From 3c15627ae4c3a18af57fb39830c5fc94aa042493 Mon Sep 17 00:00:00 2001
From: phuongnd96 <nguyenduyphuong_t59@hus.edu.vn>
Date: Fri, 7 Jul 2023 22:38:40 +0700
Subject: [PATCH 1/4] update platform id validation on signing_profile

update changelog
---
 .changelog/32414.txt                       |  3 ++
 internal/service/signer/signing_profile.go | 36 ++++++++++++++++------
 2 files changed, 30 insertions(+), 9 deletions(-)
 create mode 100644 .changelog/32414.txt

diff --git a/.changelog/32414.txt b/.changelog/32414.txt
new file mode 100644
index 000000000000..643f79da31ea
--- /dev/null
+++ b/.changelog/32414.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+resource/aws_signer_signing_profile: Update `platform_id` validation
+```
diff --git a/internal/service/signer/signing_profile.go b/internal/service/signer/signing_profile.go
index 247e629594d0..70765deeeaee 100644
--- a/internal/service/signer/signing_profile.go
+++ b/internal/service/signer/signing_profile.go
@@ -43,7 +43,7 @@ func ResourceSigningProfile() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 				ValidateFunc: validation.StringInSlice([]string{
-					"AWSLambda-SHA384-ECDSA"},
+					"AWSLambda-SHA384-ECDSA", "Notation-OCI-SHA384-ECDSA", "AWSIoTDeviceManagement-SHA256-ECDSA", "AmazonFreeRTOS-TI-CC3220SF", "AmazonFreeRTOS-Default"},
 					false),
 			},
 			"name": {
@@ -89,6 +89,11 @@ func ResourceSigningProfile() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"signing_material": {
+				Type:     schema.TypeString,
+				Computed: true,
+				Optional: true,
+			},
 			"platform_display_name": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -154,6 +159,13 @@ func resourceSigningProfileCreate(ctx context.Context, d *schema.ResourceData, m
 		}
 	}
 
+	if v, exists := d.GetOk("signing_material"); exists {
+		signingMaterial := v.(string)
+		signingProfileInput.SigningMaterial = &signer.SigningMaterial{
+			CertificateArn: &signingMaterial,
+		}
+	}
+
 	_, err := conn.PutSigningProfileWithContext(ctx, signingProfileInput)
 	if err != nil {
 		return sdkdiag.AppendErrorf(diags, "creating Signer signing profile: %s", err)
@@ -185,14 +197,15 @@ func resourceSigningProfileRead(ctx context.Context, d *schema.ResourceData, met
 	if err := d.Set("platform_id", signingProfileOutput.PlatformId); err != nil {
 		return sdkdiag.AppendErrorf(diags, "setting signer signing profile platform id: %s", err)
 	}
-
-	if err := d.Set("signature_validity_period", []interface{}{
-		map[string]interface{}{
-			"value": signingProfileOutput.SignatureValidityPeriod.Value,
-			"type":  signingProfileOutput.SignatureValidityPeriod.Type,
-		},
-	}); err != nil {
-		return sdkdiag.AppendErrorf(diags, "setting signer signing profile signature validity period: %s", err)
+	if signingProfileOutput.SignatureValidityPeriod != nil {
+		if err := d.Set("signature_validity_period", []interface{}{
+			map[string]interface{}{
+				"value": signingProfileOutput.SignatureValidityPeriod.Value,
+				"type":  signingProfileOutput.SignatureValidityPeriod.Type,
+			},
+		}); err != nil {
+			return sdkdiag.AppendErrorf(diags, "setting signer signing profile signature validity period: %s", err)
+		}
 	}
 
 	if err := d.Set("platform_display_name", signingProfileOutput.PlatformDisplayName); err != nil {
@@ -218,6 +231,11 @@ func resourceSigningProfileRead(ctx context.Context, d *schema.ResourceData, met
 	if err := d.Set("status", signingProfileOutput.Status); err != nil {
 		return sdkdiag.AppendErrorf(diags, "setting signer signing profile status: %s", err)
 	}
+	if signingProfileOutput.SigningMaterial != nil {
+		if err := d.Set("signing_material", signingProfileOutput.SigningMaterial.CertificateArn); err != nil {
+			return sdkdiag.AppendErrorf(diags, "setting signer signing profile material: %s", err)
+		}
+	}
 
 	setTagsOut(ctx, signingProfileOutput.Tags)
 

From 5c3d01a5351ad8f04bc44397cca5762761702de4 Mon Sep 17 00:00:00 2001
From: Adrian Johnson <adrian.johnson@hashicorp.com>
Date: Tue, 18 Jul 2023 13:36:07 -0500
Subject: [PATCH 2/4] aws_signer_signing_profile: add PlatformID_Values()

---
 internal/service/signer/signing_profile.go | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/internal/service/signer/signing_profile.go b/internal/service/signer/signing_profile.go
index 70765deeeaee..cfc142e00452 100644
--- a/internal/service/signer/signing_profile.go
+++ b/internal/service/signer/signing_profile.go
@@ -39,12 +39,10 @@ func ResourceSigningProfile() *schema.Resource {
 
