From 6b071c4136fb3e75fd48257ffe3a9a154dafdf1b Mon Sep 17 00:00:00 2001 From: arielm-cloudbuzz <110726427+arielm-cloudbuzz@users.noreply.github.com> Date: Wed, 8 Nov 2023 23:58:34 +0200 Subject: [PATCH] format all docs --- docs/index.md | 143 +++++----- docs/resources/appflow_connector_profile.md | 288 ++++++++++---------- docs/resources/appflow_flow.md | 159 +++++------ 3 files changed, 289 insertions(+), 301 deletions(-) diff --git a/docs/index.md b/docs/index.md index cfcf51c..dd2b840 100644 --- a/docs/index.md +++ b/docs/index.md @@ -17,7 +17,6 @@ Use this provider with SAP OData and S3 connectors. [![](https://github.com/cloudbuzzbyone/terraform-provider-appflow/assets/110726427/99c0e37e-82fb-4df2-9099-d796cc313ebf)](mailto://info@cloudbuzz.co.il) - ### 🇮🇱 [We Stand with Israel!](https://cloudbuzz.co.il) 🇮🇱 [![](https://github.com/cloudbuzzbyone/terraform-provider-appflow/assets/110726427/e7cd93a1-105e-4c43-b6ab-fe5029c92b2e)](https://cloudbuzz.co.il) @@ -92,9 +91,9 @@ provider "aws" { Other settings related to authorization can be configured, such as: -* `profile` -* `shared_config_files` -* `shared_credentials_files` +- `profile` +- `shared_config_files` +- `shared_credentials_files` ### Environment Variables @@ -116,9 +115,9 @@ provider "aws" {} Other environment variables related to authorization are: -* `AWS_PROFILE` -* `AWS_CONFIG_FILE` -* `AWS_SHARED_CREDENTIALS_FILE` +- `AWS_PROFILE` +- `AWS_CONFIG_FILE` +- `AWS_SHARED_CREDENTIALS_FILE` ### Shared Configuration and Credentials Files @@ -287,87 +286,87 @@ By default, the underlying AWS client used by the Terraform AWS Provider creates In addition to [generic `provider` arguments](https://www.terraform.io/docs/configuration/providers.html) (e.g., `alias` and `version`), the following arguments are supported in the AWS - `provider` block: +`provider` block: -* `access_key` - (Optional) AWS access key. Can also be set with the `AWS_ACCESS_KEY_ID` environment variable, or via a shared credentials file if `profile` is specified. See also `secret_key`. -* `allowed_account_ids` - (Optional) List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one (and potentially end up destroying a live environment). Conflicts with `forbidden_account_ids`. -* `assume_role` - (Optional) Configuration block for assuming an IAM role. See the [`assume_role` Configuration Block](#assume_role-configuration-block) section below. Only one `assume_role` block may be in the configuration. -* `assume_role_with_web_identity` - (Optional) Configuration block for assuming an IAM role using a web identity. See the [`assume_role_with_web_identity` Configuration Block](#assume_role_with_web_identity-configuration-block) section below. Only one `assume_role_with_web_identity` block may be in the configuration. -* `custom_ca_bundle` - (Optional) File containing custom root and intermediate certificates. +- `access_key` - (Optional) AWS access key. Can also be set with the `AWS_ACCESS_KEY_ID` environment variable, or via a shared credentials file if `profile` is specified. See also `secret_key`. +- `allowed_account_ids` - (Optional) List of allowed AWS account IDs to prevent you from mistakenly using an incorrect one (and potentially end up destroying a live environment). Conflicts with `forbidden_account_ids`. +- `assume_role` - (Optional) Configuration block for assuming an IAM role. See the [`assume_role` Configuration Block](#assume_role-configuration-block) section below. Only one `assume_role` block may be in the configuration. +- `assume_role_with_web_identity` - (Optional) Configuration block for assuming an IAM role using a web identity. See the [`assume_role_with_web_identity` Configuration Block](#assume_role_with_web_identity-configuration-block) section below. Only one `assume_role_with_web_identity` block may be in the configuration. +- `custom_ca_bundle` - (Optional) File containing custom root and intermediate certificates. Can also be set using the `AWS_CA_BUNDLE` environment variable. Setting `ca_bundle` in the shared config file is not supported. -* `default_tags` - (Optional) Configuration block with resource tag settings to apply across all resources handled by this provider (see the [Terraform multiple provider instances documentation](/docs/configuration/providers.html#alias-multiple-provider-instances) for more information about additional provider configurations). This is designed to replace redundant per-resource `tags` configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the `tags` argument within a resource to configure new tag values for matching keys. See the [`default_tags`](#default_tags-configuration-block) Configuration Block section below for example usage and available arguments. This functionality is supported in all resources that implement `tags`, with the exception of the `aws_autoscaling_group` resource. -* `ec2_metadata_service_endpoint` - (Optional) Address of the EC2 metadata service (IMDS) endpoint to use. Can also be set with the `AWS_EC2_METADATA_SERVICE_ENDPOINT` environment variable. -* `ec2_metadata_service_endpoint_mode` - (Optional) Mode to use in communicating with the metadata service. Valid values are `IPv4` and `IPv6`. Can also be set with the `AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE` environment variable. -* `endpoints` - (Optional) Configuration block for customizing service endpoints. See the [Custom Service Endpoints Guide](/docs/providers/aws/guides/custom-service-endpoints.html) for more information about connecting to alternate AWS endpoints or AWS compatible solutions. See also `use_fips_endpoint`. -* `forbidden_account_ids` - (Optional) List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with `allowed_account_ids`. -* `http_proxy` - (Optional) Address of an HTTP proxy to use when accessing the AWS API. Can also be set using the `HTTP_PROXY` or `HTTPS_PROXY` environment variables. -* `ignore_tags` - (Optional) Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as `aws_ec2_tag`) for situations where external systems are managing certain resource tags. Arguments to the configuration block are described below in the `ignore_tags` Configuration Block section. See the [Terraform multiple provider instances documentation](https://www.terraform.io/docs/configuration/providers.html#alias-multiple-provider-configurations) for more information about additional provider configurations. -* `insecure` - (Optional) Whether to explicitly allow the provider to perform "insecure" SSL requests. If omitted, the default value is `false`. -* `max_retries` - (Optional) Maximum number of times an API call is retried when AWS throttles requests or you experience transient failures. +- `default_tags` - (Optional) Configuration block with resource tag settings to apply across all resources handled by this provider (see the [Terraform multiple provider instances documentation](/docs/configuration/providers.html#alias-multiple-provider-instances) for more information about additional provider configurations). This is designed to replace redundant per-resource `tags` configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the `tags` argument within a resource to configure new tag values for matching keys. See the [`default_tags`](#default_tags-configuration-block) Configuration Block section below for example usage and available arguments. This functionality is supported in all resources that implement `tags`, with the exception of the `aws_autoscaling_group` resource. +- `ec2_metadata_service_endpoint` - (Optional) Address of the EC2 metadata service (IMDS) endpoint to use. Can also be set with the `AWS_EC2_METADATA_SERVICE_ENDPOINT` environment variable. +- `ec2_metadata_service_endpoint_mode` - (Optional) Mode to use in communicating with the metadata service. Valid values are `IPv4` and `IPv6`. Can also be set with the `AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE` environment variable. +- `endpoints` - (Optional) Configuration block for customizing service endpoints. See the [Custom Service Endpoints Guide](/docs/providers/aws/guides/custom-service-endpoints.html) for more information about connecting to alternate AWS endpoints or AWS compatible solutions. See also `use_fips_endpoint`. +- `forbidden_account_ids` - (Optional) List of forbidden AWS account IDs to prevent you from mistakenly using the wrong one (and potentially end up destroying a live environment). Conflicts with `allowed_account_ids`. +- `http_proxy` - (Optional) Address of an HTTP proxy to use when accessing the AWS API. Can also be set using the `HTTP_PROXY` or `HTTPS_PROXY` environment variables. +- `ignore_tags` - (Optional) Configuration block with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as `aws_ec2_tag`) for situations where external systems are managing certain resource tags. Arguments to the configuration block are described below in the `ignore_tags` Configuration Block section. See the [Terraform multiple provider instances documentation](https://www.terraform.io/docs/configuration/providers.html#alias-multiple-provider-configurations) for more information about additional provider configurations. +- `insecure` - (Optional) Whether to explicitly allow the provider to perform "insecure" SSL requests. If omitted, the default value is `false`. +- `max_retries` - (Optional) Maximum number of times an API call is retried when AWS throttles requests or you experience transient failures. The delay between the subsequent API calls increases exponentially. If omitted, the default value is `25`. Can also be set using the environment variable `AWS_MAX_ATTEMPTS` and the shared configuration parameter `max_attempts`. -* `profile` - (Optional) AWS profile name as set in the shared configuration and credentials files. +- `profile` - (Optional) AWS profile name as set in the shared configuration and credentials files. Can also be set using either the environment variables `AWS_PROFILE` or `AWS_DEFAULT_PROFILE`. -* `region` - (Optional) AWS region where the provider will operate. The region must be set. +- `region` - (Optional) AWS region where the provider will operate. The region must be set. Can also be set with