Commit Graph

174 Commits

Author SHA1 Message Date
Radek Simko 6fed5eb8f0 aws: Use new STS endpoint to validate creds (#6536) 2016-06-20 23:14:07 +01:00
James Bardin 5c1b625c84 Add support for Amazon Elastic Transcoder
- Add resources for elastic transcoder pipelines and presets
2016-06-07 16:07:08 -04:00
Radek Simko e32a8c1c5b Merge pull request #6385 from Ticketmaster/use-sts-GetCallerIdentity
provider/aws: Added sts:GetCallerIdentity to GetAccountId for federated logins
2016-05-05 17:35:32 +01:00
Kraig Amador a23bcf2ec9 Added accountid to AWSClient and set it early in the initialization phase. We use iam.GetUser(nil) scattered around to get the account id, but this isn't the most reliable method. GetAccountId now uses one more method (sts:GetCallerIdentity) to get the account id, this works with federated users. 2016-05-05 07:02:12 -07:00
Blake Smith 8821aea945 provider/aws: Add AWS EMR dependency (#2098) (#6492) 2016-05-05 11:34:18 +01:00
Colin Hebert f1f602cdf6 aws: Enable account ID check for assumed roles + EC2 instances 2016-04-27 12:56:03 +02:00
Chris Marchesi a38ccbe074 CloudFront distribution and origin access identity support (#5221)
* CloudFront implementation v3

* Update tests

* Refactor - new resource: aws_cloudfront_distribution

 * Includes a complete re-write of the old aws_cloudfront_web_distribution
   resource to bring it to feature parity with API and CloudFormation.
 * Also includes the aws_cloudfront_origin_access_identity resource to generate
   origin access identities for use with S3.
2016-04-14 14:55:11 -05:00
Paul Hinze 25fce81bfc provider/aws: log HTTP req/resp at DEBUG level
This should be quite helpful in debugging aws-sdk-go operations.

Required some tweaking around the `helper/logging` functions to expose an
`IsDebugOrHigher()` helper for us to use.
2016-03-14 12:26:37 -05:00
Paul Hinze fff441b4ac provider/aws: send Terraform version in User-Agent 2016-03-14 12:16:49 -05:00
Paul Hinze 60b239d7d1 provider/aws: Switch to session.Copy to build up configs
Found this function which makes the config setup much nicer - looks like
it's meant to be used for the very thing we're doing, which is starting
w/ a base config and customizing it slightly.

https://docs.aws.amazon.com/sdk-for-go/api/aws/session/Session.html#Copy-instance_method

This will make the User-Agent setting code to follow much simpler.
2016-03-14 11:42:37 -05:00
Philip Witty 6648df7acc Added AWS KMS key & alias support 2016-03-08 09:30:47 +00:00
clint shryock f0d3176999 provider/aws: Add Elastic Beanstalk Application, Configuration Template, and Environment
This adds support for Elastic Beanstalk Applications, Configuration Templates,
and Environments.

This is a combined work of @catsby, @dharrisio, @Bowbaq, and @jen20
2016-03-07 14:43:23 -06:00
Raphael Randschau fdf0cfa66d Vendor AWS APIGateway API 2016-03-05 23:12:19 +01:00
Radek Simko ab89e5e528 provider/aws: Add CloudWatch Event Rule 2016-02-13 13:21:32 +00:00
Hasan Türken e41266e971 Move endpoint options into endpoints block 2016-02-12 09:38:21 -06:00
Hasan Türken 231604e8b7 support custom endpoints for AWS EC2 ELB and IAM 2016-02-12 09:35:50 -06:00
clint shryock 45c9a10d0f provider/aws: Provide a better message if no AWS creds are found 2016-01-27 16:30:03 -06:00
James Nugent ace215481a provider/aws: Add profile to provider config
This allows specification of the profile for the shared credentials
provider for AWS to be specified in Terraform configuration. This is
useful if defining providers with aliases, or if you don't want to set
environment variables. Example:

$ aws configure --profile this_is_dog
... enter keys

$ cat main.tf
provider "aws" {
    profile = "this_is_dog"

