website/docs: Run `terraform fmt` on code examples (#12075)
* docs/vsphere: Fix code block * docs: Convert `...` to `# ...` to allow `terraform fmt`ing * docs: Trim trailing whitespace * docs: First-pass run of `terraform fmt` on code examples
This commit is contained in:
parent
1196114433
commit
61277c0dbd
|
@ -64,9 +64,9 @@ The command-line flags are all optional. The list of available flags are:
|
||||||
|
|
||||||
* `-var='foo=bar'` - Set the value of a variable for the Terraform configuration.
|
* `-var='foo=bar'` - Set the value of a variable for the Terraform configuration.
|
||||||
|
|
||||||
* `-var-file=foo` - Set the value of variables using a variable file. This flag
|
* `-var-file=foo` - Set the value of variables using a variable file. This flag
|
||||||
can be used multiple times.
|
can be used multiple times.
|
||||||
|
|
||||||
|
|
||||||
* `-vcs=true` - If true (default), then Terraform will detect if a VCS
|
* `-vcs=true` - If true (default), then Terraform will detect if a VCS
|
||||||
is in use, such as Git, and will only upload files that are committed to
|
is in use, such as Git, and will only upload files that are committed to
|
||||||
|
|
|
@ -20,7 +20,7 @@ Within a folder containing Terraform configurations, create a subfolder called `
|
||||||
|
|
||||||
```
|
```
|
||||||
module "child" {
|
module "child" {
|
||||||
source = "./child"
|
source = "./child"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -31,7 +31,7 @@ your modules. This should be instant since the module is a local path.
|
||||||
|
|
||||||
## Inputs/Outputs
|
## Inputs/Outputs
|
||||||
|
|
||||||
To make modules more useful than simple isolated containers of Terraform configurations, modules can be configured and also have outputs that can be consumed by your Terraform configuration.
|
To make modules more useful than simple isolated containers of Terraform configurations, modules can be configured and also have outputs that can be consumed by your Terraform configuration.
|
||||||
|
|
||||||
Inputs of a module are [variables](/docs/configuration/variables.html) and outputs are [outputs](/docs/configuration/outputs.html). There is no special syntax to define these, they're defined just like any other variables or outputs. You can think about these variables and outputs as the API interface to your module.
|
Inputs of a module are [variables](/docs/configuration/variables.html) and outputs are [outputs](/docs/configuration/outputs.html). There is no special syntax to define these, they're defined just like any other variables or outputs. You can think about these variables and outputs as the API interface to your module.
|
||||||
|
|
||||||
|
@ -41,7 +41,7 @@ Let's add a variable and an output to our `child` module.
|
||||||
variable "memory" {}
|
variable "memory" {}
|
||||||
|
|
||||||
output "received" {
|
output "received" {
|
||||||
value = "${var.memory}"
|
value = "${var.memory}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -51,13 +51,13 @@ You can then configure the module and use the output like so:
|
||||||
|
|
||||||
```
|
```
|
||||||
module "child" {
|
module "child" {
|
||||||
source = "./child"
|
source = "./child"
|
||||||
|
|
||||||
memory = "1G"
|
memory = "1G"
|
||||||
}
|
}
|
||||||
|
|
||||||
output "child_memory" {
|
output "child_memory" {
|
||||||
value = "${module.child.received}"
|
value = "${module.child.received}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -71,11 +71,11 @@ In these cases, you can't use a relative path, since paths in Terraform are gene
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_instance" "server" {
|
resource "aws_instance" "server" {
|
||||||
...
|
# ...
|
||||||
|
|
||||||
provisioner "remote-exec" {
|
provisioner "remote-exec" {
|
||||||
script = "${path.module}/script.sh"
|
script = "${path.module}/script.sh"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,7 @@ The easiest source is the local file path. For maximum portability, this should
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "./consul"
|
source = "./consul"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -45,7 +45,7 @@ Terraform will automatically recognize GitHub URLs and turn them into a link to
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "github.com/hashicorp/example"
|
source = "github.com/hashicorp/example"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -53,7 +53,7 @@ Subdirectories within the repository can also be referenced:
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "github.com/hashicorp/example//subdir"
|
source = "github.com/hashicorp/example//subdir"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -61,7 +61,7 @@ These will fetch the modules using HTTPS. If you want to use SSH instead:
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "git@github.com:hashicorp/example.git//subdir"
|
source = "git@github.com:hashicorp/example.git//subdir"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -91,7 +91,7 @@ Terraform will automatically recognize BitBucket URLs and turn them into a link
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "bitbucket.org/hashicorp/consul"
|
source = "bitbucket.org/hashicorp/consul"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -99,7 +99,7 @@ Subdirectories within the repository can also be referenced:
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "bitbucket.org/hashicorp/consul//subdir"
|
source = "bitbucket.org/hashicorp/consul//subdir"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -113,7 +113,7 @@ Generic Git repositories are also supported. The value of `source` in this case
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "git://hashicorp.com/consul.git"
|
source = "git://hashicorp.com/consul.git"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -121,11 +121,11 @@ You can also use protocols such as HTTP or SSH to reference a module, but you'll
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "git::https://hashicorp.com/consul.git"
|
source = "git::https://hashicorp.com/consul.git"
|
||||||
}
|
}
|
||||||
|
|
||||||
module "ami" {
|
module "ami" {
|
||||||
source = "git::ssh://git@github.com/owner/repo.git"
|
source = "git::ssh://git@github.com/owner/repo.git"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -137,7 +137,7 @@ The URLs for Git repositories support the following query parameters:
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "git::https://hashicorp.com/consul.git?ref=master"
|
source = "git::https://hashicorp.com/consul.git?ref=master"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -147,7 +147,7 @@ Generic Mercurial repositories are supported. The value of `source` in this case
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "hg::http://hashicorp.com/consul.hg"
|
source = "hg::http://hashicorp.com/consul.hg"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -157,7 +157,7 @@ URLs for Mercurial repositories support the following query parameters:
|
||||||
|
|
||||||
```
|
```
|
||||||
module "consul" {
|
module "consul" {
|
||||||
source = "hg::http://hashicorp.com/consul.hg?ref=master"
|
source = "hg::http://hashicorp.com/consul.hg?ref=master"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -185,7 +185,7 @@ available via shared credentials or environment variables.
|
||||||
There are a variety of S3 bucket addressing schemes, most are
|
There are a variety of S3 bucket addressing schemes, most are
|
||||||
[documented in the S3
|
[documented in the S3
|
||||||
configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro).
|
configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro).
|
||||||
Here are a couple of examples.
|
Here are a couple of examples.
|
||||||
|
|
||||||
Using the `s3` protocol.
|
Using the `s3` protocol.
|
||||||
|
|
||||||
|
|
|
@ -54,7 +54,7 @@ resource "aws_iam_user" "deploy_user" {
|
||||||
|
|
||||||
In this example you define a module in the `./publish_bucket` subdirectory. That module has configuration to create a bucket resource, set access and caching rules. The module wraps the bucket and all the other implementation details required to configure a bucket.
|
In this example you define a module in the `./publish_bucket` subdirectory. That module has configuration to create a bucket resource, set access and caching rules. The module wraps the bucket and all the other implementation details required to configure a bucket.
|
||||||
|
|
||||||
We can then define the module multiple times in our configuration by naming each instantiation of the module uniquely, here `module "assets_bucket"` and `module "media_bucket"`, whilst specifying the same module `source`.
|
We can then define the module multiple times in our configuration by naming each instantiation of the module uniquely, here `module "assets_bucket"` and `module "media_bucket"`, whilst specifying the same module `source`.
|
||||||
|
|
||||||
The resource names in your module get prefixed by `module.<module-instance-name>` when instantiated, for example the `publish_bucket` module creates `aws_s3_bucket.the_bucket` and `aws_iam_access_key.deploy_user`. The full name of the resulting resources will be `module.assets_bucket.aws_s3_bucket.the_bucket` and `module.assets_bucket.aws_iam_access_key.deploy_user`. Be cautious of this when extracting configuration from your files into a module, the name of your resources will change and Terraform will potentially destroy and recreate them. Always check your configuration with `terraform plan` before running `terraform apply`.
|
The resource names in your module get prefixed by `module.<module-instance-name>` when instantiated, for example the `publish_bucket` module creates `aws_s3_bucket.the_bucket` and `aws_iam_access_key.deploy_user`. The full name of the resulting resources will be `module.assets_bucket.aws_s3_bucket.the_bucket` and `module.assets_bucket.aws_iam_access_key.deploy_user`. Be cautious of this when extracting configuration from your files into a module, the name of your resources will change and Terraform will potentially destroy and recreate them. Always check your configuration with `terraform plan` before running `terraform apply`.
|
||||||
|
|
||||||
|
|
|
@ -8,23 +8,22 @@ description: |-
|
||||||
|
|
||||||
# alicloud\_images
|
# alicloud\_images
|
||||||
|
|
||||||
The Images data source list image resource list contains private images of the user and images of system resources provided by Alicloud, as well as other public images and those available on the image market.
|
The Images data source list image resource list contains private images of the user and images of system resources provided by Alicloud, as well as other public images and those available on the image market.
|
||||||
|
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "alicloud_images" "multi_image" {
|
data "alicloud_images" "multi_image" {
|
||||||
owners = "system"
|
owners = "system"
|
||||||
name_regex = "^centos_6"
|
name_regex = "^centos_6"
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
||||||
The following arguments are supported:
|
The following arguments are supported:
|
||||||
|
|
||||||
* `name_regex` - (Optional) A regex string to apply to the image list returned by Alicloud.
|
* `name_regex` - (Optional) A regex string to apply to the image list returned by Alicloud.
|
||||||
* `most_recent` - (Optional) If more than one result is returned, use the most recent image.
|
* `most_recent` - (Optional) If more than one result is returned, use the most recent image.
|
||||||
* `owners` - (Optional) Limit search to specific image owners. Valid items are `system`, `self`, `others`, `marketplace`.
|
* `owners` - (Optional) Limit search to specific image owners. Valid items are `system`, `self`, `others`, `marketplace`.
|
||||||
|
|
||||||
|
|
|
@ -16,7 +16,7 @@ The Instance Types data source list the ecs_instance_types of Alicloud.
|
||||||
# Declare the data source
|
# Declare the data source
|
||||||
data "alicloud_instance_types" "1c2g" {
|
data "alicloud_instance_types" "1c2g" {
|
||||||
cpu_core_count = 1
|
cpu_core_count = 1
|
||||||
memory_size = 2
|
memory_size = 2
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create ecs instance with the first matched instance_type
|
# Create ecs instance with the first matched instance_type
|
||||||
|
@ -26,7 +26,6 @@ resource "alicloud_instance" "instance" {
|
||||||
|
|
||||||
# Other properties...
|
# Other properties...
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -14,9 +14,8 @@ The Regions data source allows access to the list of Alicloud Regions.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "alicloud_regions" "current" {
|
data "alicloud_regions" "current" {
|
||||||
current = true
|
current = true
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -15,8 +15,8 @@ The Zones data source allows access to the list of Alicloud Zones which can be a
|
||||||
```
|
```
|
||||||
# Declare the data source
|
# Declare the data source
|
||||||
data "alicloud_zones" "default" {
|
data "alicloud_zones" "default" {
|
||||||
"available_instance_type"= "ecs.s2.large"
|
"available_instance_type" = "ecs.s2.large"
|
||||||
"available_disk_category"= "cloud_ssd"
|
"available_disk_category" = "cloud_ssd"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create ecs instance with the first matched zone
|
# Create ecs instance with the first matched zone
|
||||||
|
@ -26,7 +26,6 @@ resource "alicloud_instance" "instance" {
|
||||||
|
|
||||||
# Other properties...
|
# Other properties...
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -21,37 +21,37 @@ Use the navigation to the left to read about the available resources.
|
||||||
provider "alicloud" {
|
provider "alicloud" {
|
||||||
access_key = "${var.access_key}"
|
access_key = "${var.access_key}"
|
||||||
secret_key = "${var.secret_key}"
|
secret_key = "${var.secret_key}"
|
||||||
region = "${var.region}"
|
region = "${var.region}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create a web server
|
# Create a web server
|
||||||
resource "alicloud_instance" "web" {
|
resource "alicloud_instance" "web" {
|
||||||
# cn-beijing
|
# cn-beijing
|
||||||
provider = "alicloud"
|
provider = "alicloud"
|
||||||
availability_zone = "cn-beijing-b"
|
availability_zone = "cn-beijing-b"
|
||||||
image_id = "ubuntu_140405_32_40G_cloudinit_20161115.vhd"
|
image_id = "ubuntu_140405_32_40G_cloudinit_20161115.vhd"
|
||||||
|
|
||||||
instance_network_type = "Classic"
|
instance_network_type = "Classic"
|
||||||
internet_charge_type = "PayByBandwidth"
|
internet_charge_type = "PayByBandwidth"
|
||||||
|
|
||||||
instance_type = "ecs.n1.medium"
|
instance_type = "ecs.n1.medium"
|
||||||
io_optimized = "optimized"
|
io_optimized = "optimized"
|
||||||
system_disk_category = "cloud_efficiency"
|
system_disk_category = "cloud_efficiency"
|
||||||
security_groups = ["${alicloud_security_group.default.id}"]
|
security_groups = ["${alicloud_security_group.default.id}"]
|
||||||
instance_name = "web"
|
instance_name = "web"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create security group
|
# Create security group
|
||||||
resource "alicloud_security_group" "default" {
|
resource "alicloud_security_group" "default" {
|
||||||
name = "default"
|
name = "default"
|
||||||
provider = "alicloud"
|
provider = "alicloud"
|
||||||
description = "default"
|
description = "default"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
## Authentication
|
## Authentication
|
||||||
|
|
||||||
The Alicloud provider offers a flexible means of providing credentials for authentication.
|
The Alicloud provider offers a flexible means of providing credentials for authentication.
|
||||||
The following methods are supported, in this order, and explained below:
|
The following methods are supported, in this order, and explained below:
|
||||||
|
|
||||||
- Static credentials
|
- Static credentials
|
||||||
|
@ -62,7 +62,7 @@ The following methods are supported, in this order, and explained below:
|
||||||
Static credentials can be provided by adding an `access_key` `secret_key` and `region` in-line in the
|
Static credentials can be provided by adding an `access_key` `secret_key` and `region` in-line in the
|
||||||
alicloud provider block:
|
alicloud provider block:
|
||||||
|
|
||||||
Usage:
|
Usage:
|
||||||
|
|
||||||
```
|
```
|
||||||
provider "alicloud" {
|
provider "alicloud" {
|
||||||
|
@ -75,7 +75,7 @@ provider "alicloud" {
|
||||||
|
|
||||||
###Environment variables
|
###Environment variables
|
||||||
|
|
||||||
You can provide your credentials via `ALICLOUD_ACCESS_KEY` and `ALICLOUD_SECRET_KEY`,
|
You can provide your credentials via `ALICLOUD_ACCESS_KEY` and `ALICLOUD_SECRET_KEY`,
|
||||||
environment variables, representing your Alicloud Access Key and Secret Key, respectively.
|
environment variables, representing your Alicloud Access Key and Secret Key, respectively.
|
||||||
`ALICLOUD_REGION` is also used, if applicable:
|
`ALICLOUD_REGION` is also used, if applicable:
|
||||||
|
|
||||||
|
@ -86,7 +86,7 @@ provider "alicloud" {}
|
||||||
Usage:
|
Usage:
|
||||||
|
|
||||||
```
|
```
|
||||||
$ export ALICLOUD_ACCESS_KEY="anaccesskey"
|
$ export ALICLOUD_ACCESS_KEY="anaccesskey"
|
||||||
$ export ALICLOUD_SECRET_KEY="asecretkey"
|
$ export ALICLOUD_SECRET_KEY="asecretkey"
|
||||||
$ export ALICLOUD_REGION="cn-beijing"
|
$ export ALICLOUD_REGION="cn-beijing"
|
||||||
$ terraform plan
|
$ terraform plan
|
||||||
|
|
|
@ -17,16 +17,16 @@ Provides a ECS disk resource.
|
||||||
```
|
```
|
||||||
# Create a new ECS disk.
|
# Create a new ECS disk.
|
||||||
resource "alicloud_disk" "ecs_disk" {
|
resource "alicloud_disk" "ecs_disk" {
|
||||||
# cn-beijing
|
# cn-beijing
|
||||||
availability_zone = "cn-beijing-b"
|
availability_zone = "cn-beijing-b"
|
||||||
name = "New-disk"
|
name = "New-disk"
|
||||||
description = "Hello ecs disk."
|
description = "Hello ecs disk."
