Skip to content

new resource: aws_vpc_encryption_control #45263

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 36 commits into from
Nov 26, 2025
Merged

new resource: aws_vpc_encryption_control #45263

merged 36 commits into from
Nov 26, 2025

Conversation

@gdavison
Copy link
Contributor

@gdavison gdavison commented Nov 26, 2025
edited by ewbankkit
Loading

Rollback Plan

If a change needs to be reverted, we will publish an updated version of the library.

Changes to Security Controls

Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.

Description

Adds new resource type aws_vpc_encryption_control.

Relations

Closes #45208.

Output from Acceptance Testing

% make testacc PKG=ec2 TESTS=TestAccVPCVPCEncryptionControl_

--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithoutExclusion (53.44s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyProviderOnlyTag (137.17s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullOverlappingResourceTag (137.31s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullNonOverlappingResourceTag (138.25s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnCreate (139.70s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyResourceTag (140.89s)
--- PASS: TestAccVPCVPCEncryptionControl_Identity_Basic (153.05s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToResourceOnly (159.83s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToProviderOnly (159.97s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Add (161.42s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Replace (162.07s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnCreate (162.76s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_DefaultTag (174.48s)
--- PASS: TestAccVPCVPCEncryptionControl_basic (59.67s)
--- PASS: TestAccVPCVPCEncryptionControl_disappears (63.07s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_overlapping (208.79s)
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_monitor (103.54s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_ResourceTag (131.32s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_null (65.24s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Replace (83.09s)
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_monitor (295.19s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_nonOverlapping (109.83s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyMap (45.53s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_providerOnly (143.09s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_AddOnUpdate (58.12s)
--- PASS: TestAccVPCVPCEncryptionControl_Identity_RegionOverride (56.44s)
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Add (72.26s)
--- PASS: TestAccVPCVPCEncryptionControl_tags (92.86s)
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_monitor (473.20s)
--- PASS: TestAccVPCVPCEncryptionControl_enforce_ImplicitExclusions (971.02s)
--- PASS: TestAccVPCVPCEncryptionControl_enforce_ExplicitExclusions (976.37s)
--- PASS: TestAccVPCVPCEncryptionControl_update_enforce_ImplicitExclusions (987.43s)
--- PASS: TestAccVPCVPCEncryptionControl_update_enforce_ExplictDisableExclusions (998.69s)
--- PASS: TestAccVPCVPCEncryptionControl_update_monitorToEnforce_ImplicitExclusions (1056.04s)
--- PASS: TestAccVPCVPCEncryptionControl_update_monitorToEnforce (1058.25s)
--- PASS: TestAccVPCVPCEncryptionControl_enforce (960.98s)
--- PASS: TestAccVPCVPCEncryptionControl_Identity_Enforce (971.12s)
--- PASS: TestAccVPCVPCEncryptionControl_update_enforceToMonitor (981.86s)
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithExclusion (994.25s)
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_enforce (1528.34s)
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_enforce (2182.13s)

@gdavison
Adds create, read, and delete for basic enabling on Encryption Controls
2817ba1
@gdavison
Allows upgrading mode to enforce on creation
4fd773d
@gdavison
Enables Resource Identity and Import
c555efd
@gdavison
Corrects test naming
020e238
@gdavison
Replaces deprecated function
56993c6
@gdavison
Enables modifying mode
1ef1f94
@gdavison
Consolidates modifying VPC Encryption Control
617ea39
@gdavison
Adds resource_exclusions output
8c352e2
@gdavison
Enables _exclusion inputs
a251e04
@gdavison
Fixes attributes in tests
f0d6c93
@gdavison
Quotes ImportCheck values
e788519
@gdavison
Adds ImportCheckNoResourceAttr
72ec983
@gdavison
ImportCheckResourceAttrSet(_, false) is redundant and treats "" a…
9320dc6 
…s equivalent to `nil`
@gdavison
Fixes constants
8eb5283
@gdavison
Defines Exclusion attribute types in one place
e0b9138
@gdavison
Handles modifying and importing Exclusion attributes
573db28
@gdavison
Fixes `TestAccVPCVPCEncryptionControl_update_monitorToEnforce_Implici…
3f18305 
…tExclusions`
@gdavison
Enables timeouts
5051e71
@gdavison
Enables VCR
81cdea2
@gdavison
Adds generator for missing AWS SDK Paginators
24d2d4d
@gdavison
Generate paginators
ee6ec60
@gdavison
Replaces deprecated function
029d253
@gdavison
Adds additional exclusions
7129b2b
@gdavison
Adds tagging support
b1e43c6
@gdavison
Handles enabling VPC Encryption Controls on VPCs with existing associ…
1eac478 
…ated resources
@gdavison gdavison requested a review from a team as a code owner November 26, 2025 08:19
@github-actions
Copy link
Contributor

github-actions bot commented Nov 26, 2025

Community Guidelines

This comment is added to every new Pull Request to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

  • Please vote on this Pull Request by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
  • Please see our prioritization guide for additional information on how the maintainers handle prioritization.
  • Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Pull Request and do not help prioritize the request.