    # Optionally also specify the path to the credentials file
    shared_credentials_file = "/tmp/credentials"
}

This is equivalent to specifying AWS_PROFILE or
AWS_SHARED_CREDENTIALS_FILE in the environment.
2016-01-14 15:39:35 +00:00
Clint 7f6624e926 Merge pull request #3862 from stack72/aws-redshift
provider/aws: AWS Redshift
2016-01-13 16:52:47 -06:00
Mark Troyer b396bbb3e4 provider/aws: Allow ap-northeast-2 (Seoul) as valid region 2016-01-11 13:46:53 -08:00
nextrevision 6a3ed429ad Adding AWS ECR provider resources
Adds ECR aws_ecr_repository and aws_ecr_repository_policy resources to
the AWS provider.
2015-12-22 10:31:30 -05:00
stack72 85afc7d614 Initial creation of the work for AWS RedShift Support
Finalising the schema and acceptance tests for the Redshift Security Group's
2015-12-20 20:19:55 +00:00
clint shryock adf417809a add some comments on auth refactoring 2015-12-15 10:49:23 -06:00
clint shryock 5f5459a1fb provider/aws: Refactor AWS Authentication chain
- update auth checking to check metadata header
- refactor tests to not export os env vars
2015-12-15 10:46:10 -06:00
stack72 d14d891367 Finishing the first pass at Kinesis Firehose. I have only implemented the S3 configuration right now as Terraform doesn't include RedShift support 2015-11-10 16:24:33 +00:00
stack72 fc983c5505 Initial Create, Read and Delete work for the S3 part of the Kinesis Firehose resource 2015-11-09 22:26:55 +00:00
stack72 63d7f5993d Changing the AWS CodeCommit Connection Initiation to use the new session based work 2015-10-30 22:23:28 +00:00
stack72 89ce6f7c83 Started the work for the AWS CodeCommit Repository resource
Starting to add the skeleton for the creation and update of a repository
2015-10-30 21:39:04 +00:00
Paul Hinze cadbbbae08 aws: fix build after upstream breaking change
see
1a69d06935
2015-10-29 18:52:10 -05:00
Clint cb2ecf5733 Merge pull request #3255 from Runscope/local-kinesis
provider/aws: allow local kinesis
2015-10-29 08:24:07 -05:00
Radek Simko a618b048cf aws: Add support for aws_cloudtrail 2015-10-28 17:13:14 +00:00
Radek Simko 0d8d6fde79 Merge pull request #2636 from TimeIncOSS/f-aws-cloudformation
provider/aws: Add aws_cloudformation_stack
2015-10-28 16:16:14 +00:00
Jeff Mitchell 1373a6086b Use cleanhttp for new http clients 2015-10-22 14:23:59 -04:00
Christopher Tiwald e59fb4e6ca aws: Add support for "aws_codedeploy_app" resources. 2015-10-20 18:05:39 -04:00
Jeff Mitchell b0ceffc322 Remove usage from dependencies as well. Other dependencies need upstream merging to completely solve this. 2015-10-19 12:06:34 -04:00
Garrett Heel 9c2725e0a5 provider/aws: allow local kinesis 2015-10-13 14:29:50 -07:00
Radek Simko 4dfbbe3074 provider/aws: Add implementation for aws_cloudformation_stack 2015-10-13 22:55:55 +02:00
stack72 5266db31e2 Adding the ability to manage a glacier vault 2015-10-13 14:58:29 +01:00
Radek Simko a66ac7e751 provider/aws: Add aws_directory_service_directory resource 2015-10-08 17:06:39 -07:00
Radek Simko 2b9f4f895e provider/aws: Add support for aws_elasticsearch_domain 2015-10-07 16:57:46 -07:00
Radek Simko f9efede852 gofmt files from recently merged PRs 2015-10-07 13:35:06 -07:00
Paul Hinze 7905b91b8a Merge pull request #3313 from sarguru/iam_validateaccount_fixcrash
Fix ValidateAccountId for IAM Instance Profiles
2015-10-07 12:18:38 -05:00
Martin Atkins 8e79f0cb3a Prepare for adding OpsWorks resources.
Here we add an OpsWorks client instance to the central client bundle and
establish a new documentation section, both of which will be fleshed out in
subsequent commits that add some OpsWorks resources.
2015-10-05 22:47:44 -07:00
Martin Atkins 5c30573a63 AWS config forced to us-east-1 in variable, not inline.
There are several AWS services that are global in scope and thus need to
be accessed via the us-east-1 endpoints, so we'll make the us-east-1
variant of the config available as a variable we can reuse between multiple
clients as we add support for new services.
2015-10-05 22:47:44 -07:00
Radek Simko cd96b8a7fc provider/aws: Add efs_file_system 2015-10-03 19:35:06 -07:00
Martin Atkins 3fde993978 Merge #3336: Remove local multierror package.
Instead, use ``github.com/hashicorp/go-multierror``.
2015-10-03 17:53:36 -07:00
Sander van Harmelen 2ba8dc38fa Switch to go-multierror
It seems there are 4 locations left that use the `helper/multierror`
package, where the rest is TF settled on the `hashicorp/go-multierror`
package.

