stevehorsfield
03c2c4408f
Add support for 'prefix_list_ids' to AWS VPC security group rules
...
Prefix list IDs are used when allowing egress to an AWS VPC Endpoint.
See http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html#vpc-endpoints-routing
2016-06-30 15:48:27 -07:00
Mitchell Hashimoto
84fa3e5c9e
providers/aws: security group import
2016-05-11 13:02:36 -07:00
clint shryock
e98d7d706f
provider/aws: Convert protocols to standard format for Security Groups
...
Convert network protocols to their names for keys/state, fixing issue(s) when
using them interchangeably.
2016-03-28 10:32:39 -05:00
Clint
99ddea503d
Merge pull request #5495 from nicolai86/bugfix/aws_security_group-protocol-case-sensitivity
...
provider/aws Always transform aws_security_group protocol to lower case
2016-03-10 09:34:55 -06:00
Clint
239b3e4f5f
Merge pull request #5533 from hashicorp/pr-5184
...
provider/aws: Fix EC2 Classic SG Rule issue
2016-03-10 08:56:29 -06:00
Paul Hinze
108ccf0007
builtin: Refactor resource.Retry to clarify return
...
Change the `RetryFunc` from a plain `error` return type to a
specialized `RetryError` which must decide whether it is
retryable or not.
Add `RetryableError` / `NonRetryableError` factory functions that
callers are meant to use to build up these errors.
This makes it eminently clear whether or not a given error is
retryable from inside the client code.
Goal here is to _not_ change any behavior, simply reflect the
existing behavior with the new, clearer, API.
2016-03-09 17:37:56 -06:00
ephemeralsnow
54cb5ffe00
provider/aws: Fix EC2 Classic SG Rule issue
...
Fixes an issue where security groups would fail to update after applying an
initial security_group, because we were improperly saving the id of the group
and not the name (EC2 Classic only).
This is a PR combining https://github.com/hashicorp/terraform/pull/4983 and
https://github.com/hashicorp/terraform/pull/5184 . It's majority
@ephemeralsnow's work.
2016-03-09 09:51:41 -06:00
Raphael Randschau
2c698d2cb0
Always transform aws_security_group protocol to lower case
...
fixes #5489
2016-03-07 22:40:29 +01:00
clint shryock
280054a387
provider/aws: Security Rules drift and sorting changes
...
This commit adds failing tests to demonstrate the problem presented with AWS
aggregating the security group rules
2016-02-19 16:51:08 -06:00
Trevor Pounds
0cd0ff0f8e
Use built-in schema.HashString.
2016-02-07 16:29:34 -08:00
Clint
0f2f9da2fd
Merge pull request #4779 from hashicorp/aws-sg-drift-fix
...
provider/aws: Fix issue with detecting drift in AWS Security Groups rules
2016-01-25 16:35:43 -06:00
clint shryock
7462eb1742
provider/aws: Fix issue with detecting drift in AWS Security Groups in-line rules
2016-01-21 11:21:25 -06:00
Ian Duffy
47ac10d66b
Change resource.StateChangeConf to use an array for target states
...
Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-01-21 01:20:41 +00:00
James Nugent
8e538b68ec
Fix errors with gofmt compliance
2015-12-17 12:35:19 -05:00
stack72
6817e0d144
Adding the ability to generate a securitygroup name-prefix
2015-12-04 09:21:08 -05:00
Clint Shryock
0c2f189d08
provider/aws: Update to aws-sdk 0.9.0 rc1
2015-08-17 13:27:16 -05:00
Clint Shryock
579ccbefea
provider/aws: Update source to comply with upstream breaking change
2015-07-28 15:29:46 -05:00
Radek Simko
4525119a57
provider/aws: Add validation for aws_security_group (name+description)
2015-06-26 15:10:04 +01:00
Paul Hinze
b71fa3d0ae
provider/aws: handle upstream aws-sdk-go repo move
...
`awslabs/aws-sdk-go => aws/aws-sdk-go`
Congrats to upstream on the promotion. :)
2015-06-03 13:36:57 -05:00
Paul Hinze
31258e06c6
provider/aws: fix breakages from awserr refactor
...
This landed in aws-sdk-go yesterday, breaking the AWS provider in many places:
3c259c9586
Here, with much sedding, grepping, and manual massaging, we attempt to
catch Terraform up to the new `awserr.Error` interface world.
2015-05-20 06:21:23 -05:00
Clint Shryock
f7b6b6b2b5
Strip 'sdk' suffix from methods; it's a remnant
2015-05-12 14:58:10 -05:00
Radek Simko
754bcd8307
Increase subnet & security group deletion timeout (2 -> 5 mins)
...
- this should prevent DependencyViolation errors while waiting for larger ASGs to shut down
2015-05-09 22:18:04 +01:00
Paul Hinze
a28267b886
provider/aws: SG description should be ForceNew
...
