setting arns: %s", err)
+	}
+
+	return nil
 }

aws/data_source_aws_security_groups_test.go

@@ -10,15 +10,17 @@ import (
 
 func TestAccDataSourceAwsSecurityGroups_tag(t *testing.T) {
 	rInt := acctest.RandInt()
+	dataSourceName := "data.aws_security_groups.by_tag"
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			{
 				Config: testAccDataSourceAwsSecurityGroupsConfig_tag(rInt),
 				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr("data.aws_security_groups.by_tag", "ids.#", "3"),
-					resource.TestCheckResourceAttr("data.aws_security_groups.by_tag", "vpc_ids.#", "3"),
+					resource.TestCheckResourceAttr(dataSourceName, "ids.#", "3"),
+					resource.TestCheckResourceAttr(dataSourceName, "vpc_ids.#", "3"),
+					resource.TestCheckResourceAttr(dataSourceName, "arns.#", "3"),
 				),
 			},
 		},
@@ -27,15 +29,17 @@ func TestAccDataSourceAwsSecurityGroups_tag(t *testing.T) {
 
 func TestAccDataSourceAwsSecurityGroups_filter(t *testing.T) {
 	rInt := acctest.RandInt()
+	dataSourceName := "data.aws_security_groups.by_filter"
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			{
 				Config: testAccDataSourceAwsSecurityGroupsConfig_filter(rInt),
 				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr("data.aws_security_groups.by_filter", "ids.#", "3"),
-					resource.TestCheckResourceAttr("data.aws_security_groups.by_filter", "vpc_ids.#", "3"),
+					resource.TestCheckResourceAttr(dataSourceName, "ids.#", "3"),
+					resource.TestCheckResourceAttr(dataSourceName, "vpc_ids.#", "3"),
+					resource.TestCheckResourceAttr(dataSourceName, "arns.#", "3"),
 				),
 			},
 		},

aws/data_source_aws_vpc.go

@@ -191,7 +191,7 @@ func dataSourceAwsVpcRead(d *schema.ResourceData, meta interface{}) error {
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("vpc/%s", d.Id()),

aws/data_source_aws_vpc_dhcp_options.go

@@ -136,7 +136,7 @@ func dataSourceAwsVpcDhcpOptionsRead(d *schema.ResourceData, meta interface{}) e
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("dhcp-options/%s", d.Id()),

aws/data_source_aws_vpc_endpoint.go

@@ -161,7 +161,7 @@ func dataSourceAwsVpcEndpointRead(d *schema.ResourceData, meta interface{}) erro
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("vpc-endpoint/%s", d.Id()),

aws/data_source_aws_vpc_endpoint_service.go

@@ -164,7 +164,7 @@ func dataSourceAwsVpcEndpointServiceRead(d *schema.ResourceData, meta interface{
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("vpc-endpoint-service/%s", serviceId),

aws/data_source_aws_vpn_gateway.go

@@ -126,7 +126,7 @@ func dataSourceAwsVpnGatewayRead(d *schema.ResourceData, meta interface{}) error
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("vpn-gateway/%s", d.Id()),

aws/resource_aws_ami.go

@@ -420,7 +420,7 @@ func resourceAwsAmiRead(d *schema.ResourceData, meta interface{}) error {
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
 		Resource:  fmt.Sprintf("image/%s", d.Id()),
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 	}.String()
 
 	d.Set("arn", imageArn)

aws/resource_aws_customer_gateway.go

@@ -246,7 +246,7 @@ func resourceAwsCustomerGatewayRead(d *schema.ResourceData, meta interface{}) er
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("customer-gateway/%s", d.Id()),

aws/resource_aws_ebs_snapshot.go

@@ -157,7 +157,7 @@ func resourceAwsEbsSnapshotRead(d *schema.ResourceData, meta interface{}) error
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
 		Resource:  fmt.Sprintf("snapshot/%s", d.Id()),
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 	}.String()
 
 	d.Set("arn", snapshotArn)

