work-around needed for aws_transfer_user home_directory_mapping is dirty on every run

Describe the Bug

restricted home users (var.restricted_home = true) are created with a home_directory_mappings with a target of ${var.s3_bucket_name}::$${Transfer:UserName}. AWS returns this value with the variable expanded, so it doesn't match.

      ~ home_directory_mappings {  
          ~ target = "/subjects.ftp.server/andrew" -> "/subjects.ftp.server/${Transfer:UserName}"  
            # (1 unchanged attribute hidden) 
        }

As a work around, we could set the target expansion locally as target = "/${var.s3_bucket_name}/${each.value.user_name}"

This is an ugly work-around.

Alternatively we could ignore changes to the home_directory_mappings, but that could create a sync/drift problem.

Expected Behavior

I expect the home_directory_mappings of a user to be consistent between runs.

Steps to Reproduce

Steps to reproduce the behavior:

install module with sftp_users, s3_bucket_name, context and the rest as default values.
init and apply terraform. creates all the expected resources, including aws_transfer_users
terraform plan. This should be clean but instead shows the user's home_directory_mapping changing from using the expanded user_name to ${Transfer:UserName}


module "transfer-sftp" {
  source                  = "cloudposse/transfer-sftp/aws"
  version                 = "0.5.2"
  sftp_users            = {
        "test" = {
          user_name  = "test,
          public_key = "ssh-rsa AAAAtesting= fake-key"
        },
    }

  s3_bucket_name = data.aws_s3_bucket.sftp.id
  context = module.this.context
}

subsequent terraform plan/apply:

  # module.transfer-sftp.aws_transfer_user.default["test"] will be updated in-place
  ~ resource "aws_transfer_user" "default" {
        id                  = "s-redacted/test"
        tags                = {
         ...
        }
        # (6 unchanged attributes hidden)

      ~ home_directory_mappings {
          ~ target = "/subjects.ftp.server/test" -> "/subjects.ftp.server/${Transfer:UserName}"
            # (1 unchanged attribute hidden)
        }
    }

Environment (please complete the following information):

Anything that will help us triage the bug will help. Here are some ideas:

OS: Linux
AWS provider versions. Tested on 3.75, 4.0.0, 4.1.0
Terraform versions: Tested on 0.12.31, 0.15.5, 1.0.0, 1.1.9.
cloudposse-/transfer-sftp/aws version 0.5.2

Additional Context

The cause of the problem can be seen using the aws v2 cli. Set a home_directory_mapping using the ${Transfer:UserName} variable and it will be returned as the expanded string.

Inspecting the created user after initial terraform apply:

% aws -transfer describe-user --server-id s-redacted --user-name test --query="User.HomeDirectoryMappings" 
[
    {
        "Entry": "/",
        "Target": "/subjects.ftp.server/test"
    }
]
% aws transfer update-user --server-id s-redacted --user-name test --home-directory-mappings ' [ { "Entry": "/",  "Target":  "/subjects.ftp.server/${Transfer:UserName}"}]'
{
    "ServerId": "s-redacted",
    "UserName": "test"
}
% aws transfer describe-user --server-id s-redacted --user-name test --query="User.HomeDirectoryMappings"
[
    {
        "Entry": "/",
        "Target": "/subjects.ftp.server/test"
    }
]

cloudposse / terraform-aws-transfer-sftp