|
||||||
category = "cloud_efficiency"
|
category = "cloud_efficiency"
|
||||||
size = "30"
|
size = "30"
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
Name = "TerraformTest"
|
Name = "TerraformTest"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -18,37 +18,37 @@ Basic usage
|
||||||
# Create a new ECS disk-attachment and use it attach one disk to a new instance.
|
# Create a new ECS disk-attachment and use it attach one disk to a new instance.
|
||||||
|
|
||||||
resource "alicloud_security_group" "ecs_sg" {
|
resource "alicloud_security_group" "ecs_sg" {
|
||||||
name = "terraform-test-group"
|
name = "terraform-test-group"
|
||||||
description = "New security group"
|
description = "New security group"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_disk" "ecs_disk" {
|
resource "alicloud_disk" "ecs_disk" {
|
||||||
availability_zone = "cn-beijing-a"
|
availability_zone = "cn-beijing-a"
|
||||||
size = "50"
|
size = "50"
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
Name = "TerraformTest-disk"
|
Name = "TerraformTest-disk"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_instance" "ecs_instance" {
|
resource "alicloud_instance" "ecs_instance" {
|
||||||
image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd"
|
image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd"
|
||||||
instance_type = "ecs.s1.small"
|
instance_type = "ecs.s1.small"
|
||||||
availability_zone = "cn-beijing-a"
|
availability_zone = "cn-beijing-a"
|
||||||
security_groups = ["${alicloud_security_group.ecs_sg.id}"]
|
security_groups = ["${alicloud_security_group.ecs_sg.id}"]
|
||||||
instance_name = "Hello"
|
instance_name = "Hello"
|
||||||
instance_network_type = "classic"
|
instance_network_type = "classic"
|
||||||
internet_charge_type = "PayByBandwidth"
|
internet_charge_type = "PayByBandwidth"
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
Name = "TerraformTest-instance"
|
Name = "TerraformTest-instance"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_disk_attachment" "ecs_disk_att" {
|
resource "alicloud_disk_attachment" "ecs_disk_att" {
|
||||||
disk_id = "${alicloud_disk.ecs_disk.id}"
|
disk_id = "${alicloud_disk.ecs_disk.id}"
|
||||||
instance_id = "${alicloud_instance.ecs_instance.id}"
|
instance_id = "${alicloud_instance.ecs_instance.id}"
|
||||||
device_name = "/dev/xvdb"
|
device_name = "/dev/xvdb"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -15,8 +15,8 @@ Provides a ECS EIP resource.
|
||||||
```
|
```
|
||||||
# Create a new EIP.
|
# Create a new EIP.
|
||||||
resource "alicloud_eip" "example" {
|
resource "alicloud_eip" "example" {
|
||||||
bandwidth = "10"
|
bandwidth = "10"
|
||||||
internet_charge_type = "PayByBandwidth"
|
internet_charge_type = "PayByBandwidth"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -20,43 +20,44 @@ Provides an Alicloud EIP Association resource, to associate and disassociate Ela
|
||||||
# Create a new EIP association and use it to associate a EIP form a instance.
|
# Create a new EIP association and use it to associate a EIP form a instance.
|
||||||
|
|
||||||
resource "alicloud_vpc" "vpc" {
|
resource "alicloud_vpc" "vpc" {
|
||||||
cidr_block = "10.1.0.0/21"
|
cidr_block = "10.1.0.0/21"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_vswitch" "vsw" {
|
resource "alicloud_vswitch" "vsw" {
|
||||||
vpc_id = "${alicloud_vpc.vpc.id}"
|
vpc_id = "${alicloud_vpc.vpc.id}"
|
||||||
cidr_block = "10.1.1.0/24"
|
cidr_block = "10.1.1.0/24"
|
||||||
availability_zone = "cn-beijing-a"
|
availability_zone = "cn-beijing-a"
|
||||||
depends_on = [
|
|
||||||
"alicloud_vpc.vpc"]
|
depends_on = [
|
||||||
|
"alicloud_vpc.vpc",
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_instance" "ecs_instance" {
|
resource "alicloud_instance" "ecs_instance" {
|
||||||
image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd"
|
image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd"
|
||||||
instance_type = "ecs.s1.small"
|
instance_type = "ecs.s1.small"
|
||||||
availability_zone = "cn-beijing-a"
|
availability_zone = "cn-beijing-a"
|
||||||
security_groups = ["${alicloud_security_group.group.id}"]
|
security_groups = ["${alicloud_security_group.group.id}"]
|
||||||
vswitch_id = "${alicloud_vswitch.vsw.id}"
|
vswitch_id = "${alicloud_vswitch.vsw.id}"
|
||||||
instance_name = "hello"
|
instance_name = "hello"
|
||||||
instance_network_type = "vpc"
|
instance_network_type = "vpc"
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
Name = "TerraformTest-instance"
|
Name = "TerraformTest-instance"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_eip" "eip" {
|
resource "alicloud_eip" "eip" {}
|
||||||
}
|
|
||||||
|
|
||||||
resource "alicloud_eip_association" "eip_asso" {
|
resource "alicloud_eip_association" "eip_asso" {
|
||||||
allocation_id = "${alicloud_eip.eip.id}"
|
allocation_id = "${alicloud_eip.eip.id}"
|
||||||
instance_id = "${alicloud_instance.ecs_instance.id}"
|
instance_id = "${alicloud_instance.ecs_instance.id}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_security_group" "group" {
|
resource "alicloud_security_group" "group" {
|
||||||
name = "terraform-test-group"
|
name = "terraform-test-group"
|
||||||
description = "New security group"
|
description = "New security group"
|
||||||
vpc_id = "${alicloud_vpc.vpc.id}"
|
vpc_id = "${alicloud_vpc.vpc.id}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -15,38 +15,38 @@ Provides a ECS instance resource.
|
||||||
```
|
```
|
||||||
# Create a new ECS instance for classic
|
# Create a new ECS instance for classic
|
||||||
resource "alicloud_security_group" "classic" {
|
resource "alicloud_security_group" "classic" {
|
||||||
name = "tf_test_foo"
|
name = "tf_test_foo"
|
||||||
description = "foo"
|
description = "foo"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_instance" "classic" {
|
resource "alicloud_instance" "classic" {
|
||||||
# cn-beijing
|
# cn-beijing
|
||||||
availability_zone = "cn-beijing-b"
|
availability_zone = "cn-beijing-b"
|
||||||
security_group_id = "${alicloud_security_group.classic.id}"
|
security_group_id = "${alicloud_security_group.classic.id}"
|
||||||
|
|
||||||
allocate_public_ip = "true"
|
allocate_public_ip = "true"
|
||||||
|
|
||||||
# series II
|
# series II
|
||||||
instance_type = "ecs.n1.medium"
|
instance_type = "ecs.n1.medium"
|
||||||
io_optimized = "optimized"
|
io_optimized = "optimized"
|
||||||
system_disk_category = "cloud_efficiency"
|
system_disk_category = "cloud_efficiency"
|
||||||
image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd"
|
image_id = "ubuntu_140405_64_40G_cloudinit_20161115.vhd"
|
||||||
instance_name = "test_foo"
|
instance_name = "test_foo"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create a new ECS instance for VPC
|
# Create a new ECS instance for VPC
|
||||||
resource "alicloud_vpc" "default" {
|
resource "alicloud_vpc" "default" {
|
||||||
# Other parameters...
|
# Other parameters...
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_vswitch" "default" {
|
resource "alicloud_vswitch" "default" {
|
||||||
# Other parameters...
|
# Other parameters...
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_slb" "vpc" {
|
resource "alicloud_slb" "vpc" {
|
||||||
name = "test-slb-tf"
|
name = "test-slb-tf"
|
||||||
vpc_id = "${alicloud_vpc.default.id}"
|
vpc_id = "${alicloud_vpc.default.id}"
|
||||||
vswitch_id = "${alicloud_vswitch.default.id}"
|
vswitch_id = "${alicloud_vswitch.default.id}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -59,17 +59,17 @@ The following arguments are supported:
|
||||||
* `instance_type` - (Required) The type of instance to start.
|
* `instance_type` - (Required) The type of instance to start.
|
||||||
* `security_group_ids` - (Required) A list of security group ids to associate with. If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.
|
* `security_group_ids` - (Required) A list of security group ids to associate with. If you are creating Instances in a VPC, use `vpc_security_group_ids` instead.
|
||||||
`security_group_ids` instead.
|
`security_group_ids` instead.
|
||||||
* `instance_name` - (Optional) The name of the ECS. This instance_name can have a string of 2 to 128 characters, must contain only alphanumeric characters or hyphens, such as "-",".","_", and must not begin or end with a hyphen, and must not begin with http:// or https://. If not specified,
|
* `instance_name` - (Optional) The name of the ECS. This instance_name can have a string of 2 to 128 characters, must contain only alphanumeric characters or hyphens, such as "-",".","_", and must not begin or end with a hyphen, and must not begin with http:// or https://. If not specified,
|
||||||
Terraform will autogenerate a name beginning with `tf-ecs`.
|
Terraform will autogenerate a name beginning with `tf-ecs`.
|
||||||
* `allocate_public_ip` - (Optional) Associate a public ip address with an instance in a VPC or Classic. Boolean value, Default is false.
|
* `allocate_public_ip` - (Optional) Associate a public ip address with an instance in a VPC or Classic. Boolean value, Default is false.
|
||||||
* `io_optimized` - (Optional) Valid
|
* `io_optimized` - (Optional) Valid
|
||||||
values are `none`, `optimized`, If `optimized`, the launched ECS instance will be I/O optimized. Default is `optimized`.
|
values are `none`, `optimized`, If `optimized`, the launched ECS instance will be I/O optimized. Default is `optimized`.
|
||||||
* `system_disk_category` - (Optional) Valid values are `cloud`, `cloud_efficiency`, `cloud_ssd`, For I/O optimized instance type, `cloud_ssd` and `cloud_efficiency` disks are supported. For non I/O Optimized instance type, `cloud` disk are supported.
|
* `system_disk_category` - (Optional) Valid values are `cloud`, `cloud_efficiency`, `cloud_ssd`, For I/O optimized instance type, `cloud_ssd` and `cloud_efficiency` disks are supported. For non I/O Optimized instance type, `cloud` disk are supported.
|
||||||
* `system_disk_size` - (Optional) Size of the system disk, value range: 40GB ~ 500GB. Default is 40GB.
|
* `system_disk_size` - (Optional) Size of the system disk, value range: 40GB ~ 500GB. Default is 40GB.
|
||||||
* `description` - (Optional) Description of the instance, This description can have a string of 2 to 256 characters, It cannot begin with http:// or https://. Default value is null.
|
* `description` - (Optional) Description of the instance, This description can have a string of 2 to 256 characters, It cannot begin with http:// or https://. Default value is null.
|
||||||
* `internet_charge_type` - (Optional) Internet charge type of the instance, Valid values are `PayByBandwidth`, `PayByTraffic`. Default is `PayByBandwidth`.
|
* `internet_charge_type` - (Optional) Internet charge type of the instance, Valid values are `PayByBandwidth`, `PayByTraffic`. Default is `PayByBandwidth`.
|
||||||
* `internet_max_bandwidth_in` - (Optional) Maximum incoming bandwidth from the public network, measured in Mbps (Mega bit per second). Value range: [1, 200]. If this value is not specified, then automatically sets it to 200 Mbps.
|
* `internet_max_bandwidth_in` - (Optional) Maximum incoming bandwidth from the public network, measured in Mbps (Mega bit per second). Value range: [1, 200]. If this value is not specified, then automatically sets it to 200 Mbps.
|
||||||
* `internet_max_bandwidth_out` - (Optional) Maximum outgoing bandwidth to the public network, measured in Mbps (Mega bit per second). Value range:
|
* `internet_max_bandwidth_out` - (Optional) Maximum outgoing bandwidth to the public network, measured in Mbps (Mega bit per second). Value range:
|
||||||
`internet_charge_type` is `PayByBandwidth`: this value range [0, 100], If this value is not specified, then automatically sets it to 0 Mbps; If `internet_charge_type` is `PayByTraffic`: this value range [1, 100]. this value must be set value, such as 5.
|
`internet_charge_type` is `PayByBandwidth`: this value range [0, 100], If this value is not specified, then automatically sets it to 0 Mbps; If `internet_charge_type` is `PayByTraffic`: this value range [1, 100]. this value must be set value, such as 5.
|
||||||
* `host_name` - (Optional) Host name of the ECS, which is a string of at least two characters. “hostname” cannot start or end with “.” or “-“. In addition, two or more consecutive “.” or “-“ symbols are not allowed. On Windows, the host name can contain a maximum of 15 characters, which can be a combination of uppercase/lowercase letters, numerals, and “-“. The host name cannot contain dots (“.”) or contain only numeric characters.
|
* `host_name` - (Optional) Host name of the ECS, which is a string of at least two characters. “hostname” cannot start or end with “.” or “-“. In addition, two or more consecutive “.” or “-“ symbols are not allowed. On Windows, the host name can contain a maximum of 15 characters, which can be a combination of uppercase/lowercase letters, numerals, and “-“. The host name cannot contain dots (“.”) or contain only numeric characters.
|
||||||
On other OSs such as Linux, the host name can contain a maximum of 30 characters, which can be segments separated by dots (“.”), where each segment can contain uppercase/lowercase letters, numerals, or “_“.
|
On other OSs such as Linux, the host name can contain a maximum of 30 characters, which can be segments separated by dots (“.”), where each segment can contain uppercase/lowercase letters, numerals, or “_“.
|
||||||
|
|
|
@ -16,31 +16,36 @@ Basic usage
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "alicloud_vpc" "vpc" {
|
resource "alicloud_vpc" "vpc" {
|
||||||
name = "tf_test_foo"
|
name = "tf_test_foo"
|
||||||
cidr_block = "172.16.0.0/12"
|
cidr_block = "172.16.0.0/12"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_vswitch" "vsw" {
|
resource "alicloud_vswitch" "vsw" {
|
||||||
vpc_id = "${alicloud_vpc.vpc.id}"
|
vpc_id = "${alicloud_vpc.vpc.id}"
|
||||||
cidr_block = "172.16.0.0/21"
|
cidr_block = "172.16.0.0/21"
|
||||||
availability_zone = "cn-beijing-b"
|
availability_zone = "cn-beijing-b"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_nat_gateway" "nat_gateway" {
|
resource "alicloud_nat_gateway" "nat_gateway" {
|
||||||
vpc_id = "${alicloud_vpc.vpc.id}"
|
vpc_id = "${alicloud_vpc.vpc.id}"
|
||||||
spec = "Small"
|
spec = "Small"
|
||||||
name = "test_foo"
|
name = "test_foo"
|
||||||
bandwidth_packages = [{
|
|
||||||
ip_count = 1
|
bandwidth_packages = [{
|
||||||
bandwidth = 5
|
ip_count = 1
|
||||||
zone = "cn-beijing-b"
|
bandwidth = 5
|
||||||
}, {
|
zone = "cn-beijing-b"
|
||||||
ip_count = 2
|
},
|
||||||
bandwidth = 10
|
{
|
||||||
zone = "cn-beijing-b"
|
ip_count = 2
|
||||||
}]
|
bandwidth = 10
|
||||||
depends_on = [
|
zone = "cn-beijing-b"
|
||||||
"alicloud_vswitch.vsw"]
|
},
|
||||||
|
]
|
||||||
|
|
||||||
|
depends_on = [
|
||||||
|
"alicloud_vswitch.vsw",
|
||||||
|
]
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -18,20 +18,20 @@ Basic Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "alicloud_security_group" "group" {
|
resource "alicloud_security_group" "group" {
|
||||||
name = "terraform-test-group"
|
name = "terraform-test-group"
|
||||||
description = "New security group"
|
description = "New security group"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
Basic usage for vpc
|
Basic usage for vpc
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "alicloud_security_group" "group" {
|
resource "alicloud_security_group" "group" {
|
||||||
name = "new-group"
|
name = "new-group"
|
||||||
vpc_id = "${alicloud_vpc.vpc.id}"
|
vpc_id = "${alicloud_vpc.vpc.id}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_vpc" "vpc" {
|
resource "alicloud_vpc" "vpc" {
|
||||||
cidr_block = "10.1.0.0/21"
|
cidr_block = "10.1.0.0/21"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@ description: |-
|
||||||
|
|
||||||
# alicloud\_security\_group\_rule
|
# alicloud\_security\_group\_rule
|
||||||
|
|
||||||
Provides a security group rule resource.
|
Provides a security group rule resource.
|
||||||
Represents a single `ingress` or `egress` group rule, which can be added to external Security Groups.
|
Represents a single `ingress` or `egress` group rule, which can be added to external Security Groups.
|
||||||
|
|
||||||
~> **NOTE:** `nic_type` should set to `intranet` when security group type is `vpc`. In this situation it does not distinguish between intranet and internet, the rule is effective on them both.
|
~> **NOTE:** `nic_type` should set to `intranet` when security group type is `vpc`. In this situation it does not distinguish between intranet and internet, the rule is effective on them both.
|
||||||
|
@ -24,14 +24,14 @@ resource "alicloud_security_group" "default" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_security_group_rule" "allow_all_tcp" {
|
resource "alicloud_security_group_rule" "allow_all_tcp" {
|
||||||
type = "ingress"
|
type = "ingress"
|
||||||
ip_protocol = "tcp"
|
ip_protocol = "tcp"
|
||||||
nic_type = "internet"
|
nic_type = "internet"
|
||||||
policy = "accept"
|
policy = "accept"
|
||||||
port_range = "1/65535"
|
port_range = "1/65535"
|
||||||
priority = 1
|
priority = 1
|
||||||
security_group_id = "${alicloud_security_group.default.id}"ecs.InstanceAttributesType
|
security_group_id = "${alicloud_security_group.default.id}"
|
||||||
cidr_ip = "0.0.0.0/0"
|
cidr_ip = "0.0.0.0/0"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -58,4 +58,4 @@ The following attributes are exported:
|
||||||
* `type` - The type of rule, `ingress` or `egress`
|
* `type` - The type of rule, `ingress` or `egress`
|
||||||
* `name` - The name of the security group
|
* `name` - The name of the security group
|
||||||
* `port_range` - The range of port numbers
|
* `port_range` - The range of port numbers
|
||||||
* `ip_protocol` - The protocol of the security group rule
|
* `ip_protocol` - The protocol of the security group rule
|
||||||
|
|
|
@ -15,41 +15,45 @@ Provides an Application Load Balancer resource.