aws/resource_aws_ebs_snapshot_copy.go

@@ -145,7 +145,7 @@ func resourceAwsEbsSnapshotCopyRead(d *schema.ResourceData, meta interface{}) er
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
 		Resource:  fmt.Sprintf("snapshot/%s", d.Id()),
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 	}.String()
 
 	d.Set("arn", snapshotArn)

aws/resource_aws_ebs_volume.go

@@ -273,7 +273,7 @@ func resourceAwsEbsVolumeRead(d *schema.ResourceData, meta interface{}) error {
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
 		Resource:  fmt.Sprintf("volume/%s", d.Id()),
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 	}
 	d.Set("arn", arn.String())
 	d.Set("availability_zone", volume.AvailabilityZone)

aws/resource_aws_ec2_carrier_gateway.go

@@ -97,7 +97,7 @@ func resourceAwsEc2CarrierGatewayRead(d *schema.ResourceData, meta interface{})
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("carrier-gateway/%s", d.Id()),

aws/resource_aws_ec2_client_vpn_endpoint.go

@@ -255,7 +255,7 @@ func resourceAwsEc2ClientVpnEndpointRead(d *schema.ResourceData, meta interface{
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("client-vpn-endpoint/%s", d.Id()),

aws/resource_aws_ec2_traffic_mirror_filter.go

@@ -157,7 +157,7 @@ func resourceAwsEc2TrafficMirrorFilterRead(d *schema.ResourceData, meta interfac
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("traffic-mirror-filter/%s", d.Id()),

aws/resource_aws_ec2_traffic_mirror_session.go

@@ -219,7 +219,7 @@ func resourceAwsEc2TrafficMirrorSessionRead(d *schema.ResourceData, meta interfa
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("traffic-mirror-session/%s", d.Id()),

aws/resource_aws_ec2_traffic_mirror_target.go

@@ -135,7 +135,7 @@ func resourceAwsEc2TrafficMirrorTargetRead(d *schema.ResourceData, meta interfac
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("traffic-mirror-target/%s", d.Id()),

aws/resource_aws_ec2_transit_gateway_route_table.go

@@ -108,7 +108,7 @@ func resourceAwsEc2TransitGatewayRouteTableRead(d *schema.ResourceData, meta int
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("transit-gateway-route-table/%s", d.Id()),

aws/resource_aws_flow_log.go

@@ -240,7 +240,7 @@ func resourceAwsLogFlowRead(d *schema.ResourceData, meta interface{}) error {
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("vpc-flow-log/%s", d.Id()),

aws/resource_aws_instance.go

@@ -951,7 +951,7 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error {
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
 		Region:    meta.(*AWSClient).region,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("instance/%s", d.Id()),
 	}

aws/resource_aws_internet_gateway.go

@@ -121,7 +121,7 @@ func resourceAwsInternetGatewayRead(d *schema.ResourceData, meta interface{}) er
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("internet-gateway/%s", d.Id()),

aws/resource_aws_key_pair.go

@@ -142,7 +142,7 @@ func resourceAwsKeyPairRead(d *schema.ResourceData, meta interface{}) error {
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("key-pair/%s", d.Id()),

aws/resource_aws_launch_template.go

@@ -737,7 +737,7 @@ func resourceAwsLaunchTemplateRead(d *schema.ResourceData, meta interface{}) err
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("launch-template/%s", d.Id()),

aws/resource_aws_network_acl.go

@@ -273,7 +273,7 @@ func resourceAwsNetworkAclRead(d *schema.ResourceData, meta interface{}) error {
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("network-acl/%s", d.Id()),

aws/resource_aws_placement_group.go

@@ -138,7 +138,7 @@ func resourceAwsPlacementGroupRead(d *schema.ResourceData, meta interface{}) err
 
 	arn := arn.ARN{
 		Partition: meta.(*AWSClient).partition,
-		Service:   "ec2",
+		Service:   ec2.ServiceName,
 		Region:    meta.(*AWSClient).region,
 		AccountID: meta.(*AWSClient).accountid,
 		Resource:  fmt.Sprintf("placement-group/%s", d.Id()),