Functionally this doesn’t change anything, so I suggest to delete the
builtin version as it can only cause confusion (both packages have the
same name, but are still different types according to Go’s type system.
2015-09-27 18:58:48 -07:00
Sargurunathan Mohan 6b2d6f5ae4 go fmt code 2015-09-23 16:41:48 -07:00
Sargurunathan Mohan 803b33bcae return nil and exit out of the function for IAM instance profiles 2015-09-23 16:40:46 -07:00
Radek Simko b224abb7a9 provider/aws: Add cloudwatch_log_group 2015-09-16 22:28:01 +01:00
Paul Hinze 8559b02099 Merge pull request #3001 from sarguru/iam_profile_validation
Fail silently when account validation fails while from instance profile
2015-09-08 13:29:09 -05:00
Clint Shryock 0c2f189d08 provider/aws: Update to aws-sdk 0.9.0 rc1 2015-08-17 13:27:16 -05:00
Sargurunathan Mohan 9abd74819e apply go fmt on config.go 2015-08-16 17:13:23 -07:00
Sargurunathan Mohan b95e7a976c fail silently when users have forbiddenaccount/allowedaccount configured while authenticating via iam profile instance 2015-08-14 03:52:38 -07:00
Clint Shryock eb90457223 guard on both accessdenied (no IAM policy) and validationerror (no username specified) 2015-08-07 11:55:44 -05:00
Clint Shryock 31fab62bfd provider/aws: Fail silently in ValidateCredentials for IAM users 2015-08-07 11:40:50 -05:00
Pablo Cantero 5930f22974 dynamodb-local Update AWS config
https://github.com/hashicorp/terraform/pull/2825#issuecomment-126353610

Tks @catsby
2015-07-30 12:21:03 -03:00
Pablo Cantero 28bef7c0c7 Merge branch 'master' into dynamodb-local 2015-07-30 12:16:07 -03:00
Clint Shryock 579ccbefea provider/aws: Update source to comply with upstream breaking change 2015-07-28 15:29:46 -05:00
Pablo Cantero 35201e730e dynamodb-local Add `dynamodb_endpoint` allowing to change the DynamoDB Endpoint for
example to connect to dynamodb-local
2015-07-22 18:57:29 -03:00
Radek Simko 4797a82e1a aws: Simplify ValidateCredentials func 2015-07-21 15:57:59 +02:00
Clint Shryock 975e1a6c2c provider/aws: Check credentials before attempting to do anything 2015-07-14 16:39:50 -05:00
Mitchell Hashimoto 93cedc7ec1 providers/aws: style nitpick 2015-06-28 22:46:49 -07:00
Mitchell Hashimoto 2a5ed6c847 Merge pull request #1841 from josharian/aws-external-creds
providers/aws: detect credentials more robustly
2015-06-28 22:43:56 -07:00
Alex Pilon ceeb94e157 provider/aws: Add cloudwatch_metric_alarm 2015-06-17 23:10:23 +01:00
Clint b132dd284e Merge pull request #2121 from johnewart/dynamodb
DynamoDB Support
2015-06-17 09:47:13 -05:00
Chris Bednarski f01154366a Merge with changes from master 2015-06-09 12:12:47 -07:00
John Ewart 4784eff9ca Fix AWS SDK imports 2015-06-03 17:12:41 -07:00
John Ewart 34e9e31377 Adding DynamoDB resource 2015-06-03 17:05:02 -07:00
Radek Simko ae5502b744 provider/aws: Add new resource - aws_ecs_cluster 2015-06-03 22:47:05 +01:00
Paul Hinze b71fa3d0ae provider/aws: handle upstream aws-sdk-go repo move
`awslabs/aws-sdk-go => aws/aws-sdk-go`