|
||||||
```
|
```
|
||||||
# Create a new load balancer for classic
|
# Create a new load balancer for classic
|
||||||
resource "alicloud_slb" "classic" {
|
resource "alicloud_slb" "classic" {
|
||||||
name = "test-slb-tf"
|
name = "test-slb-tf"
|
||||||
internet = true
|
internet = true
|
||||||
internet_charge_type = "paybybandwidth"
|
internet_charge_type = "paybybandwidth"
|
||||||
bandwidth = 5
|
bandwidth = 5
|
||||||
listener = [
|
|
||||||
{
|
listener = [
|
||||||
"instance_port" = "2111"
|
{
|
||||||
"lb_port" = "21"
|
"instance_port" = "2111"
|
||||||
"lb_protocol" = "tcp"
|
"lb_port" = "21"
|
||||||
"bandwidth" = "5"
|
"lb_protocol" = "tcp"
|
||||||
},{
|
"bandwidth" = "5"
|
||||||
"instance_port" = "8000"
|
},
|
||||||
"lb_port" = "80"
|
{
|
||||||
"lb_protocol" = "http"
|
"instance_port" = "8000"
|
||||||
"bandwidth" = "5"
|
"lb_port" = "80"
|
||||||
},{
|
"lb_protocol" = "http"
|
||||||
"instance_port" = "1611"
|
"bandwidth" = "5"
|
||||||
"lb_port" = "161"
|
},
|
||||||
"lb_protocol" = "udp"
|
{
|
||||||
"bandwidth" = "5"
|
"instance_port" = "1611"
|
||||||
}]
|
"lb_port" = "161"
|
||||||
|
"lb_protocol" = "udp"
|
||||||
|
"bandwidth" = "5"
|
||||||
|
},
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create a new load balancer for VPC
|
# Create a new load balancer for VPC
|
||||||
resource "alicloud_vpc" "default" {
|
resource "alicloud_vpc" "default" {
|
||||||
# Other parameters...
|
# Other parameters...
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_vswitch" "default" {
|
resource "alicloud_vswitch" "default" {
|
||||||
# Other parameters...
|
# Other parameters...
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_slb" "vpc" {
|
resource "alicloud_slb" "vpc" {
|
||||||
name = "test-slb-tf"
|
name = "test-slb-tf"
|
||||||
vswitch_id = "${alicloud_vswitch.default.id}"
|
vswitch_id = "${alicloud_vswitch.default.id}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -57,8 +61,8 @@ resource "alicloud_slb" "vpc" {
|
||||||
|
|
||||||
The following arguments are supported:
|
The following arguments are supported:
|
||||||
|
|
||||||
* `name` - (Optional) The name of the SLB. This name must be unique within your AliCloud account, can have a maximum of 80 characters,
|
* `name` - (Optional) The name of the SLB. This name must be unique within your AliCloud account, can have a maximum of 80 characters,
|
||||||
must contain only alphanumeric characters or hyphens, such as "-","/",".","_", and must not begin or end with a hyphen. If not specified,
|
must contain only alphanumeric characters or hyphens, such as "-","/",".","_", and must not begin or end with a hyphen. If not specified,
|
||||||
Terraform will autogenerate a name beginning with `tf-lb`.
|
Terraform will autogenerate a name beginning with `tf-lb`.
|
||||||
* `internet` - (Optional, Forces New Resource) If true, the SLB addressType will be internet, false will be intranet, Default is false. If load balancer launched in VPC, this value must be "false".
|
* `internet` - (Optional, Forces New Resource) If true, the SLB addressType will be internet, false will be intranet, Default is false. If load balancer launched in VPC, this value must be "false".
|
||||||
* `internet_charge_type` - (Optional, Forces New Resource) Valid
|
* `internet_charge_type` - (Optional, Forces New Resource) Valid
|
||||||
|
@ -74,7 +78,7 @@ The listener mapping supports the following:
|
||||||
|
|
||||||
* `instance_port` - (Required) The port on which the backend servers are listening. Valid value is between 1 to 65535.
|
* `instance_port` - (Required) The port on which the backend servers are listening. Valid value is between 1 to 65535.
|
||||||
* `lb_port` - (Required) The port on which the load balancer is listening. Valid value is between 1 to 65535.
|
* `lb_port` - (Required) The port on which the load balancer is listening. Valid value is between 1 to 65535.
|
||||||
* `lb_protocol` - (Required) The protocol to listen on. Valid values are `http` and and `tcp` and `udp`.
|
* `lb_protocol` - (Required) The protocol to listen on. Valid values are `http` and and `tcp` and `udp`.
|
||||||
* `bandwidth` - (Required) The bandwidth on which the load balancer is listening. Valid values is -1 or between 1 and 1000. If -1, the bindwidth will haven’t upper limit.
|
* `bandwidth` - (Required) The bandwidth on which the load balancer is listening. Valid values is -1 or between 1 and 1000. If -1, the bindwidth will haven’t upper limit.
|
||||||
|
|
||||||
## Attributes Reference
|
## Attributes Reference
|
||||||
|
|
|
@ -15,18 +15,17 @@ Provides an Application Load Balancer Attachment resource.
|
||||||
```
|
```
|
||||||
# Create a new load balancer attachment for classic
|
# Create a new load balancer attachment for classic
|
||||||
resource "alicloud_slb" "default" {
|
resource "alicloud_slb" "default" {
|
||||||
# Other parameters...
|
# Other parameters...
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_instance" "default" {
|
resource "alicloud_instance" "default" {
|
||||||
# Other parameters...
|
# Other parameters...
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_slb_attachment" "default" {
|
resource "alicloud_slb_attachment" "default" {
|
||||||
slb_id = "${alicloud_slb.default.id}"
|
slb_id = "${alicloud_slb.default.id}"
|
||||||
instances = ["${alicloud_instance.default.id}"]
|
instances = ["${alicloud_instance.default.id}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -18,8 +18,8 @@ Basic Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "alicloud_vpc" "vpc" {
|
resource "alicloud_vpc" "vpc" {
|
||||||
name = "tf_test_foo"
|
name = "tf_test_foo"
|
||||||
cidr_block = "172.16.0.0/12"
|
cidr_block = "172.16.0.0/12"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -16,20 +16,20 @@ Basic Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "alicloud_vpc" "vpc" {
|
resource "alicloud_vpc" "vpc" {
|
||||||
name = "tf_test_foo"
|
name = "tf_test_foo"
|
||||||
cidr_block = "172.16.0.0/12"
|
cidr_block = "172.16.0.0/12"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_route_entry" "default" {
|
resource "alicloud_route_entry" "default" {
|
||||||
router_id = "${alicloud_vpc.default.router_id}"
|
router_id = "${alicloud_vpc.default.router_id}"
|
||||||
route_table_id = "${alicloud_vpc.default.router_table_id}"
|
route_table_id = "${alicloud_vpc.default.router_table_id}"
|
||||||
destination_cidrblock = "${var.entry_cidr}"
|
destination_cidrblock = "${var.entry_cidr}"
|
||||||
nexthop_type = "Instance"
|
nexthop_type = "Instance"
|
||||||
nexthop_id = "${alicloud_instance.snat.id}"
|
nexthop_id = "${alicloud_instance.snat.id}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_instance" "snat" {
|
resource "alicloud_instance" "snat" {
|
||||||
// ...
|
// ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -16,13 +16,13 @@ Basic Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "alicloud_vpc" "vpc" {
|
resource "alicloud_vpc" "vpc" {
|
||||||
name = "tf_test_foo"
|
name = "tf_test_foo"
|
||||||
cidr_block = "172.16.0.0/12"
|
cidr_block = "172.16.0.0/12"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "alicloud_vswitch" "vsw" {
|
resource "alicloud_vswitch" "vsw" {
|
||||||
vpc_id = "${alicloud_vpc.vpc.id}"
|
vpc_id = "${alicloud_vpc.vpc.id}"
|
||||||
cidr_block = "172.16.0.0/21"
|
cidr_block = "172.16.0.0/21"
|
||||||
availability_zone = "cn-beijing-b"
|
availability_zone = "cn-beijing-b"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -15,6 +15,5 @@ Use the navigation to the left to read about the available resources.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
provider "archive" {
|
provider "archive" {}
|
||||||
}
|
|
||||||
```
|
```
|
||||||
|
|
|
@ -28,23 +28,25 @@ Add the below to a file called `arukas.tf` and run the `terraform` command from
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
provider "arukas" {
|
provider "arukas" {
|
||||||
token = ""
|
token = ""
|
||||||
secret = ""
|
secret = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "arukas_container" "foobar" {
|
resource "arukas_container" "foobar" {
|
||||||
name = "terraform_for_arukas_test_foobar"
|
name = "terraform_for_arukas_test_foobar"
|
||||||
image = "nginx:latest"
|
image = "nginx:latest"
|
||||||
instances = 1
|
instances = 1
|
||||||
memory = 256
|
memory = 256
|
||||||
ports = {
|
|
||||||
protocol = "tcp"
|
ports = {
|
||||||
number = "80"
|
protocol = "tcp"
|
||||||
}
|
number = "80"
|
||||||
environments {
|
}
|
||||||
key = "key1"
|
|
||||||
value = "value1"
|
environments {
|
||||||
}
|
key = "key1"
|
||||||
|
value = "value1"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -18,18 +18,20 @@ Create a new container using the "NGINX" image.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
resource "arukas_container" "foobar" {
|
resource "arukas_container" "foobar" {
|
||||||
name = "terraform_for_arukas_test_foobar"
|
name = "terraform_for_arukas_test_foobar"
|
||||||
image = "nginx:latest"
|
image = "nginx:latest"
|
||||||
instances = 1
|
instances = 1
|
||||||
memory = 256
|
memory = 256
|
||||||
ports = {
|
|
||||||
protocol = "tcp"
|
ports = {
|
||||||
number = "80"
|
protocol = "tcp"
|
||||||
}
|
number = "80"
|
||||||
environments {
|
}
|
||||||
key = "key1"
|
|
||||||
value = "value1"
|
environments {
|
||||||
}
|
key = "key1"
|
||||||
|
value = "value1"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -10,8 +10,8 @@ description: |-
|
||||||
|
|
||||||
# atlas\_artifact
|
# atlas\_artifact
|
||||||
|
|
||||||
Provides a [Data Source](/docs/configuration/data-sources.html) to access to deployment
|
Provides a [Data Source](/docs/configuration/data-sources.html) to access to deployment
|
||||||
artifacts managed by Atlas. This can be used to dynamically configure instantiation
|
artifacts managed by Atlas. This can be used to dynamically configure instantiation
|
||||||
and provisioning of resources.
|
and provisioning of resources.
|
||||||
|
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
@ -23,19 +23,21 @@ to this artifact will trigger a change to that instance.
|
||||||
```
|
```
|
||||||
# Read the AMI
|
# Read the AMI
|
||||||
data "atlas_artifact" "web" {
|
data "atlas_artifact" "web" {
|
||||||
name = "hashicorp/web"
|
name = "hashicorp/web"
|
||||||
type = "amazon.image"
|
type = "amazon.image"
|
||||||
build = "latest"
|
build = "latest"
|
||||||
metadata {
|
|
||||||
arch = "386"
|
metadata {
|
||||||
}
|
arch = "386"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Start our instance with the dynamic ami value
|
# Start our instance with the dynamic ami value
|
||||||
# Remember to include the AWS region as it is part of the full ID
|
# Remember to include the AWS region as it is part of the full ID
|
||||||
resource "aws_instance" "app" {
|
resource "aws_instance" "app" {
|
||||||
ami = "${data.atlas_artifact.web.metadata_full.region-us-east-1}"
|
ami = "${data.atlas_artifact.web.metadata_full.region-us-east-1}"
|
||||||
...
|
|
||||||
|
# ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -53,7 +55,7 @@ The following arguments are supported:
|
||||||
to find a matching artifact in the latest build, "any" to find a
|
to find a matching artifact in the latest build, "any" to find a
|
||||||
matching artifact in any build, or a specific number to pin to that
|
matching artifact in any build, or a specific number to pin to that
|
||||||
build. If `build` and `version` are unspecified, `version` will default
|
build. If `build` and `version` are unspecified, `version` will default
|
||||||
to "latest". Cannot be specified with `version`. Note: `build` is only
|
to "latest". Cannot be specified with `version`. Note: `build` is only
|
||||||
present if Atlas builds the image.
|
present if Atlas builds the image.
|
||||||
|
|
||||||
* `version` - (Optional) The version of the artifact to filter on. This can
|
* `version` - (Optional) The version of the artifact to filter on. This can
|
||||||
|
|
|
@ -21,12 +21,12 @@ Use the navigation to the left to read about the available resources.
|
||||||
```
|
```
|
||||||
# Configure the Atlas provider
|
# Configure the Atlas provider
|
||||||
provider "atlas" {
|
provider "atlas" {
|
||||||
token = "${var.atlas_token}"
|
token = "${var.atlas_token}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Fetch an artifact configuration
|
# Fetch an artifact configuration
|
||||||
data "atlas_artifact" "web" {
|
data "atlas_artifact" "web" {
|
||||||
...
|
# ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ Provides access to deployment artifacts managed by Atlas. This can
|
||||||
be used to dynamically configure instantiation and provisioning
|
be used to dynamically configure instantiation and provisioning
|
||||||
of resources.
|
of resources.
|
||||||
|
|
||||||
~> **NOTE: This resource is deprecated.**
|
~> **NOTE: This resource is deprecated.**
|
||||||
Please use the [Atlas Artifact Data Source](/docs/providers/atlas/d/artifact.html)
|
Please use the [Atlas Artifact Data Source](/docs/providers/atlas/d/artifact.html)
|
||||||
|
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
@ -26,19 +26,21 @@ to this artifact will trigger a change to that instance.
|
||||||
```
|
```
|
||||||
# Read the AMI
|
# Read the AMI
|
||||||
resource "atlas_artifact" "web" {
|
resource "atlas_artifact" "web" {
|
||||||
name = "hashicorp/web"
|
name = "hashicorp/web"
|
||||||
type = "amazon.image"
|
type = "amazon.image"
|
||||||
build = "latest"
|
build = "latest"
|
||||||
metadata {
|
|
||||||
arch = "386"
|
metadata {
|
||||||
}
|
arch = "386"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Start our instance with the dynamic ami value
|
# Start our instance with the dynamic ami value
|
||||||
# Remember to include the AWS region as it is part of the full ID
|
# Remember to include the AWS region as it is part of the full ID
|
||||||
resource "aws_instance" "app" {
|
resource "aws_instance" "app" {
|
||||||
ami = "${atlas_artifact.web.metadata_full.region-us-east-1}"
|
ami = "${atlas_artifact.web.metadata_full.region-us-east-1}"
|
||||||
...
|
|
||||||
|
# ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -56,7 +58,7 @@ The following arguments are supported:
|
||||||
to find a matching artifact in the latest build, "any" to find a
|
to find a matching artifact in the latest build, "any" to find a
|
||||||
matching artifact in any build, or a specific number to pin to that
|
matching artifact in any build, or a specific number to pin to that
|
||||||
build. If `build` and `version` are unspecified, `version` will default
|
build. If `build` and `version` are unspecified, `version` will default
|
||||||
to "latest". Cannot be specified with `version`. Note: `build` is only
|
to "latest". Cannot be specified with `version`. Note: `build` is only
|
||||||
present if Atlas builds the image.
|
present if Atlas builds the image.
