Codebuild issue: AWS 4.4.0 - Doesn't support project_visibility = "PRIVATE" in GovCloud. Temp fix only in test/aws-us-gov-/mdr-test-c2/380-codebuild-portal-lambda . Hoping fix comes out in a soon 4.x fix (or that AWS will role it out to GovCloud). If you need to fix others, copy changes in codebuild-portal-lambda's terragrunt.hcl to your module, and use terragrunt-local state rm to remove the invalid schema objects from the current state. These errors will show up when using AWS provider version 3.x with the latest code ``` Error: Unsupported argument │ │ on main.tf line 12, in resource "aws_codebuild_project" "this": │ 12: project_visibility = "PRIVATE" │ │ An argument named "project_visibility" is not expected here. ╵ ╷ │ Error: Unsupported argument │ │ on provider.tf line 51, in provider "aws": │ 51: use_fips_endpoint = true │ │ An argument named "use_fips_endpoint" is not expected here. ╵ ╷ │ Error: Invalid resource type │ │ on s3.tf line 15, in resource "aws_s3_bucket_acl" "s3_acl_bucket": │ 15: resource "aws_s3_bucket_acl" "s3_acl_bucket" { │ │ The provider hashicorp/aws does not support resource type │ "aws_s3_bucket_acl". ╵ ╷ │ Error: Invalid resource type │ │ on s3.tf line 21, in resource "aws_s3_bucket_versioning" "s3_version_bucket": │ 21: resource "aws_s3_bucket_versioning" "s3_version_bucket" { │ │ The provider hashicorp/aws does not support resource type │ "aws_s3_bucket_versioning". ╵ ╷ │ Error: Invalid resource type │ │ on s3.tf line 29, in resource "aws_s3_bucket_server_side_encryption_configuration" "s3_sse_bucket": │ 29: resource "aws_s3_bucket_server_side_encryption_configuration" "s3_sse_bucket" { │ │ The provider hashicorp/aws does not support resource type │ "aws_s3_bucket_server_side_encryption_configuration". ``` These errors will show up after the AWS provider version is correct and the TF code is correct, but the TF state contains the incorrect objects from AWS provider v4. ``` Error: no schema available for aws_s3_bucket_acl.s3_acl_bucket while reading state; this is a bug in Terraform and should be reported │ │ ╵ ╷ │ Error: no schema available for aws_s3_bucket_versioning.s3_version_bucket while reading state; this is a bug in Terraform and should be reported │ │ ╵ ╷ │ Error: no schema available for aws_s3_bucket_server_side_encryption_configuration.s3_sse_bucket while reading state; this is a bug in Terraform and should be reported ``` Remove the objects from the TF state using these commands. ``` terragrunt-local state rm aws_s3_bucket_acl.s3_acl_bucket terragrunt-local state rm aws_s3_bucket_versioning.s3_version_bucket terragrunt-local state rm aws_s3_bucket_server_side_encryption_configuration.s3_sse_bucket ``` See test/aws-us-gov/mdr-test-c2/380-codebuild-portal-lambda/terragrunt.hcl for the changes that need to be made.