Pull Request Authors

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/elbv2 Issues and PRs that pertain to the elbv2 service. labels Nov 26, 2025
@github-actions github-actions bot added the provider Pertains to the provider itself, rather than any interaction with AWS. label Nov 26, 2025
ewbankkit
ewbankkit reviewed Nov 26, 2025
View reviewed changes
@github-actions github-actions bot added repository Repository modifications; GitHub Actions, developer docs, issue templates, codeowners, changelog. github_actions Pull requests that update Github_actions code labels Nov 26, 2025
@ewbankkit
Copy link
Contributor

ewbankkit commented Nov 26, 2025 

% make testacc TESTARGS='-run=TestAccVPCVPCEncryptionControl_' PKG=ec2 ACCTEST_PARALLELISM=4
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
make: Running acceptance tests on branch: 🌿 f-vpc-encryption-controls 🌿...
TF_ACC=1 go1.24.10 test ./internal/service/ec2/... -v -count 1 -parallel 4  -run=TestAccVPCVPCEncryptionControl_ -timeout 360m -vet=off
2025/11/26 08:55:37 Creating Terraform AWS Provider (SDKv2-style)...
2025/11/26 08:55:37 Initializing Terraform AWS Provider (SDKv2-style)...
=== RUN   TestAccVPCVPCEncryptionControl_Identity_Basic
=== PAUSE TestAccVPCVPCEncryptionControl_Identity_Basic
=== RUN   TestAccVPCVPCEncryptionControl_Identity_RegionOverride
=== PAUSE TestAccVPCVPCEncryptionControl_Identity_RegionOverride
=== RUN   TestAccVPCVPCEncryptionControl_tags
=== PAUSE TestAccVPCVPCEncryptionControl_tags
=== RUN   TestAccVPCVPCEncryptionControl_tags_null
=== PAUSE TestAccVPCVPCEncryptionControl_tags_null
=== RUN   TestAccVPCVPCEncryptionControl_tags_EmptyMap
=== PAUSE TestAccVPCVPCEncryptionControl_tags_EmptyMap
=== RUN   TestAccVPCVPCEncryptionControl_tags_AddOnUpdate
=== PAUSE TestAccVPCVPCEncryptionControl_tags_AddOnUpdate
=== RUN   TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnCreate
=== PAUSE TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnCreate
=== RUN   TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Add
=== PAUSE TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Add
=== RUN   TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Replace
=== PAUSE TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Replace
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_providerOnly
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_providerOnly
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_nonOverlapping
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_nonOverlapping
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_overlapping
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_overlapping
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToProviderOnly
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToProviderOnly
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToResourceOnly
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToResourceOnly
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyResourceTag
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyResourceTag
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyProviderOnlyTag
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyProviderOnlyTag
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullOverlappingResourceTag
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullOverlappingResourceTag
=== RUN   TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullNonOverlappingResourceTag
=== PAUSE TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullNonOverlappingResourceTag
=== RUN   TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnCreate
=== PAUSE TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnCreate
=== RUN   TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Add
=== PAUSE TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Add
=== RUN   TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Replace
=== PAUSE TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Replace
=== RUN   TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_DefaultTag
=== PAUSE TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_DefaultTag
=== RUN   TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_ResourceTag
=== PAUSE TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_ResourceTag
=== RUN   TestAccVPCVPCEncryptionControl_basic
=== PAUSE TestAccVPCVPCEncryptionControl_basic
=== RUN   TestAccVPCVPCEncryptionControl_disappears
=== PAUSE TestAccVPCVPCEncryptionControl_disappears
=== RUN   TestAccVPCVPCEncryptionControl_enforce
=== PAUSE TestAccVPCVPCEncryptionControl_enforce
=== RUN   TestAccVPCVPCEncryptionControl_enforce_ImplicitExclusions
=== PAUSE TestAccVPCVPCEncryptionControl_enforce_ImplicitExclusions
=== RUN   TestAccVPCVPCEncryptionControl_enforce_ExplicitExclusions
=== PAUSE TestAccVPCVPCEncryptionControl_enforce_ExplicitExclusions
=== RUN   TestAccVPCVPCEncryptionControl_update_monitorToEnforce
=== PAUSE TestAccVPCVPCEncryptionControl_update_monitorToEnforce
=== RUN   TestAccVPCVPCEncryptionControl_update_monitorToEnforce_ImplicitExclusions
=== PAUSE TestAccVPCVPCEncryptionControl_update_monitorToEnforce_ImplicitExclusions
=== RUN   TestAccVPCVPCEncryptionControl_update_enforce_ExplictDisableExclusions
=== PAUSE TestAccVPCVPCEncryptionControl_update_enforce_ExplictDisableExclusions
=== RUN   TestAccVPCVPCEncryptionControl_update_enforce_ImplicitExclusions
=== PAUSE TestAccVPCVPCEncryptionControl_update_enforce_ImplicitExclusions
=== RUN   TestAccVPCVPCEncryptionControl_update_enforceToMonitor
=== PAUSE TestAccVPCVPCEncryptionControl_update_enforceToMonitor
=== RUN   TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_monitor
=== PAUSE TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_monitor
=== RUN   TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithoutExclusion
=== PAUSE TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithoutExclusion
=== RUN   TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithExclusion
=== PAUSE TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithExclusion
=== RUN   TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_monitor
=== PAUSE TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_monitor
=== RUN   TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_enforce
=== PAUSE TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_enforce
=== RUN   TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_monitor
=== PAUSE TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_monitor
=== RUN   TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_enforce
=== PAUSE TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_enforce
=== RUN   TestAccVPCVPCEncryptionControl_Identity_Enforce
=== PAUSE TestAccVPCVPCEncryptionControl_Identity_Enforce
=== CONT  TestAccVPCVPCEncryptionControl_Identity_Basic
=== CONT  TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_DefaultTag
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_overlapping
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullOverlappingResourceTag
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullOverlappingResourceTag (43.81s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Add
--- PASS: TestAccVPCVPCEncryptionControl_Identity_Basic (53.51s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Replace
--- PASS: TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_DefaultTag (63.41s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyResourceTag
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_overlapping (75.55s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyProviderOnlyTag
--- PASS: TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Add (57.63s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnCreate
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyResourceTag (42.32s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToResourceOnly
--- PASS: TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnUpdate_Replace (57.65s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToProviderOnly
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_emptyProviderOnlyTag (43.12s)
=== CONT  TestAccVPCVPCEncryptionControl_update_enforce_ImplicitExclusions
--- PASS: TestAccVPCVPCEncryptionControl_tags_ComputedTag_OnCreate (45.52s)
=== CONT  TestAccVPCVPCEncryptionControl_Identity_Enforce
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToResourceOnly (55.82s)
=== CONT  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_enforce
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_updateToProviderOnly (55.62s)
=== CONT  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_monitor
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_monitor (493.83s)
=== CONT  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_enforce
--- PASS: TestAccVPCVPCEncryptionControl_Identity_Enforce (958.25s)
=== CONT  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_monitor
--- PASS: TestAccVPCVPCEncryptionControl_update_enforce_ImplicitExclusions (964.58s)
=== CONT  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithExclusion
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_monitor (245.36s)
=== CONT  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithoutExclusion
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithoutExclusion (56.71s)
=== CONT  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_monitor
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_monitor (53.92s)
=== CONT  TestAccVPCVPCEncryptionControl_update_enforceToMonitor
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Unsupported_enforce (1379.85s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnCreate
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnCreate (56.10s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_nonOverlapping
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_nonOverlapping (73.32s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_providerOnly
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_providerOnly (87.54s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Replace
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Replace (54.16s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullNonOverlappingResourceTag
--- PASS: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Excludable_enforceWithExclusion (757.05s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Add
--- PASS: TestAccVPCVPCEncryptionControl_tags_DefaultTags_nullNonOverlappingResourceTag (43.11s)
=== CONT  TestAccVPCVPCEncryptionControl_enforce_ImplicitExclusions
--- PASS: TestAccVPCVPCEncryptionControl_update_enforceToMonitor (418.39s)
=== CONT  TestAccVPCVPCEncryptionControl_disappears
--- PASS: TestAccVPCVPCEncryptionControl_disappears (39.67s)
=== CONT  TestAccVPCVPCEncryptionControl_update_enforce_ExplictDisableExclusions
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyTag_OnUpdate_Add (70.60s)
=== CONT  TestAccVPCVPCEncryptionControl_enforce
--- PASS: TestAccVPCVPCEncryptionControl_enforce_ImplicitExclusions (464.76s)
=== CONT  TestAccVPCVPCEncryptionControl_update_monitorToEnforce_ImplicitExclusions
--- PASS: TestAccVPCVPCEncryptionControl_update_enforce_ExplictDisableExclusions (471.32s)
=== CONT  TestAccVPCVPCEncryptionControl_update_monitorToEnforce
--- PASS: TestAccVPCVPCEncryptionControl_enforce (463.57s)
=== CONT  TestAccVPCVPCEncryptionControl_enforce_ExplicitExclusions
=== NAME  TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_enforce
    vpc_encryption_control_test.go:1011: Step 2/3 error: Error running apply: exit status 1
        