|
||||||
|
|
||||||
* `version` - (Optional) The version of the artifact to filter on. This can
|
* `version` - (Optional) The version of the artifact to filter on. This can
|
||||||
|
|
|
@ -18,7 +18,7 @@ them by domain without having to hard code the ARNs as input.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_acm_certificate" "example" {
|
data "aws_acm_certificate" "example" {
|
||||||
domain = "tf.example.com"
|
domain = "tf.example.com"
|
||||||
statuses = ["ISSUED"]
|
statuses = ["ISSUED"]
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -15,18 +15,21 @@ resources.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_ami" "nat_ami" {
|
data "aws_ami" "nat_ami" {
|
||||||
most_recent = true
|
most_recent = true
|
||||||
executable_users = ["self"]
|
executable_users = ["self"]
|
||||||
|
|
||||||
filter {
|
filter {
|
||||||
name = "owner-alias"
|
name = "owner-alias"
|
||||||
values = ["amazon"]
|
values = ["amazon"]
|
||||||
}
|
}
|
||||||
|
|
||||||
filter {
|
filter {
|
||||||
name = "name"
|
name = "name"
|
||||||
values = ["amzn-ami-vpc-nat*"]
|
values = ["amzn-ami-vpc-nat*"]
|
||||||
}
|
}
|
||||||
|
|
||||||
name_regex = "^myami-\\d{3}"
|
name_regex = "^myami-\\d{3}"
|
||||||
owners = ["self"]
|
owners = ["self"]
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -18,12 +18,14 @@ data "aws_autoscaling_groups" "groups" {}
|
||||||
|
|
||||||
resource "aws_autoscaling_notification" "slack_notifications" {
|
resource "aws_autoscaling_notification" "slack_notifications" {
|
||||||
group_names = ["${data.aws_autoscaling_groups.groups.names}"]
|
group_names = ["${data.aws_autoscaling_groups.groups.names}"]
|
||||||
notifications = [
|
|
||||||
|
notifications = [
|
||||||
"autoscaling:EC2_INSTANCE_LAUNCH",
|
"autoscaling:EC2_INSTANCE_LAUNCH",
|
||||||
"autoscaling:EC2_INSTANCE_TERMINATE",
|
"autoscaling:EC2_INSTANCE_TERMINATE",
|
||||||
"autoscaling:EC2_INSTANCE_LAUNCH_ERROR",
|
"autoscaling:EC2_INSTANCE_LAUNCH_ERROR",
|
||||||
"autoscaling:EC2_INSTANCE_TERMINATE_ERROR"
|
"autoscaling:EC2_INSTANCE_TERMINATE_ERROR",
|
||||||
]
|
]
|
||||||
|
|
||||||
topic_arn = "TOPIC ARN"
|
topic_arn = "TOPIC ARN"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -13,12 +13,13 @@ Use this data source to get the Account ID of the [AWS Billing and Cost Manageme
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_billing_service_account" "main" { }
|
data "aws_billing_service_account" "main" {}
|
||||||
|
|
||||||
resource "aws_s3_bucket" "billing_logs" {
|
resource "aws_s3_bucket" "billing_logs" {
|
||||||
bucket = "my-billing-tf-test-bucket"
|
bucket = "my-billing-tf-test-bucket"
|
||||||
acl = "private"
|
acl = "private"
|
||||||
policy = <<POLICY
|
|
||||||
|
policy = <<POLICY
|
||||||
{
|
{
|
||||||
"Id": "Policy",
|
"Id": "Policy",
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
|
|
|
@ -19,7 +19,7 @@ cases, the data source will return an error.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_caller_identity" "current" { }
|
data "aws_caller_identity" "current" {}
|
||||||
|
|
||||||
output "account_id" {
|
output "account_id" {
|
||||||
value = "${data.aws_caller_identity.current.account_id}"
|
value = "${data.aws_caller_identity.current.account_id}"
|
||||||
|
@ -32,4 +32,4 @@ There are no arguments available for this data source.
|
||||||
|
|
||||||
## Attributes Reference
|
## Attributes Reference
|
||||||
|
|
||||||
`account_id` is set to the ID of the AWS account.
|
`account_id` is set to the ID of the AWS account.
|
||||||
|
|
|
@ -15,7 +15,7 @@ for the effective account in which Terraform is working.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_canonical_user_id" "current" { }
|
data "aws_canonical_user_id" "current" {}
|
||||||
|
|
||||||
output "canonical_user_id" {
|
output "canonical_user_id" {
|
||||||
value = "${data.aws_canonical_user_id.current.id}"
|
value = "${data.aws_canonical_user_id.current.id}"
|
||||||
|
|
|
@ -15,16 +15,17 @@ outputs and other useful data including the template body.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_cloudformation_stack" "network" {
|
data "aws_cloudformation_stack" "network" {
|
||||||
name = "my-network-stack"
|
name = "my-network-stack"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_instance" "web" {
|
resource "aws_instance" "web" {
|
||||||
ami = "ami-abb07bcb"
|
ami = "ami-abb07bcb"
|
||||||
instance_type = "t1.micro"
|
instance_type = "t1.micro"
|
||||||
subnet_id = "${data.aws_cloudformation_stack.network.outputs["SubnetId"]}"
|
subnet_id = "${data.aws_cloudformation_stack.network.outputs["SubnetId"]}"
|
||||||
tags {
|
|
||||||
Name = "HelloWorld"
|
tags {
|
||||||
}
|
Name = "HelloWorld"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ Use this data source to get information about an RDS instance
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_db_instance" "database" {
|
data "aws_db_instance" "database" {
|
||||||
db_instance_identifier = "my-test-database"
|
db_instance_identifier = "my-test-database"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -14,16 +14,18 @@ Use this data source to get information about an EBS Snapshot for use when provi
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_ebs_snapshot" "ebs_volume" {
|
data "aws_ebs_snapshot" "ebs_volume" {
|
||||||
most_recent = true
|
most_recent = true
|
||||||
owners = ["self"]
|
owners = ["self"]
|
||||||
filter {
|
|
||||||
name = "volume-size"
|
filter {
|
||||||
values = ["40"]
|
name = "volume-size"
|
||||||
}
|
values = ["40"]
|
||||||
filter {
|
}
|
||||||
name = "tag:Name"
|
|
||||||
values = ["Example"]
|
filter {
|
||||||
}
|
name = "tag:Name"
|
||||||
|
values = ["Example"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -15,15 +15,17 @@ resources.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_ebs_volume" "ebs_volume" {
|
data "aws_ebs_volume" "ebs_volume" {
|
||||||
most_recent = true
|
most_recent = true
|
||||||
filter {
|
|
||||||
name = "volume-type"
|
filter {
|
||||||
values = ["gp2"]
|
name = "volume-type"
|
||||||
}
|
values = ["gp2"]
|
||||||
filter {
|
}
|
||||||
name = "tag:Name"
|
|
||||||
values = ["Example"]
|
filter {
|
||||||
}
|
name = "tag:Name"
|
||||||
|
values = ["Example"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -16,7 +16,7 @@ a specific container within an AWS ECS service.
|
||||||
```
|
```
|
||||||
data "aws_ecs_container_definition" "ecs-mongo" {
|
data "aws_ecs_container_definition" "ecs-mongo" {
|
||||||
task_definition = "${aws_ecs_task_definition.mongo.id}"
|
task_definition = "${aws_ecs_task_definition.mongo.id}"
|
||||||
container_name = "mongodb"
|
container_name = "mongodb"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -26,6 +26,7 @@ resource "aws_ecs_cluster" "foo" {
|
||||||
|
|
||||||
resource "aws_ecs_task_definition" "mongo" {
|
resource "aws_ecs_task_definition" "mongo" {
|
||||||
family = "mongodb"
|
family = "mongodb"
|
||||||
|
|
||||||
container_definitions = <<DEFINITION
|
container_definitions = <<DEFINITION
|
||||||
[
|
[
|
||||||
{
|
{
|
||||||
|
@ -45,8 +46,8 @@ DEFINITION
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_ecs_service" "mongo" {
|
resource "aws_ecs_service" "mongo" {
|
||||||
name = "mongo"
|
name = "mongo"
|
||||||
cluster = "${aws_ecs_cluster.foo.id}"
|
cluster = "${aws_ecs_cluster.foo.id}"
|
||||||
desired_count = 2
|
desired_count = 2
|
||||||
|
|
||||||
# Track the latest ACTIVE revision
|
# Track the latest ACTIVE revision
|
||||||
|
|
|
@ -27,7 +27,7 @@ data "aws_eip" "proxy_ip" {
|
||||||
}
|
}
|
||||||
|
|
||||||
aws_eip_association "proxy_eip" {
|
aws_eip_association "proxy_eip" {
|
||||||
instance_id = "${var.instance_id}"
|
instance_id = "${var.instance_id}"
|
||||||
allocation_id = "${data.aws_eip.proxy_ip.id}"
|
allocation_id = "${data.aws_eip.proxy_ip.id}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -14,16 +14,16 @@ in a given region for the purpose of using in an AWS Route53 Alias.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_elb_hosted_zone_id" "main" { }
|
data "aws_elb_hosted_zone_id" "main" {}
|
||||||
|
|
||||||
resource "aws_route53_record" "www" {
|
resource "aws_route53_record" "www" {
|
||||||
zone_id = "${aws_route53_zone.primary.zone_id}"
|
zone_id = "${aws_route53_zone.primary.zone_id}"
|
||||||
name = "example.com"
|
name = "example.com"
|
||||||
type = "A"
|
type = "A"
|
||||||
|
|
||||||
alias {
|
alias {
|
||||||
name = "${aws_elb.main.dns_name}"
|
name = "${aws_elb.main.dns_name}"
|
||||||
zone_id = "${data.aws_elb_hosted_zone_id.main.id}"
|
zone_id = "${data.aws_elb_hosted_zone_id.main.id}"
|
||||||
evaluate_target_health = true
|
evaluate_target_health = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,12 +14,13 @@ in a given region for the purpose of whitelisting in S3 bucket policy.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_elb_service_account" "main" { }
|
data "aws_elb_service_account" "main" {}
|
||||||
|
|
||||||
resource "aws_s3_bucket" "elb_logs" {
|
resource "aws_s3_bucket" "elb_logs" {
|
||||||
bucket = "my-elb-tf-test-bucket"
|
bucket = "my-elb-tf-test-bucket"
|
||||||
acl = "private"
|
acl = "private"
|
||||||
policy = <<POLICY
|
|
||||||
|
policy = <<POLICY
|
||||||
{
|
{
|
||||||
"Id": "Policy",
|
"Id": "Policy",
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
|
@ -42,19 +43,19 @@ POLICY
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_elb" "bar" {
|
resource "aws_elb" "bar" {
|
||||||
name = "my-foobar-terraform-elb"
|
name = "my-foobar-terraform-elb"
|
||||||
availability_zones = ["us-west-2a"]
|
availability_zones = ["us-west-2a"]
|
||||||
|
|
||||||
access_logs {
|
access_logs {
|
||||||
bucket = "${aws_s3_bucket.elb_logs.bucket}"
|
bucket = "${aws_s3_bucket.elb_logs.bucket}"
|
||||||
interval = 5
|
interval = 5
|
||||||
}
|
}
|
||||||
|
|
||||||
listener {
|
listener {
|
||||||
instance_port = 8000
|
instance_port = 8000
|
||||||
instance_protocol = "http"
|
instance_protocol = "http"
|
||||||
lb_port = 80
|
lb_port = 80
|
||||||
lb_protocol = "http"
|
lb_protocol = "http"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -15,7 +15,7 @@ for the effective account in which Terraform is working.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_iam_account_alias" "current" { }
|
data "aws_iam_account_alias" "current" {}
|
||||||
|
|
||||||
output "account_id" {
|
output "account_id" {
|
||||||
value = "${data.aws_iam_account_alias.current.account_alias}"
|
value = "${data.aws_iam_account_alias.current.account_alias}"
|
||||||
|
@ -30,4 +30,4 @@ There are no arguments available for this data source.
|
||||||
|
|
||||||
The following attributes are exported:
|
The following attributes are exported:
|
||||||
|
|
||||||
* `account_alias` - The alias associated with the AWS account.
|
* `account_alias` - The alias associated with the AWS account.
|
||||||
|
|
|
@ -16,51 +16,56 @@ such as the `aws_iam_policy` resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_iam_policy_document" "example" {
|
data "aws_iam_policy_document" "example" {
|
||||||
statement {
|
statement {
|
||||||
sid = "1"
|
sid = "1"
|
||||||
actions = [
|
|
||||||
"s3:ListAllMyBuckets",
|
|
||||||
"s3:GetBucketLocation",
|
|
||||||
]
|
|
||||||
resources = [
|
|
||||||
"arn:aws:s3:::*",
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
statement {
|
actions = [
|
||||||
actions = [
|
"s3:ListAllMyBuckets",
|
||||||
"s3:ListBucket",
|
"s3:GetBucketLocation",
|
||||||
]
|
]
|
||||||
resources = [
|
|
||||||
"arn:aws:s3:::${var.s3_bucket_name}",
|
|
||||||
]
|
|
||||||
condition {
|
|
||||||
test = "StringLike"
|
|
||||||
variable = "s3:prefix"
|
|
||||||
values = [
|
|
||||||
"",
|
|
||||||
"home/",
|
|
||||||
"home/&{aws:username}/",
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
statement {
|
resources = [
|
||||||
actions = [
|
"arn:aws:s3:::*",
|
||||||
"s3:*",
|
]
|
||||||
]
|
}
|
||||||
resources = [
|
|
||||||
"arn:aws:s3:::${var.s3_bucket_name}/home/&{aws:username}",
|
|
||||||
"arn:aws:s3:::${var.s3_bucket_name}/home/&{aws:username}/*",
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
|
statement {
|
||||||
|
actions = [
|
||||||
|
"s3:ListBucket",
|
||||||
|
]
|
||||||
|
|
||||||
|
resources = [
|
||||||
|
"arn:aws:s3:::${var.s3_bucket_name}",
|
||||||
|
]
|
||||||
|
|
||||||
|
condition {
|
||||||
|
test = "StringLike"
|
||||||
|
variable = "s3:prefix"
|
||||||
|
|
||||||
|
values = [
|
||||||
|
"",
|
||||||
|
"home/",
|
||||||
|
"home/&{aws:username}/",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
statement {
|
||||||
|
actions = [
|
||||||
|
"s3:*",
|
||||||
|
]
|
||||||
|
|
||||||
|
resources = [
|
||||||
|
"arn:aws:s3:::${var.s3_bucket_name}/home/&{aws:username}",
|
||||||
|
"arn:aws:s3:::${var.s3_bucket_name}/home/&{aws:username}/*",
|
||||||
|
]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_iam_policy" "example" {
|
resource "aws_iam_policy" "example" {
|
||||||
name = "example_policy"
|
name = "example_policy"
|
||||||
path = "/"
|
path = "/"
|
||||||
policy = "${data.aws_iam_policy_document.example.json}"
|
policy = "${data.aws_iam_policy_document.example.json}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -147,16 +152,16 @@ Showing how you can use this as an assume role policy as well as showing how you
|
||||||
```
|
```
|
||||||
data "aws_iam_policy_document" "event_stream_bucket_role_assume_role_policy" {
|
data "aws_iam_policy_document" "event_stream_bucket_role_assume_role_policy" {
|
||||||
statement {
|
statement {
|
||||||
actions = [ "sts:AssumeRole" ]
|
actions = ["sts:AssumeRole"]
|
||||||
|
|
||||||
principals {
|
principals {
|
||||||
type = "Service"
|
type = "Service"
|
||||||
identifiers = ["firehose.amazonaws.com"]
|
identifiers = ["firehose.amazonaws.com"]
|
||||||
}
|
}
|
||||||
|
|
||||||
principals {
|
principals {
|
||||||
type = "AWS"
|
type = "AWS"
|
||||||
identifiers = ["${var.trusted_role_arn}"]
|
identifiers = ["${var.trusted_role_arn}"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,18 +15,17 @@ Use this data source to lookup information about IAM Server Certificates.
|
||||||
```
|
```
|
||||||
data "aws_iam_server_certificate" "my-domain" {
|
data "aws_iam_server_certificate" "my-domain" {
|
||||||
name_prefix = "my-domain.org"
|
name_prefix = "my-domain.org"
|
||||||
latest = true
|
latest = true
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_elb" "elb" {
|
resource "aws_elb" "elb" {
|
||||||
name = "my-domain-elb"
|
name = "my-domain-elb"
|
||||||
|
|
||||||
|
|
||||||
listener {
|
listener {
|
||||||
instance_port = 8000
|
instance_port = 8000
|
||||||
instance_protocol = "https"
|
instance_protocol = "https"
|
||||||
lb_port = 443
|
lb_port = 443
|
||||||
lb_protocol = "https"
|
lb_protocol = "https"
|
||||||
ssl_certificate_id = "${data.aws_iam_server_certificate.my-domain.arn}"
|
ssl_certificate_id = "${data.aws_iam_server_certificate.my-domain.arn}"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,12 +16,14 @@ resources.
|
||||||
```
|
```
|
||||||
data "aws_instance" "foo" {
|
data "aws_instance" "foo" {
|
||||||
instance_id = "i-instanceid"
|
instance_id = "i-instanceid"
|
||||||
|
|
||||||
filter {
|
filter {
|
||||||
name = "image-id"
|
name = "image-id"
|
||||||
values = ["ami-xxxxxxxx"]
|
values = ["ami-xxxxxxxx"]
|
||||||
}
|
}
|
||||||
|
|
||||||
filter {
|
filter {
|
||||||
name = "tag:Name"
|
name = "tag:Name"
|
||||||
values = ["instance-name-tag"]
|
values = ["instance-name-tag"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -31,7 +33,7 @@ data "aws_instance" "foo" {
|
||||||
|
|
||||||
* `instance_id` - (Optional) Specify the exact Instance ID with which to populate the data source.
|
* `instance_id` - (Optional) Specify the exact Instance ID with which to populate the data source.
|
||||||
|
|
||||||
* `instance_tags` - (Optional) A mapping of tags, each pair of which must
|
* `instance_tags` - (Optional) A mapping of tags, each pair of which must
|
||||||
exactly match a pair on the desired Instance.
|
exactly match a pair on the desired Instance.
|
||||||
|
|
||||||
* `filter` - (Optional) One or more name/value pairs to use as filters. There are
|
* `filter` - (Optional) One or more name/value pairs to use as filters. There are
|
||||||
|
@ -74,10 +76,10 @@ interpolation.
|
||||||
* `network_interface_id` - The ID of the network interface that was created with the Instance.
|
* `network_interface_id` - The ID of the network interface that was created with the Instance.