Description cannot be handled in Update (there is no ModifySecurityGroup
API call), so we have to recreate to change the description.
Closes #1870
2015-05-08 12:16:54 -05:00
Clint Shryock
70984526a4
Merge remote-tracking branch 'ctiwald/ct/fix-protocol-problem'
...
* ctiwald/ct/fix-protocol-problem:
aws: Document the odd protocol = "-1" behavior in security groups.
aws: Fixup structure_test to handle new expandIPPerms behavior.
aws: Add security group acceptance tests for protocol -1 fixes.
aws: error on expndIPPerms(...) if our ports and protocol conflict.
2015-05-07 17:13:21 -05:00
Clint Shryock
8705f0f78f
provider/aws: fix issue with reading VPC id in AWS Security Group
2015-05-06 16:54:43 -05:00
Clint Shryock
885efa0837
provider/aws: Add Security Group Rule as a top level resource
...
- document conflict with sg rules and sg in-line rules
- for this to work, ingress rules need to be computed
2015-05-05 16:56:39 -05:00
Clint Shryock
eb7c1bb218
fix go formatting
2015-05-05 16:42:08 -05:00
Clint Shryock
e9b08cf31f
revert the required part
2015-05-05 16:23:26 -05:00
Clint Shryock
85b1756c27
revise tests and check for vpc_id
2015-05-05 16:23:26 -05:00
Clint Shryock
8ded3c2d1b
Move block for deleing default rule into the create method; only invoke once
2015-05-05 16:23:26 -05:00
Clint Shryock
b145ce88b7
Document Egress+VPC change, update link
2015-05-05 16:23:26 -05:00
Clint Shryock
1558fd1c3e
provider/aws: Remove default egress rule from Security Group on creation
2015-05-05 16:23:25 -05:00
Clint Shryock
3ce3b7c516
provider/aws: Shorting retry timeout for Security Groups to 2 minutes, from 5
2015-05-05 11:07:16 -05:00
Christopher Tiwald
89bacc0b15
aws: error on expndIPPerms(...) if our ports and protocol conflict.
...
Ingress and egress rules given a "-1" protocol don't have ports when
Read out of AWS. This results in hashing problems, as a local
config file might contain port declarations AWS can't ever return.
Rather than making ports optional fields, which carries with it a huge
headache trying to distinguish between zero-value attributes (e.g.
'to_port = 0') and attributes that are simply omitted, simply force the
user to opt-in when using the "-1" protocol. If they choose to use it,
they must now specify "0" for both to_port and from_port. Any other
configuration will error.
2015-05-04 23:43:31 -04:00
Paul Hinze
079856620a
provider/aws: set default SG description
...
because requiring a SG description is annoying
2015-04-22 13:27:20 -05:00
Paul Hinze
33de319293
provider/aws: allow SG names to be generated
2015-04-22 12:56:06 -05:00
Nevins Bartolomeo
6da242de03
fixing sg refresh
2015-04-20 11:27:58 -04:00
Clint Shryock
3e6822ce08
more cleans ups of SDK reference
2015-04-16 15:28:18 -05:00
Clint Shryock
ba43b7c963
mass search-replace of ec2SDKconn
2015-04-16 15:05:55 -05:00
Clint Shryock
ffdd20133a
providers/aws: Convert AWS Security Group to upstream aws-sdk-go
...
Moves structure test lib too, to that `make test` actually runs it
2015-04-09 09:10:04 -05:00
Clint
eadc44d5f7
Merge pull request #1223 from hashicorp/b-fix-ingress-self-ommission
...
provider/aws: Fix issue with ignoring the 'self' attribute of a Security Group rule
2015-03-18 16:42:17 -05:00
Mitchell Hashimoto
d823a8cf81
providers/aws: fix security group self ingress rules on EC2-classic
2015-03-18 13:47:59 +00:00
Clint Shryock
7034619863
provider/aws: Fix issue where we ignored the 'self' attribute of a security group rule
2015-03-17 15:48:10 -05:00
Clint Shryock
28fbd971fc
Retire goamz
2015-03-13 09:42:50 -05:00
Clint Shryock
57556bba75
Replace tags files with tags_sdk, rename, and update
2015-03-12 16:43:08 -05:00
Clint Shryock
902ca25f36
Code cleanup
2015-03-11 08:30:43 -05:00
Clint Shryock
3977256c17
Cleansup: Restore expandIPPerms, remove flattenIPPerms
2015-03-10 16:35:49 -05:00
Clint Shryock
a22c23ad42
clean up debug output to make go vet happy
2015-03-10 15:55:49 -05:00
Clint Shryock
20b02cacd4
provider/aws: Convert AWS Security Group to aws-sdk-go
...
Convert security group test too
2015-03-09 11:45:58 -05:00
Mitchell Hashimoto
c7e536680d
Merge pull request #999 from TimeInc/clean-code
...
Clean code (get rid of go vet errors)
2015-02-18 12:28:12 -08:00