either the `AWS_REGION` or `AWS_DEFAULT_REGION` environment variables, or via a shared config file parameter `region` if `profile` is used. If credentials are retrieved from the EC2 Instance Metadata Service, the region can also be retrieved from the metadata. -* `retry_mode` - (Optional) Specifies how retries are attempted. +- `retry_mode` - (Optional) Specifies how retries are attempted. Valid values are `standard` and `adaptive`. Can also be configured using the `AWS_RETRY_MODE` environment variable or the shared config file parameter `retry_mode`. -* `s3_use_path_style` - (Optional) Whether to enable the request to use path-style addressing, i.e., `https://s3.amazonaws.com/BUCKET/KEY`. +- `s3_use_path_style` - (Optional) Whether to enable the request to use path-style addressing, i.e., `https://s3.amazonaws.com/BUCKET/KEY`. By default, the S3 client will use virtual hosted bucket addressing, `https://BUCKET.s3.amazonaws.com/KEY`, when possible. Specific to the Amazon S3 service. -* `s3_eu_west_1_regional_endpoint` - (Optional) Specifies whether S3 API calls in the `eu-west-1` region use the legacy global endpoint or a regional endpoint. +- `s3_eu_west_1_regional_endpoint` - (Optional) Specifies whether S3 API calls in the `eu-west-1` region use the legacy global endpoint or a regional endpoint. Valid values are `legacy` or `regional`. Can also be configured using the `AWS_S3_eu_west_1_REGIONAL_ENDPOINT` environment variable or the `s3_eu_west_1_regional_endpoint` shared config file parameter. Specific to the Amazon S3 service. -* `secret_key` - (Optional) AWS secret key. Can also be set with the `AWS_SECRET_ACCESS_KEY` environment variable, or via a shared configuration and credentials files if `profile` is used. See also `access_key`. -* `shared_config_files` - (Optional) List of paths to AWS shared config files. If not set, the default is `[~/.aws/config]`. A single value can also be set with the `AWS_CONFIG_FILE` environment variable. -* `shared_credentials_files` - (Optional) List of paths to the shared credentials file. If not set and a profile is used, the default value is `[~/.aws/credentials]`. A single value can also be set with the `AWS_SHARED_CREDENTIALS_FILE` environment variable. -* `skip_credentials_validation` - (Optional) Whether to skip credentials validation via the STS API. This can be useful for testing and for AWS API implementations that do not have STS available. -* `skip_metadata_api_check` - (Optional) Whether to skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to `true` prevents Terraform from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables. -* `skip_region_validation` - (Optional) Whether to skip validating the region. Useful for AWS-like implementations that use their own region names or to bypass the validation for regions that aren't publicly available yet. -* `skip_requesting_account_id` - (Optional) Whether to skip requesting the account ID. Useful for AWS API implementations that do not have the IAM, STS API, or metadata API. When set to `true` and not determined previously, returns an empty account ID when manually constructing ARN attributes with the following: - - [`aws_appflow_flow` resource](/docs/providers/aws/r/appflow_flow.html) - - [`aws_appflow_connector_profile` resource](/docs/providers/aws/r/appflow_connector_profile.html) -* `token` - (Optional) Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials. Can also be set with the `AWS_SESSION_TOKEN` environment variable. -* `use_dualstack_endpoint` - (Optional) Force the provider to resolve endpoints with DualStack capability. Can also be set with the `AWS_USE_DUALSTACK_ENDPOINT` environment variable or in a shared config file (`use_dualstack_endpoint`). -* `use_fips_endpoint` - (Optional) Force the provider to resolve endpoints with FIPS capability. Can also be set with the `AWS_USE_FIPS_ENDPOINT` environment variable or in a shared config file (`use_fips_endpoint`). +- `secret_key` - (Optional) AWS secret key. Can also be set with the `AWS_SECRET_ACCESS_KEY` environment variable, or via a shared configuration and credentials files if `profile` is used. See also `access_key`. +- `shared_config_files` - (Optional) List of paths to AWS shared config files. If not set, the default is `[~/.aws/config]`. A single value can also be set with the `AWS_CONFIG_FILE` environment variable. +- `shared_credentials_files` - (Optional) List of paths to the shared credentials file. If not set and a profile is used, the default value is `[~/.aws/credentials]`. A single value can also be set with the `AWS_SHARED_CREDENTIALS_FILE` environment variable. +- `skip_credentials_validation` - (Optional) Whether to skip credentials validation via the STS API. This can be useful for testing and for AWS API implementations that do not have STS available. +- `skip_metadata_api_check` - (Optional) Whether to skip the AWS Metadata API check. Useful for AWS API implementations that do not have a metadata API endpoint. Setting to `true` prevents Terraform from authenticating via the Metadata API. You may need to use other authentication methods like static credentials, configuration variables, or environment variables. +- `skip_region_validation` - (Optional) Whether to skip validating the region. Useful for AWS-like implementations that use their own region names or to bypass the validation for regions that aren't publicly available yet. +- `skip_requesting_account_id` - (Optional) Whether to skip requesting the account ID. Useful for AWS API implementations that do not have the IAM, STS API, or metadata API. When set to `true` and not determined previously, returns an empty account ID when manually constructing ARN attributes with the following: + - [`aws_appflow_flow` resource](/docs/providers/aws/r/appflow_flow.html) + - [`aws_appflow_connector_profile` resource](/docs/providers/aws/r/appflow_connector_profile.html) +- `token` - (Optional) Session token for validating temporary credentials. Typically provided after successful identity federation or Multi-Factor Authentication (MFA) login. With MFA login, this is the session token provided afterward, not the 6 digit MFA code used to get temporary credentials. Can also be set with the `AWS_SESSION_TOKEN` environment variable. +- `use_dualstack_endpoint` - (Optional) Force the provider to resolve endpoints with DualStack capability. Can also be set with the `AWS_USE_DUALSTACK_ENDPOINT` environment variable or in a shared config file (`use_dualstack_endpoint`). +- `use_fips_endpoint` - (Optional) Force the provider to resolve endpoints with FIPS capability. Can also be set with the `AWS_USE_FIPS_ENDPOINT` environment variable or in a shared config file (`use_fips_endpoint`). ### assume_role Configuration Block The `assume_role` configuration block supports the following arguments: -* `duration` - (Optional) Duration of the assume role session. You can provide a value from 15 minutes up to the maximum session duration setting for the role. Represented by a string such as `1h`, `2h45m`, or `30m15s`. -* `external_id` - (Optional) External identifier to use when assuming the role. -* `policy` - (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. -* `policy_arns` - (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed. -* `role_arn` - (Required) ARN of the IAM Role to assume. -* `session_name` - (Optional) Session name to use when assuming the role. -* `source_identity` - (Optional) Source identity specified by the principal assuming the role. -* `tags` - (Optional) Map of assume role session tags. -* `transitive_tag_keys` - (Optional) Set of assume role session tag keys to pass to any subsequent sessions. +- `duration` - (Optional) Duration of the assume role session. You can provide a value from 15 minutes up to the maximum session duration setting for the role. Represented by a string such as `1h`, `2h45m`, or `30m15s`. +- `external_id` - (Optional) External identifier to use when assuming the role. +- `policy` - (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. +- `policy_arns` - (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed. +- `role_arn` - (Required) ARN of the IAM Role to assume. +- `session_name` - (Optional) Session name to use when assuming the role. +- `source_identity` - (Optional) Source identity specified by the principal assuming the role. +- `tags` - (Optional) Map of assume role session tags. +- `transitive_tag_keys` - (Optional) Set of assume role session tag keys to pass to any subsequent sessions. ### assume_role_with_web_identity Configuration Block The `assume_role_with_web_identity` configuration block supports the following arguments: -* `duration` - (Optional) Duration of the assume role session. +- `duration` - (Optional) Duration of the assume role session. You can provide a value from 15 minutes up to the maximum session duration setting for the role. Represented by a string such as `1h`, `2h45m`, or `30m15s`. -* `policy` - (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. -* `policy_arns` - (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed. -* `role_arn` - (Required) ARN of the IAM Role to assume. +- `policy` - (Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. +- `policy_arns` - (Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed. +- `role_arn` - (Required) ARN of the IAM Role to assume. Can also be set with the `AWS_ROLE_ARN` environment variable. -* `session_name` - (Optional) Session name to use when assuming the role. +- `session_name` - (Optional) Session name to use when assuming the role. Can also be set with the `AWS_ROLE_SESSION_NAME` environment variable. -* `web_identity_token` - (Optional) Value of a web identity token from an OpenID Connect (OIDC) or OAuth provider. +- `web_identity_token` - (Optional) Value of a web identity token from an OpenID Connect (OIDC) or OAuth provider. One of `web_identity_token` or `web_identity_token_file` is required. -* `web_identity_token_file` - (Optional) File containing a web identity token from an OpenID Connect (OIDC) or OAuth provider. +- `web_identity_token_file` - (Optional) File containing a web identity token from an OpenID Connect (OIDC) or