|
||||||
* `placement_group` - The placement group of the Instance.
|
* `placement_group` - The placement group of the Instance.
|
||||||
* `private_dns` - The private DNS name assigned to the Instance. Can only be
|
* `private_dns` - The private DNS name assigned to the Instance. Can only be
|
||||||
used inside the Amazon EC2, and only available if you've enabled DNS hostnames
|
used inside the Amazon EC2, and only available if you've enabled DNS hostnames
|
||||||
for your VPC.
|
for your VPC.
|
||||||
* `private_ip` - The private IP address assigned to the Instance.
|
* `private_ip` - The private IP address assigned to the Instance.
|
||||||
* `public_dns` - The public DNS name assigned to the Instance. For EC2-VPC, this
|
* `public_dns` - The public DNS name assigned to the Instance. For EC2-VPC, this
|
||||||
is only available if you've enabled DNS hostnames for your VPC.
|
is only available if you've enabled DNS hostnames for your VPC.
|
||||||
* `public_ip` - The public IP address assigned to the Instance, if applicable. **NOTE**: If you are using an [`aws_eip`](/docs/providers/aws/r/eip.html) with your instance, you should refer to the EIP's address directly and not use `public_ip`, as this field will change after the EIP is attached.
|
* `public_ip` - The public IP address assigned to the Instance, if applicable. **NOTE**: If you are using an [`aws_eip`](/docs/providers/aws/r/eip.html) with your instance, you should refer to the EIP's address directly and not use `public_ip`, as this field will change after the EIP is attached.
|
||||||
* `root_block_device` - The root block device mappings of the Instance
|
* `root_block_device` - The root block device mappings of the Instance
|
||||||
|
@ -88,7 +90,7 @@ interpolation.
|
||||||
* `security_groups` - The associated security groups.
|
* `security_groups` - The associated security groups.
|
||||||
* `source_dest_check` - Whether the network interface performs source/destination checking (Boolean).
|
* `source_dest_check` - Whether the network interface performs source/destination checking (Boolean).
|
||||||
* `subnet_id` - The VPC subnet ID.
|
* `subnet_id` - The VPC subnet ID.
|
||||||
* `user_data` - The User Data supplied to the Instance.
|
* `user_data` - The User Data supplied to the Instance.
|
||||||
* `tags` - A mapping of tags assigned to the Instance.
|
* `tags` - A mapping of tags assigned to the Instance.
|
||||||
* `tenancy` - The tenancy of the instance: `dedicated`, `default`, `host`.
|
* `tenancy` - The tenancy of the instance: `dedicated`, `default`, `host`.
|
||||||
* `vpc_security_group_ids` - The associated security groups in a non-default VPC.
|
* `vpc_security_group_ids` - The associated security groups in a non-default VPC.
|
||||||
|
|
|
@ -14,26 +14,24 @@ Use this data source to get the [IP ranges][1] of various AWS products and servi
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_ip_ranges" "european_ec2" {
|
data "aws_ip_ranges" "european_ec2" {
|
||||||
regions = [ "eu-west-1", "eu-central-1" ]
|
regions = ["eu-west-1", "eu-central-1"]
|
||||||
services = [ "ec2" ]
|
services = ["ec2"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_security_group" "from_europe" {
|
resource "aws_security_group" "from_europe" {
|
||||||
|
|
||||||
name = "from_europe"
|
name = "from_europe"
|
||||||
|
|
||||||
ingress {
|
ingress {
|
||||||
from_port = "443"
|
from_port = "443"
|
||||||
to_port = "443"
|
to_port = "443"
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
cidr_blocks = [ "${data.aws_ip_ranges.european_ec2.cidr_blocks}" ]
|
cidr_blocks = ["${data.aws_ip_ranges.european_ec2.cidr_blocks}"]
|
||||||
}
|
}
|
||||||
|
|
||||||
tags {
|
tags {
|
||||||
CreateDate = "${data.aws_ip_ranges.european_ec2.create_date}"
|
CreateDate = "${data.aws_ip_ranges.european_ec2.create_date}"
|
||||||
SyncToken = "${data.aws_ip_ranges.european_ec2.sync_token}"
|
SyncToken = "${data.aws_ip_ranges.european_ec2.sync_token}"
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -38,20 +38,21 @@ Now, take that output and add it to your resource definitions.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_kms_secret" "db" {
|
data "aws_kms_secret" "db" {
|
||||||
secret {
|
secret {
|
||||||
name = "master_password"
|
name = "master_password"
|
||||||
payload = "AQECAHgaPa0J8WadplGCqqVAr4HNvDaFSQ+NaiwIBhmm6qDSFwAAAGIwYAYJKoZIhvcNAQcGoFMwUQIBADBMBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDI+LoLdvYv8l41OhAAIBEIAfx49FFJCLeYrkfMfAw6XlnxP23MmDBdqP8dPp28OoAQ=="
|
payload = "AQECAHgaPa0J8WadplGCqqVAr4HNvDaFSQ+NaiwIBhmm6qDSFwAAAGIwYAYJKoZIhvcNAQcGoFMwUQIBADBMBgkqhkiG9w0BBwEwHgYJYIZIAWUDBAEuMBEEDI+LoLdvYv8l41OhAAIBEIAfx49FFJCLeYrkfMfAw6XlnxP23MmDBdqP8dPp28OoAQ=="
|
||||||
|
|
||||||
context {
|
context {
|
||||||
foo = "bar"
|
foo = "bar"
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_rds_cluster" "rds" {
|
resource "aws_rds_cluster" "rds" {
|
||||||
master_username = "root"
|
master_username = "root"
|
||||||
master_password = "${data.aws_kms_secret.db.master_password}"
|
master_password = "${data.aws_kms_secret.db.master_password}"
|
||||||
...
|
|
||||||
|
# ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,7 @@ Use this data source to lookup current AWS partition in which Terraform is worki
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_partition" "current" { }
|
data "aws_partition" "current" {}
|
||||||
|
|
||||||
data "aws_iam_policy_document" "s3_policy" {
|
data "aws_iam_policy_document" "s3_policy" {
|
||||||
statement {
|
statement {
|
||||||
|
@ -28,7 +28,6 @@ data "aws_iam_policy_document" "s3_policy" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -20,8 +20,8 @@ rules.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_vpc_endpoint" "private_s3" {
|
resource "aws_vpc_endpoint" "private_s3" {
|
||||||
vpc_id = "${aws_vpc.foo.id}"
|
vpc_id = "${aws_vpc.foo.id}"
|
||||||
service_name = "com.amazonaws.us-west-2.s3"
|
service_name = "com.amazonaws.us-west-2.s3"
|
||||||
}
|
}
|
||||||
|
|
||||||
data "aws_prefix_list" "private_s3" {
|
data "aws_prefix_list" "private_s3" {
|
||||||
|
@ -29,17 +29,18 @@ data "aws_prefix_list" "private_s3" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_network_acl" "bar" {
|
resource "aws_network_acl" "bar" {
|
||||||
vpc_id = "${aws_vpc.foo.id}"
|
vpc_id = "${aws_vpc.foo.id}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_network_acl_rule" "private_s3" {
|
resource "aws_network_acl_rule" "private_s3" {
|
||||||
network_acl_id = "${aws_network_acl.bar.id}"
|
network_acl_id = "${aws_network_acl.bar.id}"
|
||||||
rule_number = 200
|
rule_number = 200
|
||||||
egress = false
|
egress = false
|
||||||
protocol = "tcp"
|
protocol = "tcp"
|
||||||
rule_action = "allow"
|
rule_action = "allow"
|
||||||
cidr_block = "${data.aws_prefix_list.private_s3.cidr_blocks[0]}"
|
cidr_block = "${data.aws_prefix_list.private_s3.cidr_blocks[0]}"
|
||||||
from_port = 443
|
from_port = 443
|
||||||
to_port = 443
|
to_port = 443
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -14,12 +14,13 @@ in a given region for the purpose of allowing Redshift to store audit data in S3
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_redshift_service_account" "main" { }
|
data "aws_redshift_service_account" "main" {}
|
||||||
|
|
||||||
resource "aws_s3_bucket" "bucket" {
|
resource "aws_s3_bucket" "bucket" {
|
||||||
bucket = "tf-redshift-logging-test-bucket"
|
bucket = "tf-redshift-logging-test-bucket"
|
||||||
force_destroy = true
|
force_destroy = true
|
||||||
policy = <<EOF
|
|
||||||
|
policy = <<EOF
|
||||||
{
|
{
|
||||||
"Version": "2008-10-17",
|
"Version": "2008-10-17",
|
||||||
"Statement": [
|
"Statement": [
|
||||||
|
|
|
@ -10,7 +10,7 @@ description: |-
|
||||||
|
|
||||||
`aws_route53_zone` provides details about a specific Route 53 Hosted Zone.
|
`aws_route53_zone` provides details about a specific Route 53 Hosted Zone.
|
||||||
|
|
||||||
This data source allows to find a Hosted Zone ID given Hosted Zone name and certain search criteria.
|
This data source allows to find a Hosted Zone ID given Hosted Zone name and certain search criteria.
|
||||||
|
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
|
||||||
|
@ -19,15 +19,15 @@ The following example shows how to get a Hosted Zone from it's name and from thi
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_route53_zone" "selected" {
|
data "aws_route53_zone" "selected" {
|
||||||
name = "test.com."
|
name = "test.com."
|
||||||
private_zone = true
|
private_zone = true
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "www" {
|
resource "aws_route53_record" "www" {
|
||||||
zone_id = "${data.aws_route53_zone.selected.zone_id}"
|
zone_id = "${data.aws_route53_zone.selected.zone_id}"
|
||||||
name = "www.${data.aws_route53_zone.selected.name}"
|
name = "www.${data.aws_route53_zone.selected.name}"
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = "300"
|
ttl = "300"
|
||||||
records = ["10.0.0.1"]
|
records = ["10.0.0.1"]
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -11,7 +11,7 @@ description: |-
|
||||||
`aws_route_table` provides details about a specific Route Table.
|
`aws_route_table` provides details about a specific Route Table.
|
||||||
|
|
||||||
This resource can prove useful when a module accepts a Subnet id as
|
This resource can prove useful when a module accepts a Subnet id as
|
||||||
an input variable and needs to, for example, add a route in
|
an input variable and needs to, for example, add a route in
|
||||||
the Route Table.
|
the Route Table.
|
||||||
|
|
||||||
## Example Usage
|
## Example Usage
|
||||||
|
@ -27,8 +27,8 @@ data "aws_route_table" "selected" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route" "route" {
|
resource "aws_route" "route" {
|
||||||
route_table_id = "${data.aws_route_table.selected.id}"
|
route_table_id = "${data.aws_route_table.selected.id}"
|
||||||
destination_cidr_block = "10.0.1.0/22"
|
destination_cidr_block = "10.0.1.0/22"
|
||||||
vpc_peering_connection_id = "pcx-45ff3dc1"
|
vpc_peering_connection_id = "pcx-45ff3dc1"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -17,13 +17,14 @@ _optionally_ (see below) content of an object stored inside S3 bucket.
|
||||||
|
|
||||||
```
|
```
|
||||||
data "aws_s3_bucket_object" "lambda" {
|
data "aws_s3_bucket_object" "lambda" {
|
||||||
bucket = "my-lambda-functions"
|
bucket = "my-lambda-functions"
|
||||||
key = "hello-world.zip"
|
key = "hello-world.zip"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_iam_role" "iam_for_lambda" {
|
resource "aws_iam_role" "iam_for_lambda" {
|
||||||
name = "iam_for_lambda"
|
name = "iam_for_lambda"
|
||||||
assume_role_policy = <<EOF
|
|
||||||
|
assume_role_policy = <<EOF
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
"Statement": [
|
"Statement": [
|
||||||
|
@ -41,12 +42,12 @@ EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_lambda_function" "test_lambda" {
|
resource "aws_lambda_function" "test_lambda" {
|
||||||
s3_bucket = "${data.aws_s3_bucket_object.lambda.bucket}"
|
s3_bucket = "${data.aws_s3_bucket_object.lambda.bucket}"
|
||||||
s3_key = "${data.aws_s3_bucket_object.lambda.key}"
|
s3_key = "${data.aws_s3_bucket_object.lambda.key}"
|
||||||
s3_object_version = "${data.aws_s3_bucket_object.lambda.version_id}"
|
s3_object_version = "${data.aws_s3_bucket_object.lambda.version_id}"
|
||||||
function_name = "lambda_function_name"
|
function_name = "lambda_function_name"
|
||||||
role = "${aws_iam_role.iam_for_lambda.arn}"
|
role = "${aws_iam_role.iam_for_lambda.arn}"
|
||||||
handler = "exports.test"
|
handler = "exports.test"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -27,8 +27,8 @@ data "aws_security_group" "selected" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_subnet" "subnet" {
|
resource "aws_subnet" "subnet" {
|
||||||
vpc_id = "${data.aws_security_group.selected.vpc_id}"
|
vpc_id = "${data.aws_security_group.selected.vpc_id}"
|
||||||
cidr_block = "10.0.1.0/24"
|
cidr_block = "10.0.1.0/24"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -16,13 +16,13 @@ a specific VPC endpoint.
|
||||||
```
|
```
|
||||||
# Declare the data source
|
# Declare the data source
|
||||||
data "aws_vpc_endpoint" "s3" {
|
data "aws_vpc_endpoint" "s3" {
|
||||||
vpc_id = "${aws_vpc.foo.id}"
|
vpc_id = "${aws_vpc.foo.id}"
|
||||||
service_name = "com.amazonaws.us-west-2.s3"
|
service_name = "com.amazonaws.us-west-2.s3"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_vpc_endpoint_route_table_association" "private_s3" {
|
resource "aws_vpc_endpoint_route_table_association" "private_s3" {
|
||||||
vpc_endpoint_id = "${data.aws_vpc_endpoint.s3.id}"
|
vpc_endpoint_id = "${data.aws_vpc_endpoint.s3.id}"
|
||||||
route_table_id = "${aws_route_table.private.id}"
|
route_table_id = "${aws_route_table.private.id}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -22,13 +22,13 @@ data "aws_vpc_endpoint_service" "s3" {
|
||||||
|
|
||||||
# Create a VPC
|
# Create a VPC
|
||||||
resource "aws_vpc" "foo" {
|
resource "aws_vpc" "foo" {
|
||||||
cidr_block = "10.0.0.0/16"
|
cidr_block = "10.0.0.0/16"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create a VPC endpoint
|
# Create a VPC endpoint
|
||||||
resource "aws_vpc_endpoint" "ep" {
|
resource "aws_vpc_endpoint" "ep" {
|
||||||
vpc_id = "${aws_vpc.foo.id}"
|
vpc_id = "${aws_vpc.foo.id}"
|
||||||
service_name = "${data.aws_vpc_endpoint_service.s3.service_name}"
|
service_name = "${data.aws_vpc_endpoint_service.s3.service_name}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -16,19 +16,19 @@ a specific VPC peering connection.
|
||||||
```
|
```
|
||||||
# Declare the data source
|
# Declare the data source
|
||||||
data "aws_vpc_peering_connection" "pc" {
|
data "aws_vpc_peering_connection" "pc" {
|
||||||
vpc_id = "${aws_vpc.foo.id}"
|
vpc_id = "${aws_vpc.foo.id}"
|
||||||
peer_cidr_block = "10.0.1.0/22"
|
peer_cidr_block = "10.0.1.0/22"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create a route table
|
# Create a route table
|
||||||
resource "aws_route_table" "rt" {
|
resource "aws_route_table" "rt" {
|
||||||
vpc_id = "${aws_vpc.foo.id}"
|
vpc_id = "${aws_vpc.foo.id}"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create a route
|
# Create a route
|
||||||
resource "aws_route" "r" {
|
resource "aws_route" "r" {
|
||||||
route_table_id = "${aws_route_table.rt.id}"
|
route_table_id = "${aws_route_table.rt.id}"
|
||||||
destination_cidr_block = "${data.aws_vpc_peering_connection.pc.peer_cidr_block}"
|
destination_cidr_block = "${data.aws_vpc_peering_connection.pc.peer_cidr_block}"
|
||||||
vpc_peering_connection_id = "${data.aws_vpc_peering_connection.pc.id}"
|
vpc_peering_connection_id = "${data.aws_vpc_peering_connection.pc.id}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -19,14 +19,14 @@ Use the navigation to the left to read about the available resources.
|
||||||
```
|
```
|
||||||
# Configure the AWS Provider
|
# Configure the AWS Provider
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
access_key = "${var.aws_access_key}"
|
access_key = "${var.aws_access_key}"
|
||||||
secret_key = "${var.aws_secret_key}"
|
secret_key = "${var.aws_secret_key}"
|
||||||
region = "us-east-1"
|
region = "us-east-1"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Create a web server
|
# Create a web server
|
||||||
resource "aws_instance" "web" {
|
resource "aws_instance" "web" {
|
||||||
...