        Error: creating EC2 (Elastic Compute Cloud) VPC Encryption Control
        
          with aws_vpc_encryption_control.test,
          on terraform_plugin_test.tf line 40, in resource "aws_vpc_encryption_control" "test":
          40: resource "aws_vpc_encryption_control" "test" {
        
        Cause: While waiting, timeout while waiting for state to become 'TRUE' (last
        state: 'FALSE', timeout: 30m0s)"
        
--- FAIL: TestAccVPCVPCEncryptionControl_WithAssociatedResources_Migratable_enforce (2078.88s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_null
--- PASS: TestAccVPCVPCEncryptionControl_tags_null (43.31s)
=== CONT  TestAccVPCVPCEncryptionControl_basic
--- PASS: TestAccVPCVPCEncryptionControl_basic (42.28s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_AddOnUpdate
--- PASS: TestAccVPCVPCEncryptionControl_tags_AddOnUpdate (55.27s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_EmptyMap
--- PASS: TestAccVPCVPCEncryptionControl_tags_EmptyMap (43.27s)
=== CONT  TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_ResourceTag
--- PASS: TestAccVPCVPCEncryptionControl_tags_IgnoreTags_Overlap_ResourceTag (65.13s)
=== CONT  TestAccVPCVPCEncryptionControl_tags
--- PASS: TestAccVPCVPCEncryptionControl_tags (84.61s)
=== CONT  TestAccVPCVPCEncryptionControl_Identity_RegionOverride
--- PASS: TestAccVPCVPCEncryptionControl_Identity_RegionOverride (45.99s)
--- PASS: TestAccVPCVPCEncryptionControl_update_monitorToEnforce_ImplicitExclusions (960.64s)
--- PASS: TestAccVPCVPCEncryptionControl_enforce_ExplicitExclusions (949.98s)
--- PASS: TestAccVPCVPCEncryptionControl_update_monitorToEnforce (962.63s)
FAIL
FAIL	github.com/hashicorp/terraform-provider-aws/internal/service/ec2	3335.603s
FAIL
make: *** [testacc] Error 1

Base automatically changed from b-framework-identity-interceptor-onerror to main November 26, 2025 17:19
@gdavison gdavison force-pushed the f-vpc-encryption-controls branch from f681359 to bb55278 Compare November 26, 2025 17:55
ewbankkit
ewbankkit previously approved these changes Nov 26, 2025
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

@gdavison gdavison merged commit bd79ef7 into main Nov 26, 2025
69 checks passed
@gdavison gdavison deleted the f-vpc-encryption-controls branch November 26, 2025 18:55
@github-actions
Copy link
Contributor

github-actions bot commented Nov 26, 2025

Warning

This Issue has been closed, meaning that any additional comments are much easier for the maintainers to miss. Please assume that the maintainers will not see them.

Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.

@github-actions github-actions bot added this to the v6.23.0 milestone Nov 26, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Nov 26, 2025

This functionality has been released in v6.23.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Nov 26, 2025
@erezo9
Copy link

erezo9 commented Nov 27, 2025

@ewbankkit shouldnt there be support for aws_ec2_transit_gateway for encryption support?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@johnsonaj johnsonaj johnsonaj approved these changes

@ewbankkit ewbankkit ewbankkit left review comments

@breathingdust breathingdust Awaiting requested review from breathingdust breathingdust is a code owner

@justinretzolk justinretzolk Awaiting requested review from justinretzolk justinretzolk is a code owner

Assignees

No one assigned

Labels

documentation Introduces or discusses updates to documentation. generators Relates to code generators. github_actions Pull requests that update Github_actions code provider Pertains to the provider itself, rather than any interaction with AWS. repository Repository modifications; GitHub Actions, developer docs, issue templates, codeowners, changelog. service/elbv2 Issues and PRs that pertain to the elbv2 service. service/vpc Issues and PRs that pertain to the vpc service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.

Projects

None yet

Milestone

v6.23.0

Development

Successfully merging this pull request may close these issues.

Support for VPC encryption controls

4 participants

@gdavison @ewbankkit @erezo9 @johnsonaj