OAuth provider. One of `web_identity_token_file` or `web_identity_token` is required. Can also be set with the `AWS_WEB_IDENTITY_TOKEN_FILE` environment variable. @@ -504,7 +503,7 @@ vpc_resource_level_tags = tomap({ The `default_tags` configuration block supports the following argument: -* `tags` - (Optional) Key-value map of tags to apply to all resources. +- `tags` - (Optional) Key-value map of tags to apply to all resources. ### ignore_tags Configuration Block @@ -520,8 +519,8 @@ provider "aws" { The `ignore_tags` configuration block supports the following arguments: -* `keys` - (Optional) List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Terraform from returning the tag in any `tags` attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or [`ignore_changes`](https://www.terraform.io/docs/configuration/meta-arguments/lifecycle.html#ignore_changes) is also used. -* `key_prefixes` - (Optional) List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Terraform from returning any tag key matching the prefixes in any `tags` attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or [`ignore_changes`](https://www.terraform.io/docs/configuration/meta-arguments/lifecycle.html#ignore_changes) is also used. +- `keys` - (Optional) List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Terraform from returning the tag in any `tags` attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or [`ignore_changes`](https://www.terraform.io/docs/configuration/meta-arguments/lifecycle.html#ignore_changes) is also used. +- `key_prefixes` - (Optional) List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Terraform from returning any tag key matching the prefixes in any `tags` attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or [`ignore_changes`](https://www.terraform.io/docs/configuration/meta-arguments/lifecycle.html#ignore_changes) is also used. ## Getting the Account ID @@ -531,17 +530,17 @@ in order to compare it with allowed or forbidden IDs. Approaches differ per authentication providers: -* EC2 instance w/ IAM Instance Profile - [Metadata API](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) - is always used. Introduced in Terraform `0.6.16`. -* All other providers (environment variable, shared credentials file, ...) - will try three approaches in the following order - * `iam:GetUser` - Typically useful for IAM Users. It also means - that each user needs to be privileged to call `iam:GetUser` for themselves. - * `sts:GetCallerIdentity` - _Should_ work for both IAM Users and federated IAM Roles, - introduced in Terraform `0.6.16`. - * `iam:ListRoles` - This is specifically useful for IdP-federated profiles - which cannot use `iam:GetUser`. It also means that each federated user - need to be _assuming_ an IAM role which allows `iam:ListRoles`. - Used in Terraform `0.6.16+`. - There used to be no better way to get account ID out of the API - when using the federated account until `sts:GetCallerIdentity` was introduced. +- EC2 instance w/ IAM Instance Profile - [Metadata API](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) + is always used. Introduced in Terraform `0.6.16`. +- All other providers (environment variable, shared credentials file, ...) + will try three approaches in the following order + - `iam:GetUser` - Typically useful for IAM Users. It also means + that each user needs to be privileged to call `iam:GetUser` for themselves. + - `sts:GetCallerIdentity` - _Should_ work for both IAM Users and federated IAM Roles, + introduced in Terraform `0.6.16`. + - `iam:ListRoles` - This is specifically useful for IdP-federated profiles + which cannot use `iam:GetUser`. It also means that each federated user + need to be _assuming_ an IAM role which allows `iam:ListRoles`. + Used in Terraform `0.6.16+`. + There used to be no better way to get account ID out of the API + when using the federated account until `sts:GetCallerIdentity` was introduced. diff --git a/docs/resources/appflow_connector_profile.md b/docs/resources/appflow_connector_profile.md index ce3976b..7d53970 100644 --- a/docs/resources/appflow_connector_profile.md +++ b/docs/resources/appflow_connector_profile.md @@ -18,12 +18,10 @@ For specific information about creating an AppFlow connector profile, see the [![](https://github.com/cloudbuzzbyone/terraform-provider-appflow/assets/110726427/99c0e37e-82fb-4df2-9099-d796cc313ebf)](mailto://info@cloudbuzz.co.il) - ### 🇮🇱 [We Stand with Israel!](https://cloudbuzz.co.il) 🇮🇱 [![](https://github.com/cloudbuzzbyone/terraform-provider-appflow/assets/110726427/e7cd93a1-105e-4c43-b6ab-fe5029c92b2e)](https://cloudbuzz.co.il) - ## Example Usage ```terraform @@ -93,240 +91,240 @@ resource "aws_appflow_connector_profile" "example" { The AppFlow connector profile argument layout is a complex structure. The following top-level arguments are supports: -* `name ` (Required) - Name of the connector profile. The name is unique for each `ConnectorProfile` in your AWS account. -* `connection_mode` (Required) - Indicates the connection mode and specifies whether it is public or private. Private flows use AWS PrivateLink to route data over AWS infrastructure without exposing it to the public internet. One of: `Public`, `Private`. -* `connector_label` (Optional) - The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for `CustomConnector` connector type. -* `connector_profile_config` (Required) - Defines the connector-specific configuration and credentials. See [Connector Profile Config](#connector-profile-config) for more details. -* `connector_type` (Required) - The type of connector. One of: `Amplitude`, `CustomConnector`, `CustomerProfiles`, `Datadog`, `Dynatrace`, `EventBridge`, `Googleanalytics`, `Honeycode`, `Infornexus`, `LookoutMetrics`, `Marketo`, `Redshift`, `S3`, `Salesforce`, `SAPOData`, `Servicenow`, `Singular`, `Slack`, `Snowflake`, `Trendmicro`, `Upsolver`, `Veeva`, `Zendesk`. -* `kms_arn` (Optional) - ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key. +- `name ` (Required) - Name of the connector profile. The name is unique for each `ConnectorProfile` in your AWS account. +- `connection_mode` (Required) - Indicates the connection mode and specifies whether it is public or private. Private flows use AWS PrivateLink to route data over AWS infrastructure without exposing it to the public internet. One of: `Public`, `Private`. +- `connector_label` (Optional) - The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for `CustomConnector` connector type. +- `connector_profile_config` (Required) - Defines the connector-specific configuration and credentials. See [Connector Profile Config](#connector-profile-config) for more details. +- `connector_type` (Required) - The type of connector. One of: `Amplitude`, `CustomConnector`, `CustomerProfiles`, `Datadog`, `Dynatrace`, `EventBridge`, `Googleanalytics`, `Honeycode`, `Infornexus`, `LookoutMetrics`, `Marketo`, `Redshift`, `S3`, `Salesforce`, `SAPOData`, `Servicenow`, `Singular`, `Slack`, `Snowflake`, `Trendmicro`, `Upsolver`, `Veeva`, `Zendesk`. +- `kms_arn` (Optional) - ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key. ### Connector Profile Config -* `connector_profile_credentials` (Required) - The connector-specific credentials required by each connector. See [Connector Profile Credentials](#connector-profile-credentials) for more details. -* `connector_profile_properties` (Required) - The connector-specific properties of the profile configuration. See [Connector Profile Properties](#connector-profile-properties) for more details. +- `connector_profile_credentials` (Required) - The connector-specific credentials required by each connector. See [Connector Profile Credentials](#connector-profile-credentials) for more details. +- `connector_profile_properties` (Required) - The connector-specific properties of the profile configuration. See [Connector Profile Properties](#connector-profile-properties) for more details. ### Connector Profile Credentials -* `amplitude` (Optional) - The connector-specific credentials required when using Amplitude. See [Amplitude Connector Profile Credentials](#amplitude-connector-profile-credentials) for more details. -* `custom_connector` (Optional) - The connector-specific profile credentials required when using the custom connector. See [Custom Connector Profile Credentials](#custom-connector-profile-credentials) for more details. -* `datadog` (Optional) - Connector-specific credentials required when using Datadog. See [Datadog Connector Profile Credentials](#datadog-connector-profile-credentials) for more details. -* `dynatrace` (Optional) - The connector-specific credentials required when using Dynatrace. See [Dynatrace Connector Profile Credentials](#dynatrace-connector-profile-credentials) for more details. -* `google_analytics` (Optional) - The connector-specific credentials required when using Google Analytics. See [Google Analytics Connector Profile Credentials](#google-analytics-connector-profile-credentials) for more details. -* `honeycode` (Optional) - The connector-specific credentials required when using Amazon Honeycode. See [Honeycode Connector Profile Credentials](#honeycode-connector-profile-credentials) for more details. -* `infor_nexus` (Optional) - The connector-specific credentials required when using Infor Nexus. See [Infor Nexus Connector Profile Credentials](#infor-nexus-connector-profile-credentials) for more details. -* `marketo` (Optional) - Connector-specific credentials required when using Marketo. See [Marketo Connector Profile Credentials](#marketo-connector-profile-credentials) for more details. -* `redshift` (Optional) - Connector-specific credentials required when using Amazon Redshift. See [Redshift Connector Profile Credentials](#redshift-connector-profile-credentials) for more details. -* `salesforce` (Optional) - The connector-specific credentials required when using Salesforce. See [Salesforce Connector Profile Credentials](#salesforce-connector-profile-credentials) for more details. -* `sapo_data` (Optional) - The connector-specific credentials required when using SAPOData. See [SAPOData Connector Profile Credentials](#sapodata-connector-profile-credentials) for