|
# ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -93,9 +93,9 @@ Usage:
|
||||||
|
|
||||||
```
|
```
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "us-west-2"
|
region = "us-west-2"
|
||||||
shared_credentials_file = "/Users/tf_user/.aws/creds"
|
shared_credentials_file = "/Users/tf_user/.aws/creds"
|
||||||
profile = "customprofile"
|
profile = "customprofile"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -123,9 +123,9 @@ Usage:
|
||||||
```
|
```
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
assume_role {
|
assume_role {
|
||||||
role_arn = "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME"
|
role_arn = "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME"
|
||||||
session_name = "SESSION_NAME"
|
session_name = "SESSION_NAME"
|
||||||
external_id = "EXTERNAL_ID"
|
external_id = "EXTERNAL_ID"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
@ -231,7 +231,7 @@ The nested `assume_role` block supports the following:
|
||||||
* `external_id` - (Optional) The external ID to use when making the
|
* `external_id` - (Optional) The external ID to use when making the
|
||||||
AssumeRole call.
|
AssumeRole call.
|
||||||
|
|
||||||
* `policy` - (Optional) A more restrictive policy to apply to the temporary credentials.
|
* `policy` - (Optional) A more restrictive policy to apply to the temporary credentials.
|
||||||
This gives you a way to further restrict the permissions for the resulting temporary
|
This gives you a way to further restrict the permissions for the resulting temporary
|
||||||
security credentials. You cannot use the passed policy to grant permissions that are
|
security credentials. You cannot use the passed policy to grant permissions that are
|
||||||
in excess of those allowed by the access policy of the role that is being assumed.
|
in excess of those allowed by the access policy of the role that is being assumed.
|
||||||
|
|
|
@ -37,8 +37,8 @@ resource "aws_alb" "test" {
|
||||||
|
|
||||||
The following arguments are supported:
|
The following arguments are supported:
|
||||||
|
|
||||||
* `name` - (Optional) The name of the ALB. This name must be unique within your AWS account, can have a maximum of 32 characters,
|
* `name` - (Optional) The name of the ALB. This name must be unique within your AWS account, can have a maximum of 32 characters,
|
||||||
must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,
|
must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen. If not specified,
|
||||||
Terraform will autogenerate a name beginning with `tf-lb`.
|
Terraform will autogenerate a name beginning with `tf-lb`.
|
||||||
* `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`.
|
* `name_prefix` - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with `name`.
|
||||||
* `internal` - (Optional) If true, the ALB will be internal.
|
* `internal` - (Optional) If true, the ALB will be internal.
|
||||||
|
|
|
@ -23,16 +23,16 @@ resource "aws_alb_target_group" "front_end" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_alb_listener" "front_end" {
|
resource "aws_alb_listener" "front_end" {
|
||||||
load_balancer_arn = "${aws_alb.front_end.arn}"
|
load_balancer_arn = "${aws_alb.front_end.arn}"
|
||||||
port = "443"
|
port = "443"
|
||||||
protocol = "HTTPS"
|
protocol = "HTTPS"
|
||||||
ssl_policy = "ELBSecurityPolicy-2015-05"
|
ssl_policy = "ELBSecurityPolicy-2015-05"
|
||||||
certificate_arn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4"
|
certificate_arn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4"
|
||||||
|
|
||||||
default_action {
|
default_action {
|
||||||
target_group_arn = "${aws_alb_target_group.front_end.arn}"
|
target_group_arn = "${aws_alb_target_group.front_end.arn}"
|
||||||
type = "forward"
|
type = "forward"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -24,15 +24,15 @@ resource "aws_alb_listener" "front_end" {
|
||||||
|
|
||||||
resource "aws_alb_listener_rule" "static" {
|
resource "aws_alb_listener_rule" "static" {
|
||||||
listener_arn = "${aws_alb_listener.front_end.arn}"
|
listener_arn = "${aws_alb_listener.front_end.arn}"
|
||||||
priority = 100
|
priority = 100
|
||||||
|
|
||||||
action {
|
action {
|
||||||
type = "forward"
|
type = "forward"
|
||||||
target_group_arn = "${aws_alb_target_group.static.arn}"
|
target_group_arn = "${aws_alb_target_group.static.arn}"
|
||||||
}
|
}
|
||||||
|
|
||||||
condition {
|
condition {
|
||||||
field = "path-pattern"
|
field = "path-pattern"
|
||||||
values = ["/static/*"]
|
values = ["/static/*"]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -54,8 +54,8 @@ Action Blocks (for `default_action`) support the following:
|
||||||
|
|
||||||
Condition Blocks (for `default_condition`) support the following:
|
Condition Blocks (for `default_condition`) support the following:
|
||||||
|
|
||||||
* `field` - (Required) The name of the field. The only valid value is `path-pattern`.
|
* `field` - (Required) The name of the field. The only valid value is `path-pattern`.
|
||||||
* `values` - (Required) The path patterns to match.
|
* `values` - (Required) The path patterns to match.
|
||||||
|
|
||||||
## Attributes Reference
|
## Attributes Reference
|
||||||
|
|
||||||
|
|
|
@ -23,7 +23,7 @@ resource "aws_alb_target_group" "test" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_vpc" "main" {
|
resource "aws_vpc" "main" {
|
||||||
cidr_block = "10.0.0.0/16"
|
cidr_block = "10.0.0.0/16"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -31,11 +31,11 @@ resource "aws_vpc" "main" {
|
||||||
|
|
||||||
The following arguments are supported:
|
The following arguments are supported:
|
||||||
|
|
||||||
* `name` - (Required) The name of the target group.
|
* `name` - (Required) The name of the target group.
|
||||||
* `port` - (Required) The port on which targets receive traffic, unless overridden when registering a specific target.
|
* `port` - (Required) The port on which targets receive traffic, unless overridden when registering a specific target.
|
||||||
* `protocol` - (Required) The protocol to use for routing traffic to the targets.
|
* `protocol` - (Required) The protocol to use for routing traffic to the targets.
|
||||||
* `vpc_id` - (Required) The identifier of the VPC in which to create the target group.
|
* `vpc_id` - (Required) The identifier of the VPC in which to create the target group.
|
||||||
* `deregistration_delay` - (Optional) The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
|
* `deregistration_delay` - (Optional) The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds.
|
||||||
* `stickiness` - (Optional) A Stickiness block. Stickiness blocks are documented below.
|
* `stickiness` - (Optional) A Stickiness block. Stickiness blocks are documented below.
|
||||||
* `health_check` - (Optional) A Health Check block. Health Check blocks are documented below.
|
* `health_check` - (Optional) A Health Check block. Health Check blocks are documented below.
|
||||||
* `tags` - (Optional) A mapping of tags to assign to the resource.
|
* `tags` - (Optional) A mapping of tags to assign to the resource.
|
||||||
|
@ -51,7 +51,7 @@ Health Check Blocks (`health_check`) support the following:
|
||||||
* `interval` - (Optional) The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. Default 30 seconds.
|
* `interval` - (Optional) The approximate amount of time, in seconds, between health checks of an individual target. Minimum value 5 seconds, Maximum value 300 seconds. Default 30 seconds.
|
||||||
* `path` - (Optional) The destination for the health check request. Default `/`.
|
* `path` - (Optional) The destination for the health check request. Default `/`.
|
||||||
* `port` - (Optional) The port to use to connect with the target. Valid values are either ports 1-65536, or `traffic-port`. Defaults to `traffic-port`.
|
* `port` - (Optional) The port to use to connect with the target. Valid values are either ports 1-65536, or `traffic-port`. Defaults to `traffic-port`.
|
||||||
* `protocol` - (Optional) The protocol to use to connect with the target. Defaults to `HTTP`.
|
* `protocol` - (Optional) The protocol to use to connect with the target. Defaults to `HTTP`.
|
||||||
* `timeout` - (Optional) The amount of time, in seconds, during which no response means a failed health check. Defaults to 5 seconds.
|
* `timeout` - (Optional) The amount of time, in seconds, during which no response means a failed health check. Defaults to 5 seconds.
|
||||||
* `healthy_threshold` - (Optional) The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 5.
|
* `healthy_threshold` - (Optional) The number of consecutive health checks successes required before considering an unhealthy target healthy. Defaults to 5.
|
||||||
* `unhealthy_threshold` - (Optional) The number of consecutive health check failures required before considering the target unhealthy. Defaults to 2.
|
* `unhealthy_threshold` - (Optional) The number of consecutive health check failures required before considering the target unhealthy. Defaults to 2.
|
||||||
|
@ -70,5 +70,5 @@ The following attributes are exported in addition to the arguments listed above:
|
||||||
Target Groups can be imported using their ARN, e.g.
|
Target Groups can be imported using their ARN, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_alb_target_group.app_front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:targetgroup/app-front-end/20cfe21448b66314
|
$ terraform import aws_alb_target_group.app_front_end arn:aws:elasticloadbalancing:us-west-2:187416307283:targetgroup/app-front-end/20cfe21448b66314
|
||||||
```
|
```
|
||||||
|
|
|
@ -17,8 +17,8 @@ target group
|
||||||
```
|
```
|
||||||
resource "aws_alb_target_group_attachment" "test" {
|
resource "aws_alb_target_group_attachment" "test" {
|
||||||
target_group_arn = "${aws_alb_target_group.test.arn}"
|
target_group_arn = "${aws_alb_target_group.test.arn}"
|
||||||
target_id = "${aws_instance.test.id}"
|
target_id = "${aws_instance.test.id}"
|
||||||
port = 80
|
port = 80
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_alb_target_group" "test" {
|
resource "aws_alb_target_group" "test" {
|
||||||
|
|
|
@ -81,10 +81,10 @@ Nested `ebs_block_device` blocks have the following structure:
|
||||||
as the selected snapshot.
|
as the selected snapshot.
|
||||||
* `volume_type` - (Optional) The type of EBS volume to create. Can be one of "standard" (the
|
* `volume_type` - (Optional) The type of EBS volume to create. Can be one of "standard" (the
|
||||||
default), "io1" or "gp2".
|
default), "io1" or "gp2".
|
||||||
* `encrypted` - (Optional) Specifies whether the destination snapshots of the copied image should be encrypted.
|
* `encrypted` - (Optional) Specifies whether the destination snapshots of the copied image should be encrypted.
|
||||||
The default CMK for EBS is used unless a non-default AWS Key Management Service (AWS KMS) CMK is specified with KmsKeyId.
|
The default CMK for EBS is used unless a non-default AWS Key Management Service (AWS KMS) CMK is specified with KmsKeyId.
|
||||||
* `kms_key_id` - (Optional) The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when encrypting the snapshots of
|
* `kms_key_id` - (Optional) The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when encrypting the snapshots of
|
||||||
an image during a copy operation. This parameter is only required if you want to use a non-default CMK;
|
an image during a copy operation. This parameter is only required if you want to use a non-default CMK;
|
||||||
if this parameter is not specified, the default CMK for EBS is used
|
if this parameter is not specified, the default CMK for EBS is used
|
||||||
|
|
||||||
Nested `ephemeral_block_device` blocks have the following structure:
|
Nested `ephemeral_block_device` blocks have the following structure:
|
||||||
|
|
|
@ -24,13 +24,14 @@ block until the new AMI is available for use on new instances.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_ami_copy" "example" {
|
resource "aws_ami_copy" "example" {
|
||||||
name = "terraform-example"
|
name = "terraform-example"
|
||||||
description = "A copy of ami-xxxxxxxx"
|
description = "A copy of ami-xxxxxxxx"
|
||||||
source_ami_id = "ami-xxxxxxxx"
|
source_ami_id = "ami-xxxxxxxx"
|
||||||
source_ami_region = "us-west-1"
|
source_ami_region = "us-west-1"
|
||||||
tags {
|
|
||||||
Name = "HelloWorld"
|
tags {
|
||||||
}
|
Name = "HelloWorld"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -44,7 +45,7 @@ The following arguments are supported:
|
||||||
* `source_ami_region` - (Required) The region from which the AMI will be copied. This may be the
|
* `source_ami_region` - (Required) The region from which the AMI will be copied. This may be the
|
||||||
same as the AWS provider region in order to create a copy within the same region.
|
same as the AWS provider region in order to create a copy within the same region.
|
||||||
* `encrypted` - (Optional) Specifies whether the destination snapshots of the copied image should be encrypted. Defaults to `false`
|
* `encrypted` - (Optional) Specifies whether the destination snapshots of the copied image should be encrypted. Defaults to `false`
|
||||||
* `kms_key_id` - (Optional) The full ARN of the KMS Key to use when encrypting the snapshots of an image during a copy operation. If not specified, then the default AWS KMS Key will be used
|
* `kms_key_id` - (Optional) The full ARN of the KMS Key to use when encrypting the snapshots of an image during a copy operation. If not specified, then the default AWS KMS Key will be used
|
||||||
|
|
||||||
This resource also exposes the full set of arguments from the [`aws_ami`](ami.html) resource.
|
This resource also exposes the full set of arguments from the [`aws_ami`](ami.html) resource.
|
||||||
|
|
||||||
|
|
|
@ -30,8 +30,8 @@ to produce a fresh snapshot.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_ami_from_instance" "example" {
|
resource "aws_ami_from_instance" "example" {
|
||||||
name = "terraform-example"
|
name = "terraform-example"
|
||||||
source_instance_id = "i-xxxxxxxx"
|
source_instance_id = "i-xxxxxxxx"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -14,8 +14,8 @@ Adds launch permission to Amazon Machine Image (AMI) from another AWS account.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_ami_launch_permission" "example" {
|
resource "aws_ami_launch_permission" "example" {
|
||||||
image_id = "ami-12345678"
|
image_id = "ami-12345678"
|
||||||
account_id = "123456789012"
|
account_id = "123456789012"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -20,8 +20,9 @@ resource "aws_api_gateway_account" "demo" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_iam_role" "cloudwatch" {
|
resource "aws_iam_role" "cloudwatch" {
|
||||||
name = "api_gateway_cloudwatch_global"
|
name = "api_gateway_cloudwatch_global"
|
||||||
assume_role_policy = <<EOF
|
|
||||||
|
assume_role_policy = <<EOF
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
"Statement": [
|
"Statement": [
|
||||||
|
@ -39,9 +40,10 @@ EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_iam_role_policy" "cloudwatch" {
|
resource "aws_iam_role_policy" "cloudwatch" {
|
||||||
name = "default"
|
name = "default"
|
||||||
role = "${aws_iam_role.cloudwatch.id}"
|
role = "${aws_iam_role.cloudwatch.id}"
|
||||||
policy = <<EOF
|
|
||||||
|
policy = <<EOF
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
"Statement": [
|
"Statement": [
|
||||||
|
@ -86,7 +88,7 @@ The following attribute is exported:
|
||||||
|
|
||||||
## Import
|
## Import
|
||||||
|
|
||||||
API Gateway Accounts can be imported using the word `api-gateway-account`, e.g.
|
API Gateway Accounts can be imported using the word `api-gateway-account`, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_api_gateway_account.demo api-gateway-account
|
$ terraform import aws_api_gateway_account.demo api-gateway-account
|
||||||
|
|
|
@ -22,13 +22,13 @@ resource "aws_api_gateway_api_key" "MyDemoApiKey" {
|
||||||
|
|
||||||
stage_key {
|
stage_key {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
stage_name = "${aws_api_gateway_deployment.MyDemoDeployment.stage_name}"
|
stage_name = "${aws_api_gateway_deployment.MyDemoDeployment.stage_name}"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_deployment" "MyDemoDeployment" {
|
resource "aws_api_gateway_deployment" "MyDemoDeployment" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
stage_name = "test"
|
stage_name = "test"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -57,7 +57,7 @@ The following attributes are exported:
|
||||||
|
|
||||||
## Import
|
## Import
|
||||||
|
|
||||||
API Gateway Keys can be imported using the `id`, e.g.
|
API Gateway Keys can be imported using the `id`, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_api_gateway_api_key.my_demo_key 8bklk8bl1k3sB38D9B3l0enyWT8c09B30lkq0blk
|
$ terraform import aws_api_gateway_api_key.my_demo_key 8bklk8bl1k3sB38D9B3l0enyWT8c09B30lkq0blk
|
||||||
|
|
|
@ -14,9 +14,9 @@ Provides an API Gateway Authorizer.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_authorizer" "demo" {
|
resource "aws_api_gateway_authorizer" "demo" {
|
||||||
name = "demo"
|
name = "demo"
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.demo.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.demo.id}"
|
||||||
authorizer_uri = "arn:aws:apigateway:region:lambda:path/2015-03-31/functions/${aws_lambda_function.authorizer.arn}/invocations"
|
authorizer_uri = "arn:aws:apigateway:region:lambda:path/2015-03-31/functions/${aws_lambda_function.authorizer.arn}/invocations"
|
||||||
authorizer_credentials = "${aws_iam_role.invocation_role.arn}"
|
authorizer_credentials = "${aws_iam_role.invocation_role.arn}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -27,6 +27,7 @@ resource "aws_api_gateway_rest_api" "demo" {
|
||||||
resource "aws_iam_role" "invocation_role" {
|
resource "aws_iam_role" "invocation_role" {
|
||||||
name = "api_gateway_auth_invocation"
|
name = "api_gateway_auth_invocation"
|
||||||
path = "/"
|
path = "/"
|
||||||
|
|
||||||
assume_role_policy = <<EOF
|
assume_role_policy = <<EOF
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
|
@ -47,6 +48,7 @@ EOF
|
||||||
resource "aws_iam_role_policy" "invocation_policy" {
|
resource "aws_iam_role_policy" "invocation_policy" {
|
||||||
name = "default"
|
name = "default"
|
||||||
role = "${aws_iam_role.invocation_role.id}"
|
role = "${aws_iam_role.invocation_role.id}"
|
||||||
|
|
||||||
policy = <<EOF
|
policy = <<EOF
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
|
@ -63,6 +65,7 @@ EOF
|
||||||
|
|
||||||
resource "aws_iam_role" "lambda" {
|
resource "aws_iam_role" "lambda" {
|
||||||
name = "demo-lambda"
|
name = "demo-lambda"
|
||||||
|
|
||||||
assume_role_policy = <<EOF
|
assume_role_policy = <<EOF
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
|
@ -81,11 +84,11 @@ EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_lambda_function" "authorizer" {
|
resource "aws_lambda_function" "authorizer" {
|
||||||
filename = "lambda-function.zip"
|
filename = "lambda-function.zip"
|
||||||
source_code_hash = "${base64sha256(file("lambda-function.zip"))}"
|
source_code_hash = "${base64sha256(file("lambda-function.zip"))}"
|
||||||
function_name = "api_gateway_authorizer"
|
function_name = "api_gateway_authorizer"
|
||||||
role = "${aws_iam_role.lambda.arn}"
|
role = "${aws_iam_role.lambda.arn}"
|
||||||
handler = "exports.example"
|
handler = "exports.example"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,7 @@ resource "aws_api_gateway_domain_name" "example" {
|
||||||
|
|
||||||
resource "aws_api_gateway_base_path_mapping" "test" {
|
resource "aws_api_gateway_base_path_mapping" "test" {
|
||||||
api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
stage_name = "${aws_api_gateway_deployment.example.stage_name}"
|
stage_name = "${aws_api_gateway_deployment.example.stage_name}"
|
||||||
domain_name = "${aws_api_gateway_domain_name.example.domain_name}"
|
domain_name = "${aws_api_gateway_domain_name.example.domain_name}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -16,7 +16,6 @@ Provides an API Gateway Client Certificate.