 		Schema: map[string]*schema.Schema{
 			"platform_id": {
-				Type:     schema.TypeString,
-				Required: true,
-				ForceNew: true,
-				ValidateFunc: validation.StringInSlice([]string{
-					"AWSLambda-SHA384-ECDSA", "Notation-OCI-SHA384-ECDSA", "AWSIoTDeviceManagement-SHA256-ECDSA", "AmazonFreeRTOS-TI-CC3220SF", "AmazonFreeRTOS-Default"},
-					false),
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validation.StringInSlice(PlatformID_Values(), false),
 			},
 			"name": {
 				Type:          schema.TypeString,
@@ -294,3 +292,12 @@ func flattenSigningProfileRevocationRecord(apiObject *signer.SigningProfileRevoc
 
 	return []interface{}{tfMap}
 }
+
+func PlatformID_Values() []string {
+	return []string{
+		"AWSLambda-SHA384-ECDSA",
+		"Notation-OCI-SHA384-ECDSA",
+		"AWSIoTDeviceManagement-SHA256-ECDSA",
+		"AmazonFreeRTOS-TI-CC3220SF",
+		"AmazonFreeRTOS-Default"}
+}

From b9af8c7c49b18150f69a4172d871cc3682728936 Mon Sep 17 00:00:00 2001
From: Adrian Johnson <adrian.johnson@hashicorp.com>
Date: Tue, 18 Jul 2023 13:50:44 -0500
Subject: [PATCH 3/4] aws_signer_signing_profile: align signing_material
 attribute to API

---
 internal/service/signer/signing_profile.go | 49 ++++++++++++++++++----
 1 file changed, 42 insertions(+), 7 deletions(-)

diff --git a/internal/service/signer/signing_profile.go b/internal/service/signer/signing_profile.go
index cfc142e00452..d67659784831 100644
--- a/internal/service/signer/signing_profile.go
+++ b/internal/service/signer/signing_profile.go
@@ -88,9 +88,20 @@ func ResourceSigningProfile() *schema.Resource {
 				Computed: true,
 			},
 			"signing_material": {
-				Type:     schema.TypeString,
+				Type:     schema.TypeList,
+				MaxItems: 1,
 				Computed: true,
 				Optional: true,
+				ForceNew: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"certificate_arn": {
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+					},
+				},
 			},
 			"platform_display_name": {
 				Type:     schema.TypeString,
@@ -157,11 +168,8 @@ func resourceSigningProfileCreate(ctx context.Context, d *schema.ResourceData, m
 		}
 	}
 
-	if v, exists := d.GetOk("signing_material"); exists {
-		signingMaterial := v.(string)
-		signingProfileInput.SigningMaterial = &signer.SigningMaterial{
-			CertificateArn: &signingMaterial,
-		}
+	if v, ok := d.Get("signing_material").([]interface{}); ok && len(v) > 0 {
+		signingProfileInput.SigningMaterial = expandSigningMaterial(v)
 	}
 
 	_, err := conn.PutSigningProfileWithContext(ctx, signingProfileInput)
@@ -230,7 +238,7 @@ func resourceSigningProfileRead(ctx context.Context, d *schema.ResourceData, met
 		return sdkdiag.AppendErrorf(diags, "setting signer signing profile status: %s", err)
 	}
 	if signingProfileOutput.SigningMaterial != nil {
-		if err := d.Set("signing_material", signingProfileOutput.SigningMaterial.CertificateArn); err != nil {
+		if err := d.Set("signing_material", flattenSigningMaterial(signingProfileOutput.SigningMaterial)); err != nil {
 			return sdkdiag.AppendErrorf(diags, "setting signer signing profile material: %s", err)
 		}
 	}
@@ -271,6 +279,33 @@ func resourceSigningProfileDelete(ctx context.Context, d *schema.ResourceData, m
 	return diags
 }
 
+func expandSigningMaterial(in []interface{}) *signer.SigningMaterial {
+	if len(in) == 0 {
+		return nil
+	}
+
+	m := in[0].(map[string]interface{})
+	var out signer.SigningMaterial
+
+	if v, ok := m["certificate_arn"].(string); ok && v != "" {
+		out.CertificateArn = aws.String(v)
+	}
+
+	return &out
+}
+
+func flattenSigningMaterial(apiObject *signer.SigningMaterial) []interface{} {
+	if apiObject == nil {
+		return nil
+	}
+
+	m := map[string]interface{}{
+		"certificate_arn": aws.StringValue(apiObject.CertificateArn),
+	}
+
+	return []interface{}{m}
+}
+
 func flattenSigningProfileRevocationRecord(apiObject *signer.SigningProfileRevocationRecord) interface{} {
 	if apiObject == nil {
 		return []interface{}{}

From b462ab2128a445caae3a29f9880a3e224fd90f0f Mon Sep 17 00:00:00 2001
From: Adrian Johnson <adrian.johnson@hashicorp.com>
Date: Tue, 18 Jul 2023 13:54:30 -0500
Subject: [PATCH 4/4] tweak CHANGELOG entry

---
 .changelog/32414.txt | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/.changelog/32414.txt b/.changelog/32414.txt
index 643f79da31ea..6c57ab5c95bf 100644
--- a/.changelog/32414.txt
+++ b/.changelog/32414.txt
@@ -1,3 +1,7 @@
-```release-note:bug
-resource/aws_signer_signing_profile: Update `platform_id` validation
+```release-note:enhancement
+resource/aws_signer_signing_profile: Update `platform_id` validation.
 ```
+
+```release-note:enhancement
+resource/aws_signer_signing_profile: Add `signing_material` attribute.
+```
\ No newline at end of file