[Bug]: aws_glue_connection does not support DOCUMENTDB type connections

[dnyfrs]

Terraform Core Version

1.5.7

AWS Provider Version

5.83.1

Affected Resource(s)

• aws_glue_connection

Expected Behavior

When I try to import or create a glue connection which was created by federated Athena, I should be able to import it successfully to the state.

Actual Behavior

When I try to import a glue connection created by federated type Athena data source which connects to DocumentDB I got the error below:

│ Error: expected connection_type to be one of ["JDBC" "SFTP" "MONGODB" "KAFKA" "NETWORK" "MARKETPLACE" "CUSTOM" "SALESFORCE" "VIEW_VALIDATION_REDSHIFT" "VIEW_VALIDATION_ATH
ENA" "GOOGLEADS" "GOOGLESHEETS" "GOOGLEANALYTICS4" "SERVICENOW" "MARKETO" "SAPODATA" "ZENDESK" "JIRACLOUD" "NETSUITEERP" "HUBSPOT" "FACEBOOKADS" "INSTAGRAMADS" "ZOHOCRM" "SA
LESFORCEPARDOT" "SALESFORCEMARKETINGCLOUD" "SLACK" "STRIPE" "INTERCOM" "SNAPCHATADS" "AZURECOSMOS" "AZURESQL" "BIGQUERY" "OPENSEARCH" "SNOWFLAKE"], got DOCUMENTDB

Also when I try to use the connection_properties that I pulled from AWS API won't work neither:

╷
│ Error: expected connection_properties to be one of ["HOST" "PORT" "USERNAME" "PASSWORD" "ENCRYPTED_PASSWORD" "JDBC_DRIVER_JAR_URI" "JDBC_DRIVER_CLASS_NAME" "JDBC_ENGINE" "JDBC_ENGINE_VERSION" "CONFIG_FILES" "INSTANCE_ID" "JDBC_CONNECTION_URL" "JDBC_ENFORCE_SSL" "CUSTOM_JDBC_CERT" "SKIP_CUSTOM_JDBC_CERT_VALIDATION" "CUSTOM_JDBC_CERT_STRING" "CONNECTION_URL" "KAFKA_BOOTSTRAP_SERVERS" "KAFKA_SSL_ENABLED" "KAFKA_CUSTOM_CERT" "KAFKA_SKIP_CUSTOM_CERT_VALIDATION" "KAFKA_CLIENT_KEYSTORE" "KAFKA_CLIENT_KEYSTORE_PASSWORD" "KAFKA_CLIENT_KEY_PASSWORD" "ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD" "ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD" "KAFKA_SASL_MECHANISM" "KAFKA_SASL_PLAIN_USERNAME" "KAFKA_SASL_PLAIN_PASSWORD" "ENCRYPTED_KAFKA_SASL_PLAIN_PASSWORD" "KAFKA_SASL_SCRAM_USERNAME" "KAFKA_SASL_SCRAM_PASSWORD" "KAFKA_SASL_SCRAM_SECRETS_ARN" "ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD" "KAFKA_SASL_GSSAPI_KEYTAB" "KAFKA_SASL_GSSAPI_KRB5_CONF" "KAFKA_SASL_GSSAPI_SERVICE" "KAFKA_SASL_GSSAPI_PRINCIPAL" "SECRET_ID" "CONNECTOR_URL" "CONNECTOR_TYPE" "CONNECTOR_CLASS_NAME" "ENDPOINT" "ENDPOINT_TYPE" "ROLE_ARN" "REGION" "WORKGROUP_NAME" "CLUSTER_IDENTIFIER" "DATABASE" "SparkProperties"], got JDBC_PARAMS

Relevant Error/Panic Output Snippet

Terraform Configuration Files

resource "aws_glue_connection" "this" {
  name = "REDACTED"
  catalog_id = "REDACTED"
  connection_type = "DOCUMENTDB"
  description = "REDACTED"
  connection_properties = {
    HOST: "REDACTED.cluster-cjslrbyfwg6y.ap-southeast-1.docdb.amazonaws.com",
    JDBC_PARAMS: "ssl=true&ssl_ca_certs=rds-combined-ca-bundle.pem&replicaSet=rs0",
    PORT: "27017"
  }
  physical_connection_requirements {
    security_group_id_list = ["sg-REDACTED"]
    subnet_id              = "subnet-REDACTED"
  }

  lifecycle {
    ignore_changes = [
      connection_type,
      connection_properties
    ]
  }
  tags = {
    "federated_athena_datacatalog" = "true"
  }
  tags_all = {
    "federated_athena_datacatalog" = "true"
  }
}

Steps to Reproduce

Create a federated Athena resource which connects to DocumentDB from the console and try to import it back to the state.

Debug Output

No response

Panic Output

No response

Important Factoids

It is my first time here to create an issue.
I hope I could follow the standards.

References

No response

Would you like to implement a fix?

No

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[justinretzolk]

Hey @dnyfrs 👋 Thank you for taking the time to raise this! The validation for that particular argument is defined here, which relies on this function to add additional options to what is returned by the AWS Go SDK. This definitely seems a bit strange, so I'm going to leave this open for someone from the team/community to review further.