more details. -* `service_now` (Optional) - The connector-specific credentials required when using ServiceNow. See [ServiceNow Connector Profile Credentials](#servicenow-connector-profile-credentials) for more details. -* `singular` (Optional) - Connector-specific credentials required when using Singular. See [Singular Connector Profile Credentials](#singular-connector-profile-credentials) for more details. -* `slack` (Optional) - Connector-specific credentials required when using Slack. See [Slack Connector Profile Credentials](#amplitude-connector-profile-credentials) for more details. -* `snowflake` (Optional) - The connector-specific credentials required when using Snowflake. See [Snowflake Connector Profile Credentials](#snowflake-connector-profile-credentials) for more details. -* `trendmicro` (Optional) - The connector-specific credentials required when using Trend Micro. See [Trend Micro Connector Profile Credentials](#trendmicro-connector-profile-credentials) for more details. -* `veeva` (Optional) - Connector-specific credentials required when using Veeva. See [Veeva Connector Profile Credentials](#veeva-connector-profile-credentials) for more details. -* `zendesk` (Optional) - Connector-specific credentials required when using Zendesk. See [Zendesk Connector Profile Credentials](#zendesk-connector-profile-credentials) for more details. +- `amplitude` (Optional) - The connector-specific credentials required when using Amplitude. See [Amplitude Connector Profile Credentials](#amplitude-connector-profile-credentials) for more details. +- `custom_connector` (Optional) - The connector-specific profile credentials required when using the custom connector. See [Custom Connector Profile Credentials](#custom-connector-profile-credentials) for more details. +- `datadog` (Optional) - Connector-specific credentials required when using Datadog. See [Datadog Connector Profile Credentials](#datadog-connector-profile-credentials) for more details. +- `dynatrace` (Optional) - The connector-specific credentials required when using Dynatrace. See [Dynatrace Connector Profile Credentials](#dynatrace-connector-profile-credentials) for more details. +- `google_analytics` (Optional) - The connector-specific credentials required when using Google Analytics. See [Google Analytics Connector Profile Credentials](#google-analytics-connector-profile-credentials) for more details. +- `honeycode` (Optional) - The connector-specific credentials required when using Amazon Honeycode. See [Honeycode Connector Profile Credentials](#honeycode-connector-profile-credentials) for more details. +- `infor_nexus` (Optional) - The connector-specific credentials required when using Infor Nexus. See [Infor Nexus Connector Profile Credentials](#infor-nexus-connector-profile-credentials) for more details. +- `marketo` (Optional) - Connector-specific credentials required when using Marketo. See [Marketo Connector Profile Credentials](#marketo-connector-profile-credentials) for more details. +- `redshift` (Optional) - Connector-specific credentials required when using Amazon Redshift. See [Redshift Connector Profile Credentials](#redshift-connector-profile-credentials) for more details. +- `salesforce` (Optional) - The connector-specific credentials required when using Salesforce. See [Salesforce Connector Profile Credentials](#salesforce-connector-profile-credentials) for more details. +- `sapo_data` (Optional) - The connector-specific credentials required when using SAPOData. See [SAPOData Connector Profile Credentials](#sapodata-connector-profile-credentials) for more details. +- `service_now` (Optional) - The connector-specific credentials required when using ServiceNow. See [ServiceNow Connector Profile Credentials](#servicenow-connector-profile-credentials) for more details. +- `singular` (Optional) - Connector-specific credentials required when using Singular. See [Singular Connector Profile Credentials](#singular-connector-profile-credentials) for more details. +- `slack` (Optional) - Connector-specific credentials required when using Slack. See [Slack Connector Profile Credentials](#amplitude-connector-profile-credentials) for more details. +- `snowflake` (Optional) - The connector-specific credentials required when using Snowflake. See [Snowflake Connector Profile Credentials](#snowflake-connector-profile-credentials) for more details. +- `trendmicro` (Optional) - The connector-specific credentials required when using Trend Micro. See [Trend Micro Connector Profile Credentials](#trendmicro-connector-profile-credentials) for more details. +- `veeva` (Optional) - Connector-specific credentials required when using Veeva. See [Veeva Connector Profile Credentials](#veeva-connector-profile-credentials) for more details. +- `zendesk` (Optional) - Connector-specific credentials required when using Zendesk. See [Zendesk Connector Profile Credentials](#zendesk-connector-profile-credentials) for more details. #### Amplitude Connector Profile Credentials -* `api_key` (Required) - Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. -* `secret_key` (Required) - The Secret Access Key portion of the credentials. +- `api_key` (Required) - Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. +- `secret_key` (Required) - The Secret Access Key portion of the credentials. #### Custom Connector Profile Credentials -* `api_key` (Optional) - API keys required for the authentication of the user. - * `api_key` (Required) - The API key required for API key authentication. - * `api_secret_key` (Optional) - The API secret key required for API key authentication. -* `authentication_type` (Required) - The authentication type that the custom connector uses for authenticating while creating a connector profile. One of: `APIKEY`, `BASIC`, `CUSTOM`, `OAUTH2`. -* `basic` (Optional) - Basic credentials that are required for the authentication of the user. - * `password` (Required) - The password to use to connect to a resource. - * `username` (Required) - The username to use to connect to a resource. -* `custom` (Optional) - If the connector uses the custom authentication mechanism, this holds the required credentials. - * `credentials_map` (Optional) - A map that holds custom authentication credentials. - * `custom_authentication_type` (Required) - The custom authentication type that the connector uses. -* `oauth2` (Optional) - OAuth 2.0 credentials required for the authentication of the user. - * `access_token` (Optional) - The access token used to access the connector on your behalf. - * `client_id` (Optional) - The identifier for the desired client. - * `client_secret` (Optional) - The client secret used by the OAuth client to authenticate to the authorization server. - * `oauth_request` (Optional) - Used by select connectors for which the OAuth workflow is supported. See [OAuth Request](#oauth-request) for more details. - * `refresh_token` (Optional) - The refresh token used to refresh an expired access token. +- `api_key` (Optional) - API keys required for the authentication of the user. + - `api_key` (Required) - The API key required for API key authentication. + - `api_secret_key` (Optional) - The API secret key required for API key authentication. +- `authentication_type` (Required) - The authentication type that the custom connector uses for authenticating while creating a connector profile. One of: `APIKEY`, `BASIC`, `CUSTOM`, `OAUTH2`. +- `basic` (Optional) - Basic credentials that are required for the authentication of the user. + - `password` (Required) - The password to use to connect to a resource. + - `username` (Required) - The username to use to connect to a resource. +- `custom` (Optional) - If the connector uses the custom authentication mechanism, this holds the required credentials. + - `credentials_map` (Optional) - A map that holds custom authentication credentials. + - `custom_authentication_type` (Required) - The custom authentication type that the connector uses. +- `oauth2` (Optional) - OAuth 2.0 credentials required for the authentication of the user. + - `access_token` (Optional) - The access token used to access the connector on your behalf. + - `client_id` (Optional) - The identifier for the desired client. + - `client_secret` (Optional) - The client secret used by the OAuth client to authenticate to the authorization server. + - `oauth_request` (Optional) - Used by select connectors for which the OAuth workflow is supported. See [OAuth Request](#oauth-request) for more details. + - `refresh_token` (Optional) - The refresh token used to refresh an expired access token. #### Datadog Connector Profile Credentials -* `api_key` (Required) - Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. -* `application_key` (Required) - Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API. +- `api_key` (Required) - Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. +- `application_key` (Required) - Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API. #### Dynatrace Connector Profile Credentials -* `api_token` (Required) - The API tokens used by Dynatrace API to authenticate various API calls. +- `api_token` (Required) - The API tokens used by Dynatrace API to authenticate various API calls. #### Google Analytics Connector Profile Credentials -* `access_token` (Optional) - The credentials used to access protected Google Analytics resources. -* `client_id` (Required) - The identifier for the desired client. -* `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. -* `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. -* `refresh_token` (Optional) - The credentials used to acquire new access tokens. This is required only for OAuth2 access tokens, and is not required for OAuth1 access tokens. +- `access_token` (Optional) - The credentials used to access protected Google Analytics resources. +- `client_id` (Required) - The identifier for the desired client. +- `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. +- `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. +- `refresh_token` (Optional) - The credentials used to acquire new access tokens. This is required only for OAuth2 access tokens, and