|
||||||
resource "aws_api_gateway_client_certificate" "demo" {
|
resource "aws_api_gateway_client_certificate" "demo" {
|
||||||
description = "My client certificate"
|
description = "My client certificate"
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Argument Reference
|
## Argument Reference
|
||||||
|
|
|
@ -17,20 +17,20 @@ you might need to add an explicit `depends_on` for clean runs.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_resource" "MyDemoResource" {
|
resource "aws_api_gateway_resource" "MyDemoResource" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
||||||
path_part = "test"
|
path_part = "test"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_method" "MyDemoMethod" {
|
resource "aws_api_gateway_method" "MyDemoMethod" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "GET"
|
http_method = "GET"
|
||||||
authorization = "NONE"
|
authorization = "NONE"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -38,14 +38,14 @@ resource "aws_api_gateway_integration" "MyDemoIntegration" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
||||||
type = "MOCK"
|
type = "MOCK"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_deployment" "MyDemoDeployment" {
|
resource "aws_api_gateway_deployment" "MyDemoDeployment" {
|
||||||
depends_on = ["aws_api_gateway_method.MyDemoMethod"]
|
depends_on = ["aws_api_gateway_method.MyDemoMethod"]
|
||||||
|
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
stage_name = "test"
|
stage_name = "test"
|
||||||
|
|
||||||
variables = {
|
variables = {
|
||||||
"answer" = "42"
|
"answer" = "42"
|
||||||
|
|
|
@ -43,8 +43,8 @@ resource "aws_route53_record" "example" {
|
||||||
type = "A"
|
type = "A"
|
||||||
|
|
||||||
alias {
|
alias {
|
||||||
name = "${aws_api_gateway_domain_name.example.cloudfront_domain_name}"
|
name = "${aws_api_gateway_domain_name.example.cloudfront_domain_name}"
|
||||||
zone_id = "${aws_api_gateway_domain_name.example.cloudfront_zone_id}"
|
zone_id = "${aws_api_gateway_domain_name.example.cloudfront_zone_id}"
|
||||||
evaluate_target_health = true
|
evaluate_target_health = true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,20 +14,20 @@ Provides an HTTP Method Integration for an API Gateway Resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_resource" "MyDemoResource" {
|
resource "aws_api_gateway_resource" "MyDemoResource" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
||||||
path_part = "mydemoresource"
|
path_part = "mydemoresource"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_method" "MyDemoMethod" {
|
resource "aws_api_gateway_method" "MyDemoMethod" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "GET"
|
http_method = "GET"
|
||||||
authorization = "NONE"
|
authorization = "NONE"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -35,7 +35,7 @@ resource "aws_api_gateway_integration" "MyDemoIntegration" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
||||||
type = "MOCK"
|
type = "MOCK"
|
||||||
|
|
||||||
# Transforms the incoming XML request to JSON
|
# Transforms the incoming XML request to JSON
|
||||||
request_templates {
|
request_templates {
|
||||||
|
@ -84,7 +84,7 @@ resource "aws_lambda_permission" "apigw_lambda" {
|
||||||
principal = "apigateway.amazonaws.com"
|
principal = "apigateway.amazonaws.com"
|
||||||
|
|
||||||
# More: http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html
|
# More: http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html
|
||||||
source_arn = "arn:aws:execute-api:${var.myregion}:${var.accountId}:${aws_api_gateway_rest_api.api.id}/*/${aws_api_gateway_method.method.http_method}/resourcepath/subresourcepath"
|
source_arn = "arn:aws:execute-api:${var.myregion}:${var.accountId}:${aws_api_gateway_rest_api.api.id}/*/${aws_api_gateway_method.method.http_method}/resourcepath/subresourcepath"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_lambda_function" "lambda" {
|
resource "aws_lambda_function" "lambda" {
|
||||||
|
@ -98,7 +98,8 @@ resource "aws_lambda_function" "lambda" {
|
||||||
|
|
||||||
# IAM
|
# IAM
|
||||||
resource "aws_iam_role" "role" {
|
resource "aws_iam_role" "role" {
|
||||||
name = "myrole"
|
name = "myrole"
|
||||||
|
|
||||||
assume_role_policy = <<POLICY
|
assume_role_policy = <<POLICY
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
|
|
|
@ -17,20 +17,20 @@ you might need to add an explicit `depends_on` for clean runs.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_resource" "MyDemoResource" {
|
resource "aws_api_gateway_resource" "MyDemoResource" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
||||||
path_part = "mydemoresource"
|
path_part = "mydemoresource"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_method" "MyDemoMethod" {
|
resource "aws_api_gateway_method" "MyDemoMethod" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "GET"
|
http_method = "GET"
|
||||||
authorization = "NONE"
|
authorization = "NONE"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -38,7 +38,7 @@ resource "aws_api_gateway_integration" "MyDemoIntegration" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
||||||
type = "MOCK"
|
type = "MOCK"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_method_response" "200" {
|
resource "aws_api_gateway_method_response" "200" {
|
||||||
|
|
|
@ -14,20 +14,20 @@ Provides a HTTP Method for an API Gateway Resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_resource" "MyDemoResource" {
|
resource "aws_api_gateway_resource" "MyDemoResource" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
||||||
path_part = "mydemoresource"
|
path_part = "mydemoresource"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_method" "MyDemoMethod" {
|
resource "aws_api_gateway_method" "MyDemoMethod" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "GET"
|
http_method = "GET"
|
||||||
authorization = "NONE"
|
authorization = "NONE"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -14,20 +14,20 @@ Provides an HTTP Method Response for an API Gateway Resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_resource" "MyDemoResource" {
|
resource "aws_api_gateway_resource" "MyDemoResource" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
||||||
path_part = "mydemoresource"
|
path_part = "mydemoresource"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_method" "MyDemoMethod" {
|
resource "aws_api_gateway_method" "MyDemoMethod" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "GET"
|
http_method = "GET"
|
||||||
authorization = "NONE"
|
authorization = "NONE"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -35,7 +35,7 @@ resource "aws_api_gateway_integration" "MyDemoIntegration" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
resource_id = "${aws_api_gateway_resource.MyDemoResource.id}"
|
||||||
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
http_method = "${aws_api_gateway_method.MyDemoMethod.http_method}"
|
||||||
type = "MOCK"
|
type = "MOCK"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_method_response" "200" {
|
resource "aws_api_gateway_method_response" "200" {
|
||||||
|
|
|
@ -14,15 +14,16 @@ Provides a Model for a API Gateway.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_model" "MyDemoModel" {
|
resource "aws_api_gateway_model" "MyDemoModel" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
name = "user"
|
name = "user"
|
||||||
description = "a JSON schema"
|
description = "a JSON schema"
|
||||||
content_type = "application/json"
|
content_type = "application/json"
|
||||||
|
|
||||||
schema = <<EOF
|
schema = <<EOF
|
||||||
{
|
{
|
||||||
"type": "object"
|
"type": "object"
|
||||||
|
|
|
@ -14,14 +14,14 @@ Provides an API Gateway Resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_api_gateway_resource" "MyDemoResource" {
|
resource "aws_api_gateway_resource" "MyDemoResource" {
|
||||||
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
|
||||||
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
parent_id = "${aws_api_gateway_rest_api.MyDemoAPI.root_resource_id}"
|
||||||
path_part = "mydemoresource"
|
path_part = "mydemoresource"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ Provides an API Gateway REST API.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
resource "aws_api_gateway_rest_api" "MyDemoAPI" {
|
||||||
name = "MyDemoAPI"
|
name = "MyDemoAPI"
|
||||||
description = "This is my API for demonstration purposes"
|
description = "This is my API for demonstration purposes"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
@ -14,21 +14,22 @@ Provides an application cookie stickiness policy, which allows an ELB to wed its
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_elb" "lb" {
|
resource "aws_elb" "lb" {
|
||||||
name = "test-lb"
|
name = "test-lb"
|
||||||
availability_zones = ["us-east-1a"]
|
availability_zones = ["us-east-1a"]
|
||||||
listener {
|
|
||||||
instance_port = 8000
|
listener {
|
||||||
instance_protocol = "http"
|
instance_port = 8000
|
||||||
lb_port = 80
|
instance_protocol = "http"
|
||||||
lb_protocol = "http"
|
lb_port = 80
|
||||||
}
|
lb_protocol = "http"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_app_cookie_stickiness_policy" "foo" {
|
resource "aws_app_cookie_stickiness_policy" "foo" {
|
||||||
name = "foo_policy"
|
name = "foo_policy"
|
||||||
load_balancer = "${aws_elb.lb.name}"
|
load_balancer = "${aws_elb.lb.name}"
|
||||||
lb_port = 80
|
lb_port = 80
|
||||||
cookie_name = "MyAppCookie"
|
cookie_name = "MyAppCookie"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -13,26 +13,26 @@ Provides an Application AutoScaling Policy resource.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
```
|
```
|
||||||
resource "aws_appautoscaling_target" "ecs_target" {
|
resource "aws_appautoscaling_target" "ecs_target" {
|
||||||
max_capacity = 4
|
max_capacity = 4
|
||||||
min_capacity = 1
|
min_capacity = 1
|
||||||
resource_id = "service/clusterName/serviceName"
|
resource_id = "service/clusterName/serviceName"
|
||||||
role_arn = "${var.ecs_iam_role}"
|
role_arn = "${var.ecs_iam_role}"
|
||||||
scalable_dimension = "ecs:service:DesiredCount"
|
scalable_dimension = "ecs:service:DesiredCount"
|
||||||
service_namespace = "ecs"
|
service_namespace = "ecs"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_appautoscaling_policy" "ecs_policy" {
|
resource "aws_appautoscaling_policy" "ecs_policy" {
|
||||||
adjustment_type = "ChangeInCapacity"
|
adjustment_type = "ChangeInCapacity"
|
||||||
cooldown = 60
|
cooldown = 60
|
||||||
metric_aggregation_type = "Maximum"
|
metric_aggregation_type = "Maximum"
|
||||||
name = "scale-down"
|
name = "scale-down"
|
||||||
resource_id = "service/clusterName/serviceName"
|
resource_id = "service/clusterName/serviceName"
|
||||||
scalable_dimension = "ecs:service:DesiredCount"
|
scalable_dimension = "ecs:service:DesiredCount"
|
||||||
service_namespace = "ecs"
|
service_namespace = "ecs"
|
||||||
|
|
||||||
step_adjustment {
|
step_adjustment {
|
||||||
metric_interval_lower_bound = 0
|
metric_interval_lower_bound = 0
|
||||||
scaling_adjustment = -1
|
scaling_adjustment = -1
|
||||||
}
|
}
|
||||||
|
|
||||||
depends_on = ["aws_appautoscaling_target.ecs_target"]
|
depends_on = ["aws_appautoscaling_target.ecs_target"]
|
||||||
|
|
|
@ -13,12 +13,12 @@ Provides an Application AutoScaling ScalableTarget resource.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
```
|
```
|
||||||
resource "aws_appautoscaling_target" "ecs_target" {
|
resource "aws_appautoscaling_target" "ecs_target" {
|
||||||
max_capacity = 4
|
max_capacity = 4
|
||||||
min_capacity = 1
|
min_capacity = 1
|
||||||
resource_id = "service/clusterName/serviceName"
|
resource_id = "service/clusterName/serviceName"
|
||||||
role_arn = "${var.ecs_iam_role}"
|
role_arn = "${var.ecs_iam_role}"
|
||||||
scalable_dimension = "ecs:service:DesiredCount"
|
scalable_dimension = "ecs:service:DesiredCount"
|
||||||
service_namespace = "ecs"
|
service_namespace = "ecs"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -31,10 +31,10 @@ resource "aws_autoscaling_group" "bar" {
|
||||||
launch_configuration = "${aws_launch_configuration.foobar.name}"
|
launch_configuration = "${aws_launch_configuration.foobar.name}"
|
||||||
|
|
||||||
initial_lifecycle_hook {
|
initial_lifecycle_hook {
|
||||||
name = "foobar"
|
name = "foobar"
|
||||||
default_result = "CONTINUE"
|
default_result = "CONTINUE"
|
||||||
heartbeat_timeout = 2000
|
heartbeat_timeout = 2000
|
||||||
lifecycle_transition = "autoscaling:EC2_INSTANCE_LAUNCHING"
|
lifecycle_transition = "autoscaling:EC2_INSTANCE_LAUNCHING"
|
||||||
|
|
||||||
notification_metadata = <<EOF
|
notification_metadata = <<EOF
|
||||||
{
|
{
|
||||||
|
@ -225,7 +225,7 @@ for more information.
|
||||||
|
|
||||||
## Import
|
## Import
|
||||||
|
|
||||||
AutoScaling Groups can be imported using the `name`, e.g.
|
AutoScaling Groups can be imported using the `name`, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_autoscaling_group.web web-asg
|
$ terraform import aws_autoscaling_group.web web-asg
|
||||||
|
|
|
@ -11,7 +11,7 @@ description: |-
|
||||||
Provides an AutoScaling Lifecycle Hook resource.
|
Provides an AutoScaling Lifecycle Hook resource.
|
||||||
|
|
||||||
~> **NOTE:** Terraform has two types of ways you can add lifecycle hooks - via
|
~> **NOTE:** Terraform has two types of ways you can add lifecycle hooks - via
|
||||||
the `initial_lifecycle_hook` attribute from the
|
the `initial_lifecycle_hook` attribute from the
|
||||||
[`aws_autoscaling_group`](/docs/providers/aws/r/autoscaling_group.html)
|
[`aws_autoscaling_group`](/docs/providers/aws/r/autoscaling_group.html)
|
||||||
resource, or via this one. Hooks added via this resource will not be added
|
resource, or via this one. Hooks added via this resource will not be added
|
||||||
until the autoscaling group has been created, and depending on your
|
until the autoscaling group has been created, and depending on your
|
||||||
|
@ -26,30 +26,33 @@ but take care to not duplicate those hooks with this resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_autoscaling_group" "foobar" {
|
resource "aws_autoscaling_group" "foobar" {
|
||||||
availability_zones = ["us-west-2a"]
|
availability_zones = ["us-west-2a"]
|
||||||
name = "terraform-test-foobar5"
|
name = "terraform-test-foobar5"
|
||||||
health_check_type = "EC2"
|
health_check_type = "EC2"
|
||||||
termination_policies = ["OldestInstance"]
|
termination_policies = ["OldestInstance"]
|
||||||
tag {
|
|
||||||
key = "Foo"
|
tag {
|
||||||
value = "foo-bar"
|
key = "Foo"
|
||||||
propagate_at_launch = true
|
value = "foo-bar"
|
||||||
}
|
propagate_at_launch = true
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_autoscaling_lifecycle_hook" "foobar" {
|
resource "aws_autoscaling_lifecycle_hook" "foobar" {
|
||||||
name = "foobar"
|
name = "foobar"
|
||||||
autoscaling_group_name = "${aws_autoscaling_group.foobar.name}"
|
autoscaling_group_name = "${aws_autoscaling_group.foobar.name}"
|
||||||
default_result = "CONTINUE"
|
default_result = "CONTINUE"
|
||||||
heartbeat_timeout = 2000
|
heartbeat_timeout = 2000
|
||||||
lifecycle_transition = "autoscaling:EC2_INSTANCE_LAUNCHING"
|
lifecycle_transition = "autoscaling:EC2_INSTANCE_LAUNCHING"
|
||||||
notification_metadata = <<EOF
|
|
||||||
|
notification_metadata = <<EOF
|
||||||
{
|
{
|
||||||
"foo": "bar"
|
"foo": "bar"
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
notification_target_arn = "arn:aws:sqs:us-east-1:444455556666:queue1*"
|
|
||||||
role_arn = "arn:aws:iam::123456789012:role/S3Access"
|
notification_target_arn = "arn:aws:sqs:us-east-1:444455556666:queue1*"
|
||||||
|
role_arn = "arn:aws:iam::123456789012:role/S3Access"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -22,27 +22,32 @@ resource "aws_autoscaling_notification" "example_notifications" {
|
||||||
"${aws_autoscaling_group.bar.name}",
|
"${aws_autoscaling_group.bar.name}",
|
||||||
"${aws_autoscaling_group.foo.name}",
|
"${aws_autoscaling_group.foo.name}",
|
||||||
]
|
]
|
||||||
notifications = [
|
|
||||||
"autoscaling:EC2_INSTANCE_LAUNCH",
|
notifications = [
|
||||||
|
"autoscaling:EC2_INSTANCE_LAUNCH",
|
||||||
"autoscaling:EC2_INSTANCE_TERMINATE",
|
"autoscaling:EC2_INSTANCE_TERMINATE",
|
||||||
"autoscaling:EC2_INSTANCE_LAUNCH_ERROR"
|
"autoscaling:EC2_INSTANCE_LAUNCH_ERROR",
|
||||||
]
|
]
|
||||||
|
|
||||||
topic_arn = "${aws_sns_topic.example.arn}"
|
topic_arn = "${aws_sns_topic.example.arn}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_sns_topic" "example" {
|
resource "aws_sns_topic" "example" {
|
||||||
name = "example-topic"
|
name = "example-topic"
|
||||||
|
|
||||||
# arn is an exported attribute
|
# arn is an exported attribute
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_autoscaling_group" "bar" {
|
resource "aws_autoscaling_group" "bar" {
|
||||||
name = "foobar1-terraform-test"
|
name = "foobar1-terraform-test"
|
||||||
[... ASG attributes ...]