Congrats to upstream on the promotion. :)
2015-06-03 13:36:57 -05:00
Chris Bednarski 6986121305 AWS Lambda functionality
- Includes documentation
- Includes acceptance tests
2015-06-01 09:33:45 -07:00
Clint Shryock 214ed23974 provider/aws: AWS Kinesis Stream support
Adds a Kinesis Stream resource
2015-05-27 15:54:17 -05:00
John Ewart 17d9d314d0 Indentation issue 2015-05-22 21:19:43 -07:00
John Ewart 68734517f8 Initial SNS support 2015-05-22 20:26:10 -07:00
Paul Hinze 31258e06c6 provider/aws: fix breakages from awserr refactor
This landed in aws-sdk-go yesterday, breaking the AWS provider in many places:

3c259c9586

Here, with much sedding, grepping, and manual massaging, we attempt to
catch Terraform up to the new `awserr.Error` interface world.
2015-05-20 06:21:23 -05:00
John Ewart 8dd479dbe0 Initial SQS support 2015-05-15 11:37:07 -07:00
Josh Bleecher Snyder ed67f8f588 providers/aws: detect credentials more robustly
aws hides its credentials in many places:
multiple env vars, config files,
ec2 metadata.

Terraform currently recognizes only the env vars;
to use the other options, you had to put in a
dummy empty value for access_key and secret_key.

Rather than duplicate all aws checks, ask the
aws sdk to fetch credentials earlier.
2015-05-06 20:02:09 -07:00
Mitchell Hashimoto 7a5499d4f7 providers/aws: chain credentials 2015-05-05 10:44:19 -07:00
Sander van Harmelen 7274de3c1d Small fix needed to be inline with the updated AWS SDK again...
Executed a couple of AWS ACC test as well to make sure everything works
properly again after this fix…
2015-05-05 12:26:26 +02:00
Koen De Causmaecker 398c22adcd aws: make MaxRetries for API calls configurable
- Make it configurable in the AWS provider by add an option
  'max_retries'.
- Set the default from 3 to 11 retries.
2015-05-03 15:35:51 +02:00
Paul Hinze fc26f7a119 Merge pull request #1331 from tmtk75/dev/aws_ecache
provider/aws: resource ElastiCache
2015-04-28 10:00:25 -05:00
aznashwan d64dd99d4d Fixed/added docstrings in aws provider package. 2015-04-27 21:06:49 +03:00
Tomotaka Sakuma f3d9a287e1 support aws resource ElastiCache 2015-04-26 10:53:21 +09:00
Radek Simko 150fd00932 AWS account ID protection added 2015-04-20 12:07:39 +01:00
Clint Shryock 79fc8223bb consolidate structure.go 2015-04-16 15:18:01 -05:00
Clint Shryock ba43b7c963 mass search-replace of ec2SDKconn 2015-04-16 15:05:55 -05:00
Clint Shryock 331f6705b8 providers/aws: cleanup of connections, upgrades network acl test 2015-04-16 15:02:04 -05:00
Clint Shryock c59bfd0ca5 Merge branch 'f-aws-upstream-s3'
* f-aws-upstream-s3:
  provider/aws: Conver AWS S3 to upstream sdk
2015-04-16 13:51:12 -05:00
Clint Shryock 1545dbb803 provider/aws: Convert Route 53 Zone, Record to upstream 2015-04-16 13:41:38 -05:00
Clint Shryock 7a99dd48b2 provider/aws: Convert Launch Configuration over to upstream
- removes extra ASG connection
2015-04-16 07:10:17 -05:00
Clint Shryock 1f7d0944f1 provider/aws: Convert AWS ASG to upstream aws-sdk-go 2015-04-15 15:29:59 -05:00
Clint Shryock 1ed2219493 don't capitalize IAM 2015-04-15 15:05:44 -05:00
Clint Shryock 470379e7ed connection naming cleanups 2015-04-15 14:36:08 -05:00
Clint Shryock 9187cab6ac provider/aws: Convert remaining RDS resources to use upstream library 2015-04-15 14:31:53 -05:00
Clint Shryock d579b4b75c provider/aws: Convert AWS RDS to use upstream aws-sdk-go 2015-04-15 14:28:02 -05:00
Clint Shryock 4186ec18c6 providers/aws: Conver AWS ELB to upstream 2015-04-14 16:41:36 -05:00
Clint Shryock d4e7c2dedc provider/aws: Conver AWS S3 to upstream sdk 2015-04-14 11:07:05 -05:00
Clint Shryock c160058baf provider/aws: Detect creds in AWS config 2015-04-09 17:06:22 -05:00
Radek Simko 947761f34f ec2/config: Use provided region instead of hardcoding us-west-2 2015-04-09 12:36:37 +01:00