is not required for OAuth1 access tokens. #### Honeycode Connector Profile Credentials -* `access_token` (Optional) - The credentials used to access protected Amazon Honeycode resources. -* `oauth_request` (Optional) - Used by select connectors for which the OAuth workflow is supported, such as Salesforce, Google Analytics, Marketo, Zendesk, and Slack. See [OAuth Request](#oauth-request) for more details. -* `refresh_token` (Optional) - The credentials used to acquire new access tokens. +- `access_token` (Optional) - The credentials used to access protected Amazon Honeycode resources. +- `oauth_request` (Optional) - Used by select connectors for which the OAuth workflow is supported, such as Salesforce, Google Analytics, Marketo, Zendesk, and Slack. See [OAuth Request](#oauth-request) for more details. +- `refresh_token` (Optional) - The credentials used to acquire new access tokens. #### Infor Nexus Connector Profile Credentials -* `access_key_id` (Required) - The Access Key portion of the credentials. -* `datakey` (Required) - Encryption keys used to encrypt data. -* `secret_access_key` (Required) - The secret key used to sign requests. -* `user_id` (Required) - Identifier for the user. +- `access_key_id` (Required) - The Access Key portion of the credentials. +- `datakey` (Required) - Encryption keys used to encrypt data. +- `secret_access_key` (Required) - The secret key used to sign requests. +- `user_id` (Required) - Identifier for the user. #### Marketo Connector Profile Credentials -* `access_token` (Optional) - The credentials used to access protected Marketo resources. -* `client_id` (Required) - The identifier for the desired client. -* `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. -* `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. +- `access_token` (Optional) - The credentials used to access protected Marketo resources. +- `client_id` (Required) - The identifier for the desired client. +- `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. +- `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. #### Redshift Connector Profile Credentials -* `password` (Required) - Password that corresponds to the user name. -* `username` (Required) - Name of the user. +- `password` (Required) - Password that corresponds to the user name. +- `username` (Required) - Name of the user. #### Salesforce Connector Profile Credentials -* `access_token` (Optional) - The credentials used to access protected Salesforce resources. -* `client_credentials_arn` (Optional) - The secret manager ARN, which contains the client ID and client secret of the connected app. -* `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. -* `refresh_token` (Optional) - The credentials used to acquire new access tokens. +- `access_token` (Optional) - The credentials used to access protected Salesforce resources. +- `client_credentials_arn` (Optional) - The secret manager ARN, which contains the client ID and client secret of the connected app. +- `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. +- `refresh_token` (Optional) - The credentials used to acquire new access tokens. #### SAPOData Connector Profile Credentials -* `basic_auth_credentials` (Optional) - The SAPOData basic authentication credentials. - * `password` (Required) - The password to use to connect to a resource. - * `username` (Required) - The username to use to connect to a resource. -* `oauth_credentials` (Optional) - The SAPOData OAuth type authentication credentials. - * `access_token` (Optional) - The access token used to access protected SAPOData resources. - * `client_id` (Required) - The identifier for the desired client. - * `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. - * `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. - * `refresh_token` (Optional) - The refresh token used to refresh expired access token. +- `basic_auth_credentials` (Optional) - The SAPOData basic authentication credentials. + - `password` (Required) - The password to use to connect to a resource. + - `username` (Required) - The username to use to connect to a resource. +- `oauth_credentials` (Optional) - The SAPOData OAuth type authentication credentials. + - `access_token` (Optional) - The access token used to access protected SAPOData resources. + - `client_id` (Required) - The identifier for the desired client. + - `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. + - `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. + - `refresh_token` (Optional) - The refresh token used to refresh expired access token. #### ServiceNow Connector Profile Credentials -* `password` (Required) - Password that corresponds to the user name. -* `username` (Required) - Name of the user. +- `password` (Required) - Password that corresponds to the user name. +- `username` (Required) - Name of the user. #### Singular Connector Profile Credentials -* `api_key` (Required) - Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. +- `api_key` (Required) - Unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. #### Slack Connector Profile Credentials -* `access_token` (Optional) - The credentials used to access protected Slack resources. -* `client_id` (Required) - The identifier for the client. -* `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. -* `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. +- `access_token` (Optional) - The credentials used to access protected Slack resources. +- `client_id` (Required) - The identifier for the client. +- `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. +- `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. #### Snowflake Connector Profile Credentials -* `password` (Required) - Password that corresponds to the user name. -* `username` (Required) - Name of the user. +- `password` (Required) - Password that corresponds to the user name. +- `username` (Required) - Name of the user. #### Trendmicro Connector Profile Credentials -* `api_secret_key` (Required) - The Secret Access Key portion of the credentials. +- `api_secret_key` (Required) - The Secret Access Key portion of the credentials. #### Veeva Connector Profile Credentials -* `password` (Required) - Password that corresponds to the user name. -* `username` (Required) - Name of the user. +- `password` (Required) - Password that corresponds to the user name. +- `username` (Required) - Name of the user. #### Zendesk Connector Profile Credentials -* `access_token` (Optional) - The credentials used to access protected Zendesk resources. -* `client_id` (Required) - The identifier for the desired client. -* `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. -* `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. +- `access_token` (Optional) - The credentials used to access protected Zendesk resources. +- `client_id` (Required) - The identifier for the desired client. +- `client_secret` (Required) - The client secret used by the OAuth client to authenticate to the authorization server. +- `oauth_request` (Optional) - The OAuth requirement needed to request security tokens from the connector endpoint. See [OAuth Request](#oauth-request) for more details. ##### OAuth Request -* `auth_code` (Optional) - The code provided by the connector when it has been authenticated via the connected app. -* `redirect_uri` (Optional) - The URL to which the authentication server redirects the browser after authorization has been granted. +- `auth_code` (Optional) - The code provided by the connector when it has been authenticated via the connected app. +- `redirect_uri` (Optional) - The URL to which the authentication server redirects the browser after authorization has been granted. ### Connector Profile Properties -* `custom_connector` (Optional) - The connector-specific profile properties required when using the custom connector. See [Custom Connector Profile Properties](#custom-connector-profile-properties) for more details. -* `datadog` (Optional) - Connector-specific properties required when using Datadog. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. -* `dynatrace` (Optional) - The connector-specific properties required when using Dynatrace. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. -* `infor_nexus` (Optional) - The connector-specific properties required when using Infor Nexus. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. -* `marketo` (Optional) - Connector-specific properties required when using Marketo. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. -* `redshift` (Optional) - Connector-specific properties required when using Amazon Redshift. See [Redshift Connector Profile Properties](#redshift-connector-profile-properties) for more details. -* `salesforce` (Optional) - The connector-specific properties required when using Salesforce. See [Salesforce Connector Profile Properties](#salesforce-connector-profile-properties) for more details. -* `sapo_data` (Optional) - The connector-specific properties required when using SAPOData. See [SAPOData Connector Profile Properties](#sapodata-connector-profile-properties) for more details. -* `service_now` (Optional) - The connector-specific properties required when using ServiceNow. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. -* `slack` (Optional) - Connector-specific properties required when using Slack. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. -* `snowflake` (Optional) - The connector-specific properties required when using Snowflake. See [Snowflake Connector Profile Properties](#snowflake-connector-profile-properties) for more details. -* `veeva` (Optional) - Connector-specific properties required when using Veeva. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. -* `zendesk` (Optional) - Connector-specific properties required when using Zendesk. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `custom_connector` (Optional) - The connector-specific profile properties required when using the custom connector. See [Custom Connector Profile Properties](#custom-connector-profile-properties) for more details. +- `datadog` (Optional) - Connector-specific properties required when using Datadog. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `dynatrace` (Optional) - The connector-specific properties required when using Dynatrace. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `infor_nexus` (Optional) - The connector-specific properties required when using Infor Nexus. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `marketo` (Optional) - Connector-specific properties required when using Marketo. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `redshift` (Optional) - Connector-specific properties required when using Amazon Redshift. See [Redshift Connector Profile Properties](#redshift-connector-profile-properties) for more details. +- `salesforce` (Optional) - The connector-specific properties required when using Salesforce. See [Salesforce Connector Profile Properties](#salesforce-connector-profile-properties) for more details. +- `sapo_data` (Optional) - The connector-specific properties required when using SAPOData. See [SAPOData Connector Profile Properties](#sapodata-connector-profile-properties) for more details. +- `service_now` (Optional) - The connector-specific properties required when using ServiceNow. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `slack` (Optional) - Connector-specific properties required when using Slack. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `snowflake` (Optional) - The connector-specific properties required when using Snowflake. See [Snowflake Connector Profile Properties](#snowflake-connector-profile-properties) for more details. +- `veeva` (Optional) - Connector-specific properties required when using Veeva. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. +- `zendesk` (Optional) - Connector-specific properties required when using Zendesk. See [Generic Connector Profile Properties](#generic-connector-profile-properties) for more details. #### Custom Connector Profile Properties -* `oauth2_properties` (Optional) - The OAuth 2.0 properties required for OAuth 2.0 authentication. - * `oauth2_grant_type` (Required) - The OAuth 2.0 grant type used by connector for OAuth 2.0 authentication. One of: `AUTHORIZATION_CODE`, `CLIENT_CREDENTIALS`. - * `token_url` (Required) - The token URL required for OAuth 2.0 authentication. - * `token_url_custom_properties` (Optional) - Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request. -* `profile_properties` (Optional) - A map of properties that are required to create a profile for the custom connector. +- `oauth2_properties` (Optional) - The OAuth 2.0 properties required for OAuth 2.0 authentication. + - `oauth2_grant_type` (Required) - The OAuth 2.0 grant type used by connector for OAuth 2.0 authentication. One of: `AUTHORIZATION_CODE`, `CLIENT_CREDENTIALS`. + - `token_url` (Required) - The token URL required for OAuth 2.0 authentication. + - `token_url_custom_properties` (Optional) - Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request. +- `profile_properties` (Optional) - A map of properties that are required to create a profile for the custom connector. #### Generic Connector Profile Properties Datadog, Dynatrace, Infor Nexus, Marketo, ServiceNow, Slack, Veeva, and Zendesk all support the following attributes: -* `instance_url` (Required) - The location of the Datadog resource. +- `instance_url` (Required) - The location of the Datadog resource. #### Redshift Connector Profile Properties -* `bucket_name` (Required) - A name for the associated Amazon S3 bucket. -* `bucket_prefix` (Optional) - The object key for the destination bucket in which Amazon AppFlow places the files. -* `cluster_identifier` (Optional) - The unique ID that's assigned to an Amazon Redshift cluster. -* `database_name` (Optional) - The name of an Amazon Redshift database. -* `database_url` (Required) - The JDBC URL of the Amazon Redshift cluster. -* `data_api_role_arn` (Optional) - ARN of the IAM role that permits AppFlow to access the database through Data API. -* `role_arn` (Required) - ARN of the IAM role. +- `bucket_name` (Required) - A name for the associated Amazon S3 bucket. +- `bucket_prefix` (Optional) - The object key for the destination bucket in which Amazon AppFlow places the files. +- `cluster_identifier` (Optional) - The unique ID that's assigned to an Amazon Redshift cluster. +- `database_name` (Optional) - The name of an Amazon Redshift database. +- `database_url` (Required) - The JDBC URL of the Amazon Redshift cluster. +- `data_api_role_arn` (Optional) - ARN of the IAM role that permits AppFlow to access the database through Data API. +- `role_arn` (Required) - ARN of the IAM role. #### Salesforce Connector Profile Properties -* `instance_url` (Optional) - The location of the Salesforce resource. -* `is_sandbox_environment` (Optional) - Indicates whether the connector profile applies to a sandbox or production environment. +- `instance_url` (Optional) - The location of the Salesforce resource. +- `is_sandbox_environment` (Optional) - Indicates whether the connector profile applies to a sandbox or production environment. #### SAPOData Connector Profile Properties -* `application_host_url` (Required) - The location of the SAPOData resource. -* `application_service_path` (Required) - The application path to catalog service. -* `client_number` (Required) - The client number for the client creating the connection. -* `logon_language` (Optional) - The logon language of SAPOData instance. -* `oauth_properties` (Optional) - The SAPOData OAuth properties required for OAuth type authentication. - * `auth_code_url` (Required) - The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication. - * `oauth_scopes` (Required) - The OAuth scopes required for OAuth type authentication. - * `token_url` (Required) - The token url required to fetch access/refresh tokens using authorization code and also to refresh expired access token using refresh token. -* `port_number` (Required) - The port number of the SAPOData instance. -* `private_link_service_name` (Optional) - The SAPOData Private Link service name to be used for private data transfers. +- `application_host_url` (Required) - The location of the SAPOData resource. +- `application_service_path` (Required) - The application path to catalog service. +- `client_number` (Required) - The client number for the client creating the connection. +- `logon_language` (Optional) - The logon language of SAPOData instance. +- `oauth_properties` (Optional) - The SAPOData OAuth properties required for OAuth type authentication. + - `auth_code_url` (Required) - The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication. + - `oauth_scopes` (Required) - The OAuth scopes required for OAuth type authentication. + - `token_url` (Required) - The token url required to fetch access/refresh tokens using authorization code and also to refresh expired access token using refresh token. +- `port_number` (Required) - The port number of the SAPOData instance. +- `private_link_service_name` (Optional) - The SAPOData Private Link service name to be used for private data transfers. #### Snowflake Connector Profile Properties -* `account_name` (Optional) - The name of the account. -* `bucket_name` (Required) - The name of the Amazon S3 bucket associated with Snowflake. -* `bucket_prefix` (Optional) - The bucket path that refers to the Amazon S3 bucket associated with Snowflake. -* `private_link_service_name` (Optional) - The Snowflake Private Link service name to be used for private data transfers. -* `region` (Optional) - AWS Region of the Snowflake account. -* `stage` (Required) - Name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the Snowflake account. This is written in the following format: `..`. -* `warehouse` (Required) - The name of the Snowflake warehouse. +- `account_name` (Optional) - The name of the account. +- `bucket_name` (Required) - The name of the Amazon S3 bucket associated with Snowflake. +- `bucket_prefix` (Optional) - The bucket path that refers to the Amazon S3 bucket associated with Snowflake. +- `private_link_service_name` (Optional) - The Snowflake Private Link service name to be used for private data transfers. +- `region` (Optional) - AWS Region of the Snowflake account. +- `stage` (Required) - Name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the Snowflake account. This is written in the following format: `..`. +- `warehouse` (Required) - The name of the Snowflake warehouse. ## Attribute Reference This resource exports the following attributes in addition to the arguments above: -* `arn` - ARN of the connector profile. -* `credentials_arn` - ARN of the connector profile credentials. +- `arn` - ARN of the connector profile. +- `credentials_arn` - ARN of the connector profile credentials. ## Import diff --git a/docs/resources/appflow_flow.md b/docs/resources/appflow_flow.md index aa53d36..1384775 100644 --- a/docs/resources/appflow_flow.md +++ b/docs/resources/appflow_flow.md @@ -14,12 +14,10 @@ Provides an AppFlow flow resource. [![](https://github.com/cloudbuzzbyone/terraform-provider-appflow/assets/110726427/99c0e37e-82fb-4df2-9099-d796cc313ebf)](mailto://info@cloudbuzz.co.il) - ### 🇮🇱 [We Stand with Israel!](https://cloudbuzz.co.il) 🇮🇱 [![](https://github.com/cloudbuzzbyone/terraform-provider-appflow/assets/110726427/e7cd93a1-105e-4c43-b6ab-fe5029c92b2e)](https://cloudbuzz.co.il) - ## Example Usage ```terraform @@ -27,14 +25,6 @@ resource "aws_s3_bucket" "example_source" { bucket = "example-source" } -variable "stand_with_israel" { - description = <<-EOF - I stand with Israel's right to defend itself, - to fight Antisemitism and hate, - and to ensure the safety of the Jewish people all around the world! - EOF -} - data "aws_iam_policy_document" "example_source" { statement { sid = "AllowAppFlowSourceActions" @@ -202,140 +192,141 @@ resource "aws_appflow_flow" "example" { This resource supports the following arguments: -* `name` - (Required) Name of the flow. -* `destination_flow_config` - (Required) A [Destination Flow Config](#destination-flow-config) that controls how Amazon AppFlow places data in the destination connector. -* `source_flow_config` - (Required) The [Source Flow Config](#source-flow-config) that controls how Amazon AppFlow retrieves data from the source connector. -* `task` - (Required) A [Task](#task) that Amazon AppFlow performs while transferring the data in the flow run. -* `trigger_config` - (Required) A [Trigger](#trigger-config) that determine how and when the flow runs. -* `description` - (Optional) Description of the flow you want to create. -* `kms_arn` - (Optional) ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key. -* `tags` - (Optional) Key-value mapping of resource tags. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. -* `tags_all` - Map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block). -* `flow_status` - (Required) Specifies the operational state of the flow. Valid values: - - `Active`: The flow operates based on its configuration. Scheduled flows run as per schedule, while event-triggered flows run upon detecting specified events. On-demand flows run only when manually triggered. - - `Suspended`: Deactivates an active flow. Scheduled and event-triggered flows cease to run until reactivated, with no effect on on-demand flows. +- `name` - (Required) Name of the flow. +- `destination_flow_config` - (Required) A [Destination Flow Config](#destination-flow-config) that controls how Amazon AppFlow places data in the destination connector. +- `source_flow_config` - (Required) The [Source Flow Config](#source-flow-config) that controls how Amazon AppFlow retrieves data from the source connector. +- `task` - (Required) A [Task](#task) that Amazon AppFlow performs while transferring the data in the flow run. +- `trigger_config` - (Required) A [Trigger](#trigger-config) that determine how and when the flow runs. +- `description` - (Optional) Description of the flow you want to create. +- `kms_arn` - (Optional) ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key. +- `tags` - (Optional) Key-value mapping of resource tags. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. +- `tags_all` - Map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block). +- `flow_status` - (Required) Specifies the operational state of the flow. Valid values: + - `Active` - The flow operates based on its configuration. Scheduled flows run as per schedule, while event-triggered flows run upon detecting specified events. On-demand flows run only when manually triggered. + - `Suspended` - Deactivates an active flow. Scheduled and event-triggered flows cease to run until reactivated, with no effect on on-demand flows. ### Destination Flow Config -* `connector_type` - (Required) Type of connector, such as Salesforce, Amplitude, and so on. Valid values are`S3` and `SAPOData`. -* `destination_connector_properties` - (Required) This stores the information that is required to query a particular connector. See [Destination Connector Properties](#destination-connector-properties) for more information. -* `api_version` - (Optional) API version that the destination connector uses. -* `connector_profile_name` - (Optional) Name of the connector profile. This name must be unique for each connector profile in the AWS account. +- `connector_type` - (Required) Type of connector, such as Salesforce, Amplitude, and so on. Valid values are`S3` and `SAPOData`. +- `destination_connector_properties` - (Required) This stores the information that is required to query a particular connector. See [Destination Connector Properties](#destination-connector-properties) for more information. +- `api_version` - (Optional) API version that the destination connector uses. +- `connector_profile_name` - (Optional) Name of the connector profile. This name must be unique for each connector profile in the AWS account. #### Destination Connector Properties -* `s3` - (Optional) Properties that are required to query Amazon S3. See [S3 Destination Properties](#s3-destination-properties) for more details. -* `sapo_data` - (Optional) Properties that are required to query SAPOData. See [SAPOData Destination Properties](#sapodata-destination-properties) for more details. +- `s3` - (Optional) Properties that are required to query Amazon S3. See [S3 Destination Properties](#s3-destination-properties) for more details. +- `sapo_data` - (Optional) Properties that are required to query SAPOData. See [SAPOData Destination Properties](#sapodata-destination-properties) for more details. ##### S3 Destination Properties -* `bucket_name` - (Required) Amazon S3 bucket name in which Amazon AppFlow places the transferred data. -* `bucket_prefix` - (Optional) Object key for the bucket in which Amazon AppFlow places the destination files. -* `s3_output_format_config` - (Optional) Configuration that determines how Amazon AppFlow should format the flow output data when Amazon S3 is used as the destination. See [S3 Output Format Config](#s3-output-format-config) for more details. +- `bucket_name` - (Required) Amazon S3 bucket name in which Amazon AppFlow places the transferred data. +- `bucket_prefix` - (Optional) Object key for the bucket in which Amazon AppFlow places the destination files. +- `s3_output_format_config` - (Optional) Configuration that determines how Amazon AppFlow should format the flow output data when Amazon S3 is used as the destination. See [S3 Output Format Config](#s3-output-format-config) for more details. ###### S3 Output Format Config -* `aggregation_config` - (Optional) Aggregation settings that you can use to customize the output format of your flow data. See [Aggregation Config](#aggregation-config) for more details. -* `file_type` - (Optional) File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`. -* `prefix_config` - (Optional) Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See [Prefix Config](#prefix-config) for more details. -* `preserve_source_data_typing` - (Optional, Boolean) Whether the data types from the source system need to be preserved (Only valid for `Parquet` file type) +- `aggregation_config` - (Optional) Aggregation settings that you can use to customize the output format of your flow data. See [Aggregation Config](#aggregation-config) for more details. +- `file_type` - (Optional) File type that Amazon AppFlow places in the Amazon S3 bucket. Valid values are `CSV`, `JSON`, and `PARQUET`. +- `prefix_config` - (Optional) Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. See [Prefix Config](#prefix-config) for more details. +- `preserve_source_data_typing` - (Optional, Boolean) Whether the data types from the source system need to be preserved (Only valid for `Parquet` file type) ##### SAPOData Destination Properties -* `object_path` - (Required) Object path specified in the SAPOData flow destination. -* `error_handling_config` - (Optional) Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See [Error Handling Config](#error-handling-config) for more details. -* `id_field_names` - (Optional) Name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update or delete. -* `success_response_handling_config` - (Optional) Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data. See [Success Response Handling Config](#success-response-handling-config) for more details. -* `write_operation` - (Optional) Possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation. Valid values are `INSERT`, `UPSERT`, `UPDATE`, and `DELETE`. +- `object_path` - (Required) Object path specified in the SAPOData flow destination. +- `error_handling_config` - (Optional) Settings that determine how Amazon AppFlow handles an error when placing data in the destination. See [Error Handling Config](#error-handling-config) for more details. +- `id_field_names` - (Optional) Name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update or delete. +- `success_response_handling_config` - (Optional) Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data. See [Success Response Handling Config](#success-response-handling-config) for more details. +- `write_operation` - (Optional) Possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation. Valid values are `INSERT`, `UPSERT`, `UPDATE`, and `DELETE`. ###### Success Response Handling Config -* `bucket_name` - (Optional) Name of the Amazon S3 bucket. -* `bucket_prefix` - (Optional) Amazon S3 bucket prefix. +- `bucket_name` - (Optional) Name of the Amazon S3 bucket. +- `bucket_prefix` - (Optional) Amazon S3 bucket prefix. ###### Aggregation Config -* `aggregation_type` - (Optional) Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`. +- `aggregation_type` - (Optional) Whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. Valid values are `None` and `SingleFile`. ###### Prefix Config -* `prefix_format` - (Optional) Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`. -* `prefix_type` - (Optional) Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`. +- `prefix_format` - (Optional) Determines the level of granularity that's included in the prefix. Valid values are `YEAR`, `MONTH`, `DAY`, `HOUR`, and `MINUTE`. +- `prefix_type` - (Optional) Determines the format of the prefix, and whether it applies to the file name, file path, or both. Valid values are `FILENAME`, `PATH`, and `PATH_AND_FILENAME`. ###### Error Handling Config -* `bucket_name` - (Optional) Name of the Amazon S3 bucket. -* `bucket_prefix` - (Optional) Amazon S3 bucket prefix. -* `fail_on_first_destination_error` - (Optional, boolean) If the flow should fail after the first instance of a failure when attempting to place data in the destination. +- `bucket_name` - (Optional) Name of the Amazon S3 bucket. +- `bucket_prefix` - (Optional) Amazon S3 bucket prefix. +- `fail_on_first_destination_error` - (Optional, boolean) If the flow should fail after the first instance of a failure when attempting to place data in the destination. ### Source Flow Config -* `connector_type` - (Required) Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `S3` and `SAPOData`. -* `source_connector_properties` - (Required) Information that is required to query a particular source connector. See [Source Connector Properties](#source-connector-properties) for details. -* `api_version` - (Optional) API version that the destination connector uses. -* `connector_profile_name` - (Optional) Name of the connector profile. This name must be unique for each connector profile in the AWS