|
|
||||||
|
# ...
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_autoscaling_group" "foo" {
|
resource "aws_autoscaling_group" "foo" {
|
||||||
name = "barfoo-terraform-test"
|
name = "barfoo-terraform-test"
|
||||||
[... ASG attributes ...]
|
|
||||||
|
# ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -59,10 +64,10 @@ notifications. Acceptable values are documented [in the AWS documentation here][
|
||||||
|
|
||||||
The following attributes are exported:
|
The following attributes are exported:
|
||||||
|
|
||||||
* `group_names`
|
* `group_names`
|
||||||
* `notifications`
|
* `notifications`
|
||||||
* `topic_arn`
|
* `topic_arn`
|
||||||
|
|
||||||
|
|
||||||
[1]: https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html
|
[1]: https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_NotificationConfiguration.html
|
||||||
[2]: https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeNotificationConfigurations.html
|
[2]: https://docs.aws.amazon.com/AutoScaling/latest/APIReference/API_DescribeNotificationConfigurations.html
|
||||||
|
|
|
@ -19,22 +19,22 @@ or [dynamic](https://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/as-sc
|
||||||
## Example Usage
|
## Example Usage
|
||||||
```
|
```
|
||||||
resource "aws_autoscaling_policy" "bat" {
|
resource "aws_autoscaling_policy" "bat" {
|
||||||
name = "foobar3-terraform-test"
|
name = "foobar3-terraform-test"
|
||||||
scaling_adjustment = 4
|
scaling_adjustment = 4
|
||||||
adjustment_type = "ChangeInCapacity"
|
adjustment_type = "ChangeInCapacity"
|
||||||
cooldown = 300
|
cooldown = 300
|
||||||
autoscaling_group_name = "${aws_autoscaling_group.bar.name}"
|
autoscaling_group_name = "${aws_autoscaling_group.bar.name}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_autoscaling_group" "bar" {
|
resource "aws_autoscaling_group" "bar" {
|
||||||
availability_zones = ["us-east-1a"]
|
availability_zones = ["us-east-1a"]
|
||||||
name = "foobar3-terraform-test"
|
name = "foobar3-terraform-test"
|
||||||
max_size = 5
|
max_size = 5
|
||||||
min_size = 2
|
min_size = 2
|
||||||
health_check_grace_period = 300
|
health_check_grace_period = 300
|
||||||
health_check_type = "ELB"
|
health_check_type = "ELB"
|
||||||
force_delete = true
|
force_delete = true
|
||||||
launch_configuration = "${aws_launch_configuration.foo.name}"
|
launch_configuration = "${aws_launch_configuration.foo.name}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -13,24 +13,24 @@ Provides an AutoScaling Schedule resource.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
```
|
```
|
||||||
resource "aws_autoscaling_group" "foobar" {
|
resource "aws_autoscaling_group" "foobar" {
|
||||||
availability_zones = ["us-west-2a"]
|
availability_zones = ["us-west-2a"]
|
||||||
name = "terraform-test-foobar5"
|
name = "terraform-test-foobar5"
|
||||||
max_size = 1
|
max_size = 1
|
||||||
min_size = 1
|
min_size = 1
|
||||||
health_check_grace_period = 300
|
health_check_grace_period = 300
|
||||||
health_check_type = "ELB"
|
health_check_type = "ELB"
|
||||||
force_delete = true
|
force_delete = true
|
||||||
termination_policies = ["OldestInstance"]
|
termination_policies = ["OldestInstance"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_autoscaling_schedule" "foobar" {
|
resource "aws_autoscaling_schedule" "foobar" {
|
||||||
scheduled_action_name = "foobar"
|
scheduled_action_name = "foobar"
|
||||||
min_size = 0
|
min_size = 0
|
||||||
max_size = 1
|
max_size = 1
|
||||||
desired_capacity = 0
|
desired_capacity = 0
|
||||||
start_time = "2016-12-11T18:00:00Z"
|
start_time = "2016-12-11T18:00:00Z"
|
||||||
end_time = "2016-12-12T06:00:00Z"
|
end_time = "2016-12-12T06:00:00Z"
|
||||||
autoscaling_group_name = "${aws_autoscaling_group.foobar.name}"
|
autoscaling_group_name = "${aws_autoscaling_group.foobar.name}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -44,7 +44,7 @@ The following arguments are supported:
|
||||||
If you try to schedule your action in the past, Auto Scaling returns an error message.
|
If you try to schedule your action in the past, Auto Scaling returns an error message.
|
||||||
* `end_time` - (Optional) The time for this action to end, in "YYYY-MM-DDThh:mm:ssZ" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).
|
* `end_time` - (Optional) The time for this action to end, in "YYYY-MM-DDThh:mm:ssZ" format in UTC/GMT only (for example, 2014-06-01T00:00:00Z ).
|
||||||
If you try to schedule your action in the past, Auto Scaling returns an error message.
|
If you try to schedule your action in the past, Auto Scaling returns an error message.
|
||||||
* `recurrence` - (Optional) The time when recurring future actions will start. Start time is specified by the user following the Unix cron syntax format.
|
* `recurrence` - (Optional) The time when recurring future actions will start. Start time is specified by the user following the Unix cron syntax format.
|
||||||
* `min_size` - (Optional) The minimum size for the Auto Scaling group. Default
|
* `min_size` - (Optional) The minimum size for the Auto Scaling group. Default
|
||||||
0.
|
0.
|
||||||
* `max_size` - (Optional) The maximum size for the Auto Scaling group. Default
|
* `max_size` - (Optional) The maximum size for the Auto Scaling group. Default
|
||||||
|
|
|
@ -15,9 +15,11 @@ Provides a CloudFormation Stack resource.
|
||||||
```
|
```
|
||||||
resource "aws_cloudformation_stack" "network" {
|
resource "aws_cloudformation_stack" "network" {
|
||||||
name = "networking-stack"
|
name = "networking-stack"
|
||||||
|
|
||||||
parameters {
|
parameters {
|
||||||
VPCCidr = "10.0.0.0/16"
|
VPCCidr = "10.0.0.0/16"
|
||||||
}
|
}
|
||||||
|
|
||||||
template_body = <<STACK
|
template_body = <<STACK
|
||||||
{
|
{
|
||||||
"Parameters" : {
|
"Parameters" : {
|
||||||
|
|
|
@ -223,12 +223,12 @@ of several sub-resources - these resources are laid out below.
|
||||||
`true` for `query_string`, all query strings are forwarded, however only the
|
`true` for `query_string`, all query strings are forwarded, however only the
|
||||||
query string keys listed in this argument are cached. When omitted with a
|
query string keys listed in this argument are cached. When omitted with a
|
||||||
value of `true` for `query_string`, all query string keys are cached.
|
value of `true` for `query_string`, all query string keys are cached.
|
||||||
|
|
||||||
##### Lambda Function Association
|
##### Lambda Function Association
|
||||||
|
|
||||||
Lambda@Edge allows you to associate an AWS Lambda Function with a predefined
|
Lambda@Edge allows you to associate an AWS Lambda Function with a predefined
|
||||||
event. You can associate a single function per event type. See [What is
|
event. You can associate a single function per event type. See [What is
|
||||||
Lambda@Edge](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/what-is-lambda-at-edge.html)
|
Lambda@Edge](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/what-is-lambda-at-edge.html)
|
||||||
for more information
|
for more information
|
||||||
|
|
||||||
* `event_type` (Required) - The specific event to trigger this function.
|
* `event_type` (Required) - The specific event to trigger this function.
|
||||||
|
|
|
@ -92,7 +92,7 @@ data "aws_iam_policy_document" "s3_policy" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_s3_bucket" "bucket" {
|
resource "aws_s3_bucket" "bucket" {
|
||||||
...
|
# ...
|
||||||
policy = "${data.aws_iam_policy_document.s3_policy.json}"
|
policy = "${data.aws_iam_policy_document.s3_policy.json}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
@ -105,7 +105,7 @@ resource "aws_s3_bucket" "bucket" {
|
||||||
|
|
||||||
## Import
|
## Import
|
||||||
|
|
||||||
Cloudfront Origin Access Identities can be imported using the `id`, e.g.
|
Cloudfront Origin Access Identities can be imported using the `id`, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_cloudfront_origin_access_identity.origin_access E74FTE3AEXAMPLE
|
$ terraform import aws_cloudfront_origin_access_identity.origin_access E74FTE3AEXAMPLE
|
||||||
|
|
|
@ -13,16 +13,17 @@ Provides a CloudTrail resource.
|
||||||
## Example Usage
|
## Example Usage
|
||||||
```
|
```
|
||||||
resource "aws_cloudtrail" "foobar" {
|
resource "aws_cloudtrail" "foobar" {
|
||||||
name = "tf-trail-foobar"
|
name = "tf-trail-foobar"
|
||||||
s3_bucket_name = "${aws_s3_bucket.foo.id}"
|
s3_bucket_name = "${aws_s3_bucket.foo.id}"
|
||||||
s3_key_prefix = "prefix"
|
s3_key_prefix = "prefix"
|
||||||
include_global_service_events = false
|
include_global_service_events = false
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_s3_bucket" "foo" {
|
resource "aws_s3_bucket" "foo" {
|
||||||
bucket = "tf-test-trail"
|
bucket = "tf-test-trail"
|
||||||
force_destroy = true
|
force_destroy = true
|
||||||
policy = <<POLICY
|
|
||||||
|
policy = <<POLICY
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
"Statement": [
|
"Statement": [
|
||||||
|
@ -91,7 +92,7 @@ The following attributes are exported:
|
||||||
|
|
||||||
## Import
|
## Import
|
||||||
|
|
||||||
Cloudtrails can be imported using the `name`, e.g.
|
Cloudtrails can be imported using the `name`, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_cloudtrail.sample my-sample-trail
|
$ terraform import aws_cloudtrail.sample my-sample-trail
|
||||||
|
|
|
@ -14,8 +14,9 @@ Provides a CloudWatch Event Rule resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_cloudwatch_event_rule" "console" {
|
resource "aws_cloudwatch_event_rule" "console" {
|
||||||
name = "capture-aws-sign-in"
|
name = "capture-aws-sign-in"
|
||||||
description = "Capture each AWS Console Sign In"
|
description = "Capture each AWS Console Sign In"
|
||||||
|
|
||||||
event_pattern = <<PATTERN
|
event_pattern = <<PATTERN
|
||||||
{
|
{
|
||||||
"detail-type": [
|
"detail-type": [
|
||||||
|
@ -26,9 +27,9 @@ PATTERN
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_cloudwatch_event_target" "sns" {
|
resource "aws_cloudwatch_event_target" "sns" {
|
||||||
rule = "${aws_cloudwatch_event_rule.console.name}"
|
rule = "${aws_cloudwatch_event_rule.console.name}"
|
||||||
target_id = "SendToSNS"
|
target_id = "SendToSNS"
|
||||||
arn = "${aws_sns_topic.aws_logins.arn}"
|
arn = "${aws_sns_topic.aws_logins.arn}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_sns_topic" "aws_logins" {
|
resource "aws_sns_topic" "aws_logins" {
|
||||||
|
@ -59,7 +60,7 @@ The following attributes are exported:
|
||||||
|
|
||||||
## Import
|
## Import
|
||||||
|
|
||||||
Cloudwatch Event Rules can be imported using the `name`, e.g.
|
Cloudwatch Event Rules can be imported using the `name`, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_cloudwatch_event_rule.console capture-console-sign-in
|
$ terraform import aws_cloudwatch_event_rule.console capture-console-sign-in
|
||||||
|
|
|
@ -15,13 +15,14 @@ Provides a CloudWatch Event Target resource.
|
||||||
```
|
```
|
||||||
resource "aws_cloudwatch_event_target" "yada" {
|
resource "aws_cloudwatch_event_target" "yada" {
|
||||||
target_id = "Yada"
|
target_id = "Yada"
|
||||||
rule = "${aws_cloudwatch_event_rule.console.name}"
|
rule = "${aws_cloudwatch_event_rule.console.name}"
|
||||||
arn = "${aws_kinesis_stream.test_stream.arn}"
|
arn = "${aws_kinesis_stream.test_stream.arn}"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_cloudwatch_event_rule" "console" {
|
resource "aws_cloudwatch_event_rule" "console" {
|
||||||
name = "capture-ec2-scaling-events"
|
name = "capture-ec2-scaling-events"
|
||||||
description = "Capture all EC2 scaling events"
|
description = "Capture all EC2 scaling events"
|
||||||
|
|
||||||
event_pattern = <<PATTERN
|
event_pattern = <<PATTERN
|
||||||
{
|
{
|
||||||
"source": [
|
"source": [
|
||||||
|
@ -38,8 +39,8 @@ PATTERN
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_kinesis_stream" "test_stream" {
|
resource "aws_kinesis_stream" "test_stream" {
|
||||||
name = "terraform-kinesis-test"
|
name = "terraform-kinesis-test"
|
||||||
shard_count = 1
|
shard_count = 1
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,7 @@ The following attributes are exported:
|
||||||
|
|
||||||
## Import
|
## Import
|
||||||
|
|
||||||
Cloudwatch Log Groups can be imported using the `name`, e.g.
|
Cloudwatch Log Groups can be imported using the `name`, e.g.
|
||||||
|
|
||||||
```
|
```
|
||||||
$ terraform import aws_cloudwatch_log_group.test_group yada
|
$ terraform import aws_cloudwatch_log_group.test_group yada
|
||||||
|
|
|
@ -14,19 +14,19 @@ Provides a CloudWatch Log Metric Filter resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_cloudwatch_log_metric_filter" "yada" {
|
resource "aws_cloudwatch_log_metric_filter" "yada" {
|
||||||
name = "MyAppAccessCount"
|
name = "MyAppAccessCount"
|
||||||
pattern = ""
|
pattern = ""
|
||||||
log_group_name = "${aws_cloudwatch_log_group.dada.name}"
|
log_group_name = "${aws_cloudwatch_log_group.dada.name}"
|
||||||
|
|
||||||
metric_transformation {
|
metric_transformation {
|
||||||
name = "EventCount"
|
name = "EventCount"
|
||||||
namespace = "YourNamespace"
|
namespace = "YourNamespace"
|
||||||
value = "1"
|
value = "1"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_cloudwatch_log_group" "dada" {
|
resource "aws_cloudwatch_log_group" "dada" {
|
||||||
name = "MyApp/access.log"
|
name = "MyApp/access.log"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -14,10 +14,10 @@ Provides a CloudWatch Logs subscription filter resource.
|
||||||
|
|
||||||
```
|
```
|
||||||
resource "aws_cloudwatch_log_subscription_filter" "test_lambdafunction_logfilter" {
|
resource "aws_cloudwatch_log_subscription_filter" "test_lambdafunction_logfilter" {
|
||||||
name = "test_lambdafunction_logfilter"
|
name = "test_lambdafunction_logfilter"
|
||||||
role_arn = "${aws_iam_role.iam_for_lambda.arn}"
|
role_arn = "${aws_iam_role.iam_for_lambda.arn}"
|
||||||
log_group_name = "/aws/lambda/example_lambda_name"
|
log_group_name = "/aws/lambda/example_lambda_name"
|
||||||
filter_pattern = "logtype test"
|
filter_pattern = "logtype test"
|
||||||
destination_arn = "${aws_kinesis_stream.test_logstream.arn}"
|
destination_arn = "${aws_kinesis_stream.test_logstream.arn}"
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue