r/aws_accessanalyzer_archive_rule: update id decode func with error c…

…heck

internal/service/accessanalyzer/archive_rule.go

@@ -109,7 +109,10 @@ func resourceArchiveRuleCreate(ctx context.Context, d *schema.ResourceData, meta
 func resourceArchiveRuleRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).AccessAnalyzerConn
 
-	analyzerName, ruleName := DecodeRuleID(d.Id())
+	analyzerName, ruleName, err := DecodeRuleID(d.Id())
+	if err != nil {
+		return diag.Errorf("unable to decode AccessAnalyzer ArchiveRule ID (%s): %s", d.Id(), err)
+	}
 	out, err := FindArchiveRule(ctx, conn, analyzerName, ruleName)
 
 	if !d.IsNewResource() && tfresource.NotFound(err) {
@@ -130,7 +133,11 @@ func resourceArchiveRuleRead(ctx context.Context, d *schema.ResourceData, meta i
 func resourceArchiveRuleUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	conn := meta.(*conns.AWSClient).AccessAnalyzerConn
 
-	analyzerName, ruleName := DecodeRuleID(d.Id())
+	analyzerName, ruleName, err := DecodeRuleID(d.Id())
+	if err != nil {
+		return diag.Errorf("unable to decode AccessAnalyzer ArchiveRule ID (%s): %s", d.Id(), err)
+	}
+
 	in := &accessanalyzer.UpdateArchiveRuleInput{
 		AnalyzerName: aws.String(analyzerName),
 		ClientToken:  aws.String(resource.UniqueId()),
@@ -143,7 +150,7 @@ func resourceArchiveRuleUpdate(ctx context.Context, d *schema.ResourceData, meta
 	}
 
 	log.Printf("[DEBUG] Updating AccessAnalyzer ArchiveRule (%s): %#v", d.Id(), in)
-	_, err := conn.UpdateArchiveRuleWithContext(ctx, in)
+	_, err = conn.UpdateArchiveRuleWithContext(ctx, in)
 	if err != nil {
 		return diag.Errorf("updating AccessAnalyzer ArchiveRule (%s): %s", d.Id(), err)
 	}
@@ -156,8 +163,12 @@ func resourceArchiveRuleDelete(ctx context.Context, d *schema.ResourceData, meta
 
 	log.Printf("[INFO] Deleting AccessAnalyzer ArchiveRule %s", d.Id())
 
-	analyzerName, ruleName := DecodeRuleID(d.Id())
-	_, err := conn.DeleteArchiveRuleWithContext(ctx, &accessanalyzer.DeleteArchiveRuleInput{
+	analyzerName, ruleName, err := DecodeRuleID(d.Id())
+	if err != nil {
+		return diag.Errorf("unable to decode AccessAnalyzer ArchiveRule ID (%s): %s", d.Id(), err)
+	}
+
+	_, err = conn.DeleteArchiveRuleWithContext(ctx, &accessanalyzer.DeleteArchiveRuleInput{
 		AnalyzerName: aws.String(analyzerName),
 		ClientToken:  aws.String(resource.UniqueId()),
 		RuleName:     aws.String(ruleName),
@@ -260,8 +271,11 @@ func EncodeRuleID(analyzerName, ruleName string) string {
 	return fmt.Sprintf("%s/%s", analyzerName, ruleName)
 }
 
-func DecodeRuleID(id string) (string, string) {
-	parts := strings.Split(id, "/")
+func DecodeRuleID(id string) (string, string, error) {
+	idParts := strings.Split(id, "/")
+	if len(idParts) != 2 || idParts[0] == "" || idParts[1] == "" {
+		return "", "", fmt.Errorf("expected ID to be the form analyzer_name/rule_name, given: %s", id)
+	}
 
-	return parts[0], parts[1]
+	return idParts[0], idParts[1], nil
 }

internal/service/accessanalyzer/archive_rule_test.go

@@ -12,9 +12,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
 	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
 	"github.com/hashicorp/terraform-provider-aws/internal/conns"
-	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
-
 	tfaccessanalyzer "github.com/hashicorp/terraform-provider-aws/internal/service/accessanalyzer"
+	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
 )
 
 //func TestArchiveRuleExampleUnitTest(t *testing.T) {
@@ -145,8 +144,12 @@ func testAccCheckArchiveRuleDestroy(s *terraform.State) error {
 			continue
 		}
 
-		analyzerName, ruleName := tfaccessanalyzer.DecodeRuleID(rs.Primary.ID)
-		_, err := tfaccessanalyzer.FindArchiveRule(context.Background(), conn, analyzerName, ruleName)
+		analyzerName, ruleName, err := tfaccessanalyzer.DecodeRuleID(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("unable to decode AccessAnalyzer ArchiveRule ID (%s): %s", rs.Primary.ID, err)
+		}
+
+		_, err = tfaccessanalyzer.FindArchiveRule(context.Background(), conn, analyzerName, ruleName)
 
 		if tfresource.NotFound(err) {
 			continue
@@ -174,7 +177,11 @@ func testAccCheckArchiveRuleExists(name string, archiveRule *accessanalyzer.Arch
 		}
 
 		conn := acctest.Provider.Meta().(*conns.AWSClient).AccessAnalyzerConn
-		analyzerName, ruleName := tfaccessanalyzer.DecodeRuleID(rs.Primary.ID)
+		analyzerName, ruleName, err := tfaccessanalyzer.DecodeRuleID(rs.Primary.ID)
+		if err != nil {
+			return fmt.Errorf("unable to decode AccessAnalyzer ArchiveRule ID (%s): %s", rs.Primary.ID, err)
+		}
+
 		resp, err := tfaccessanalyzer.FindArchiveRule(context.Background(), conn, analyzerName, ruleName)
 
 		if err != nil {
@@ -208,6 +215,16 @@ func testAccArchiveRuleConfig_basic(rName string) string {
 resource "aws_accessanalyzer_archiverule" "test" {
   analyzer_name = aws_accessanalyzer_analyzer.test
   rule_name     = %[1]q
+
+  filter {
+    criteria = "error"
+    exists   = true
+  }
+
+  filter {
+    criteria = "isPublic"
+    eq       = ["false"]
+  }
 }
 `, rName)
 }