account. -* `incremental_pull_config` - (Optional) Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull. See [Incremental Pull Config](#incremental-pull-config) for more details. +- `connector_type` - (Required) Type of connector, such as Salesforce, Amplitude, and so on. Valid values are `S3` and `SAPOData`. +- `source_connector_properties` - (Required) Information that is required to query a particular source connector. See [Source Connector Properties](#source-connector-properties) for details. +- `api_version` - (Optional) API version that the destination connector uses. +- `connector_profile_name` - (Optional) Name of the connector profile. This name must be unique for each connector profile in the AWS account. +- `incremental_pull_config` - (Optional) Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull. See [Incremental Pull Config](#incremental-pull-config) for more details. #### Source Connector Properties -* `s3` - (Optional) Information that is required for querying Amazon S3. See [S3 Source Properties](#s3-source-properties) for more details. -* `sapo_data` - (Optional) Information that is required for querying SAPOData as a flow source. See [SAPO Source Properties](#sapodata-source-properties) for more details. +- `s3` - (Optional) Information that is required for querying Amazon S3. See [S3 Source Properties](#s3-source-properties) for more details. +- `sapo_data` - (Optional) Information that is required for querying SAPOData as a flow source. See [SAPO Source Properties](#sapodata-source-properties) for more details. ##### S3 Source Properties -* `bucket_name` - (Required) Amazon S3 bucket name where the source files are stored. -* `bucket_prefix` - (Optional) Object key for the Amazon S3 bucket in which the source files are stored. -* `s3_input_format_config` - (Optional) When you use Amazon S3 as the source, the configuration format that you provide the flow input data. See [S3 Input Format Config](#s3-input-format-config) for details. +- `bucket_name` - (Required) Amazon S3 bucket name where the source files are stored. +- `bucket_prefix` - (Optional) Object key for the Amazon S3 bucket in which the source files are stored. +- `s3_input_format_config` - (Optional) When you use Amazon S3 as the source, the configuration format that you provide the flow input data. See [S3 Input Format Config](#s3-input-format-config) for details. ###### S3 Input Format Config -* `s3_input_file_type` - (Optional) File type that Amazon AppFlow gets from your Amazon S3 bucket. Valid values are `CSV` and `JSON`. +- `s3_input_file_type` - (Optional) File type that Amazon AppFlow gets from your Amazon S3 bucket. Valid values are `CSV` and `JSON`. ##### SAPOData Source Properties -* `object_path` - (Required) Object path specified in the SAPOData flow source. -* `pagination_config` - (Optional) The maximum number of records that Amazon AppFlow receives in each page of the response from your SAP application. see [SAPOData Pagination Config](#sapodata-pagination-config) +- `object_path` - (Required) Object path specified in the SAPOData flow source. +- `pagination_config` - (Optional) The maximum number of records that Amazon AppFlow receives in each page of the response from your SAP application. see [SAPOData Pagination Config](#sapodata-pagination-config) ##### SAPOData Pagination Config -* `max_page_size` - (Optional) The maximum number of records that Amazon AppFlow receives in each page of -the response from your SAP application. For transfers of OData records, the -maximum page size is 3,000. For transfers of data that comes from an ODP -provider, the maximum page size is 10,000. -Defaults to 1,000. + +- `max_page_size` - (Optional) The maximum number of records that Amazon AppFlow receives in each page of + the response from your SAP application. For transfers of OData records, the + maximum page size is 3,000. For transfers of data that comes from an ODP + provider, the maximum page size is 10,000. + Defaults to 1,000. #### Incremental Pull Config -* `datetime_type_field_name` - (Optional) Field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source. +- `datetime_type_field_name` - (Optional) Field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source. ### Task -* `source_fields` - (Required) Source fields to which a particular task is applied. -* `task_type` - (Required) Particular task implementation that Amazon AppFlow performs. Valid values are `Arithmetic`, `Filter`, `Map`, `Map_all`, `Mask`, `Merge`, `Passthrough`, `Truncate`, and `Validate`. -* `connector_operator` - (Optional) Operation to be performed on the provided source fields. See [Connector Operator](#connector-operator) for details. -* `destination_field` - (Optional) Field in a destination connector, or a field value against which Amazon AppFlow validates a source field. -* `task_properties` - (Optional) Map used to store task-related information. The execution service looks for particular information based on the `TaskType`. Valid keys are `VALUE`, `VALUES`, `DATA_TYPE`, `UPPER_BOUND`, `LOWER_BOUND`, `SOURCE_DATA_TYPE`, `DESTINATION_DATA_TYPE`, `VALIDATION_ACTION`, `MASK_VALUE`, `MASK_LENGTH`, `TRUNCATE_LENGTH`, `MATH_OPERATION_FIELDS_ORDER`, `CONCAT_FORMAT`, `SUBFIELD_CATEGORY_MAP`, and `EXCLUDE_SOURCE_FIELDS_LIST`. +- `source_fields` - (Required) Source fields to which a particular task is applied. +- `task_type` - (Required) Particular task implementation that Amazon AppFlow performs. Valid values are `Arithmetic`, `Filter`, `Map`, `Map_all`, `Mask`, `Merge`, `Passthrough`, `Truncate`, and `Validate`. +- `connector_operator` - (Optional) Operation to be performed on the provided source fields. See [Connector Operator](#connector-operator) for details. +- `destination_field` - (Optional) Field in a destination connector, or a field value against which Amazon AppFlow validates a source field. +- `task_properties` - (Optional) Map used to store task-related information. The execution service looks for particular information based on the `TaskType`. Valid keys are `VALUE`, `VALUES`, `DATA_TYPE`, `UPPER_BOUND`, `LOWER_BOUND`, `SOURCE_DATA_TYPE`, `DESTINATION_DATA_TYPE`, `VALIDATION_ACTION`, `MASK_VALUE`, `MASK_LENGTH`, `TRUNCATE_LENGTH`, `MATH_OPERATION_FIELDS_ORDER`, `CONCAT_FORMAT`, `SUBFIELD_CATEGORY_MAP`, and `EXCLUDE_SOURCE_FIELDS_LIST`. #### Connector Operator -* `s3` - (Optional) Operation to be performed on the provided Amazon S3 source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. -* `sapo_data` - (Optional) Operation to be performed on the provided SAPOData source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. +- `s3` - (Optional) Operation to be performed on the provided Amazon S3 source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. +- `sapo_data` - (Optional) Operation to be performed on the provided SAPOData source fields. Valid values are `PROJECTION`, `LESS_THAN`, `GREATER_THAN`, `CONTAINS`, `BETWEEN`, `LESS_THAN_OR_EQUAL_TO`, `GREATER_THAN_OR_EQUAL_TO`, `EQUAL_TO`, `NOT_EQUAL_TO`, `ADDITION`, `MULTIPLICATION`, `DIVISION`, `SUBTRACTION`, `MASK_ALL`, `MASK_FIRST_N`, `MASK_LAST_N`, `VALIDATE_NON_NULL`, `VALIDATE_NON_ZERO`, `VALIDATE_NON_NEGATIVE`, `VALIDATE_NUMERIC`, and `NO_OP`. ### Trigger Config -* `trigger_type` - (Required) Type of flow trigger. Valid values are `Scheduled`, `Event`, and `OnDemand`. -* `trigger_properties` - (Optional) Configuration details of a schedule-triggered flow as defined by the user. Currently, these settings only apply to the `Scheduled` trigger type. See [Scheduled Trigger Properties](#scheduled-trigger-properties) for details. +- `trigger_type` - (Required) Type of flow trigger. Valid values are `Scheduled`, `Event`, and `OnDemand`. +- `trigger_properties` - (Optional) Configuration details of a schedule-triggered flow as defined by the user. Currently, these settings only apply to the `Scheduled` trigger type. See [Scheduled Trigger Properties](#scheduled-trigger-properties) for details. #### Scheduled Trigger Properties The `trigger_properties` block only supports one attribute: `scheduled`, a block which in turn supports the following: -* `schedule_expression` - (Required) Scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)`. -* `data_pull_mode` - (Optional) Whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run. Valid values are `Incremental` and `Complete`. -* `first_execution_from` - (Optional) Date range for the records to import from the connector in the first flow run. Must be a valid RFC3339 timestamp. -* `schedule_end_time` - (Optional) Scheduled end time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. -* `schedule_offset` - (Optional) Optional offset that is added to the time interval for a schedule-triggered flow. Maximum value of 36000. -* `schedule_start_time` - (Optional) Scheduled start time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. -* `timezone` - (Optional) Time zone used when referring to the date and time of a scheduled-triggered flow, such as `America/New_York`. +- `schedule_expression` - (Required) Scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)`. +- `data_pull_mode` - (Optional) Whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run. Valid values are `Incremental` and `Complete`. +- `first_execution_from` - (Optional) Date range for the records to import from the connector in the first flow run. Must be a valid RFC3339 timestamp. +- `schedule_end_time` - (Optional) Scheduled end time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. +- `schedule_offset` - (Optional) Optional offset that is added to the time interval for a schedule-triggered flow. Maximum value of 36000. +- `schedule_start_time` - (Optional) Scheduled start time for a schedule-triggered flow. Must be a valid RFC3339 timestamp. +- `timezone` - (Optional) Time zone used when referring to the date and time of a scheduled-triggered flow, such as `America/New_York`. ```terraform resource "aws_appflow_flow" "example" { @@ -353,7 +344,7 @@ resource "aws_appflow_flow" "example" { This resource exports the following attributes in addition to the arguments above: -* `arn` - Flow's ARN. +- `arn` - Flow's ARN. ## Import