hashicorp · jsakama · Dec 18, 2024
@@ -148,6 +148,11 @@ func resourceEventDataStore() *schema.Resource {
 				Default:          types.BillingModeExtendableRetentionPricing,
 				ValidateDiagFunc: enum.Validate[types.BillingMode](),
 			},
+			"suspend": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  false,
+			},
 			names.AttrKMSKeyID: {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -294,6 +299,19 @@ func resourceEventDataStoreUpdate(ctx context.Context, d *schema.ResourceData, m
 			input.TerminationProtectionEnabled = aws.Bool(d.Get("termination_protection_enabled").(bool))
 		}
 
+		if d.HasChange("suspend") {
+			if d.Get("suspend").(bool) {
+				if _, err := stopEventDataStoreIngestion(ctx, conn, d.Id()); err != nil {
+					return sdkdiag.AppendErrorf(diags, "error stopping CloudTrail Event Data Store ingestion (%s): %s", d.Id(), err)
+				}
+
+			} else {
+				if _, err := startEventDataStoreIngestion(ctx, conn, d.Id()); err != nil {
+					return sdkdiag.AppendErrorf(diags, "error starting CloudTrail Event Data Store ingestion (%s): %s", d.Id(), err)
+				}
+			}
+		}
+
 		_, err := conn.UpdateEventDataStore(ctx, input)
 
 		if err != nil {
@@ -380,10 +398,38 @@ func statusEventDataStore(ctx context.Context, conn *cloudtrail.Client, arn stri
 	}
 }
 
+func stopEventDataStoreIngestion(ctx context.Context, conn *cloudtrail.Client, arn string) (*cloudtrail.StopEventDataStoreIngestionOutput, error) {
+	input := &cloudtrail.StopEventDataStoreIngestionInput{
+		EventDataStore: aws.String(arn),
+	}
+
+	output, err := conn.StopEventDataStoreIngestion(ctx, input)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return output, nil
+}
+
+func startEventDataStoreIngestion(ctx context.Context, conn *cloudtrail.Client, arn string) (*cloudtrail.StartEventDataStoreIngestionOutput, error) {
+	input := &cloudtrail.StartEventDataStoreIngestionInput{
+		EventDataStore: aws.String(arn),
+	}
+
+	output, err := conn.StartEventDataStoreIngestion(ctx, input)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return output, nil
+}
+
 func waitEventDataStoreAvailable(ctx context.Context, conn *cloudtrail.Client, arn string, timeout time.Duration) (*cloudtrail.GetEventDataStoreOutput, error) { //nolint:unparam
 	stateConf := &retry.StateChangeConf{
-		Pending: enum.Slice(types.EventDataStoreStatusCreated),
-		Target:  enum.Slice(types.EventDataStoreStatusEnabled),
+		Pending: enum.Slice(types.EventDataStoreStatusCreated, types.EventDataStoreStatusStartingIngestion, types.EventDataStoreStatusStoppingIngestion),
+		Target:  enum.Slice(types.EventDataStoreStatusEnabled, types.EventDataStoreStatusStoppedIngestion),
 		Refresh: statusEventDataStore(ctx, conn, arn),
 		Timeout: timeout,
 	}

@@ -97,6 +97,35 @@ func TestAccCloudTrailEventDataStore_billingMode(t *testing.T) {
 	})
 }
 
+func TestAccCloudTrailEventDataStore_suspend(t *testing.T) {
+	ctx := acctest.Context(t)
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	resourceName := "aws_cloudtrail_event_data_store.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.PreCheck(ctx, t) },
+		ErrorCheck:               acctest.ErrorCheck(t, names.CloudTrailServiceID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckEventDataStoreDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccEventDataStoreConfig_basic(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckEventDataStoreExists(ctx, resourceName),
+					resource.TestCheckResourceAttr(resourceName, "suspend", "false"),
+				),
+			},
+			{
+				Config: testAccEventDataStoreConfig_suspend(rName, true),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckEventDataStoreExists(ctx, resourceName),
+					resource.TestCheckResourceAttr(resourceName, "suspend", "true"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccCloudTrailEventDataStore_kmsKeyId(t *testing.T) {
 	ctx := acctest.Context(t)
 	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
@@ -394,6 +423,19 @@ resource "aws_cloudtrail_event_data_store" "test" {
 `, rName)
 }
 
+func testAccEventDataStoreConfig_suspend(rName string, suspend bool) string {
+	return fmt.Sprintf(`
+resource "aws_cloudtrail_event_data_store" "test" {
+  name = %[1]q
+
+  suspend = %[2]t
+  multi_region_enabled = false
+  organization_enabled = false
+  termination_protection_enabled = false # For ease of deletion.
+}
+`, rName, suspend)
+}
+
 func testAccEventDataStoreConfig_billingModeUpdated(rName string) string {
 	return fmt.Sprintf(`
 resource "aws_cloudtrail_event_data_store" "test" {