John Engelman
052ff83670
Handle public zones correctly. Check for associate when reading.
2015-05-14 16:03:51 -05:00
John Engelman
8e62a14f29
verify VPC association on private zone
2015-05-14 16:03:50 -05:00
John Engelman
a51bc6007d
DelegationSet is not support in private zones.
2015-05-14 16:03:50 -05:00
John Engelman
bf97d6a80f
AWS/Route53Zone - create private hosted zone associated with VPC.
2015-05-14 16:03:50 -05:00
Paul Hinze
e47987651e
Merge pull request #1970 from hashicorp/f-asg-wait-for-elb-inservice
...
provider/aws: ASGs can wait for ELB InService
2015-05-14 15:09:45 -05:00
Paul Hinze
b56a42627f
provider/aws: ASGs can wait for ELB InService
...
This enhances the waiting strategy introduced in #1839 to wait for each
ASG instance to become InService in attached ELBs before continuing.
2015-05-14 15:03:53 -05:00
Clint
0b548a4a99
Merge pull request #1965 from hashicorp/f-export-cache-cluster-endpoints
...
provider/aws: export elasticache nodes
2015-05-14 14:05:33 -05:00
Clint Shryock
d81e63cc3c
provider/aws: ElastiCache test updates
...
- rename test to have _basic suffix, so we can run it individually
- use us-east-1 for basic test, since that's probably the only region that has
Classic
- update the indexing of nodes; cache nodes are 4 digits
2015-05-14 13:57:01 -05:00
Clint Shryock
10fc184c97
add tags helper library for ElastiCache
2015-05-14 12:32:40 -05:00
Mitchell Hashimoto
32f6eb77f3
Merge pull request #1960 from hashicorp/b-lc-ami
...
provider/aws: bad AMI won't block LC refresh [GH-1901]
2015-05-14 09:58:58 -07:00
Clint Shryock
2809280e98
cleanup
2015-05-14 11:51:08 -05:00
Clint Shryock
d8f3783d09
provider/aws: Add tag support to ElastiCache
2015-05-14 11:44:24 -05:00
Clint Shryock
aad0808cc5
make parameter group optional
2015-05-14 11:12:07 -05:00
Clint Shryock
a552db0c8c
provider/aws: ElastiCache enhancements
...
- request cache node info
- read after create, to populate nodes
2015-05-14 11:10:21 -05:00
Paul Hinze
7d9ee79660
provider/aws: add license_model to db_instance
2015-05-14 09:57:51 -05:00
Paul Hinze
6f3ce6bf3c
WIP export cache nodes
...
Needs to wait for len(cluster.CacheNodes) == cluster.NumCacheNodes, since
apparently that takes a bit of time and the initial response always has
an empty collection of nodes
2015-05-14 09:16:39 -05:00
Mitchell Hashimoto
e7c6cb22c5
provider/aws: bad AMI won't block LC refresh [GH-1901]
2015-05-13 20:28:36 -07:00
Clint Shryock
898fa91595
network acl cleanups
2015-05-12 22:23:55 -05:00
Clint Shryock
f7b6b6b2b5
Strip 'sdk' suffix from methods; it's a remnant
2015-05-12 14:58:10 -05:00
Clint Shryock
0dda704cbf
provider/aws: Support multiple subnets in Network ACL
2015-05-12 13:50:28 -05:00
Justin Campbell
b8cd6b2bae
providers/aws: Add support for S3 website redirect
2015-05-12 11:24:08 -04:00
Radek Simko
931d05198c
Merge pull request #1886 from TimeIncOSS/subnet-timeout-fix
...
Increase subnet & security group deletion timeout (2 -> 5 mins)
2015-05-12 07:02:28 +01:00
Mitchell Hashimoto
e1627883b2
Merge pull request #1907 from PeopleNet/rds-update
...
provider/aws: Closes #1906 . Only submit modification requests if there is a change
2015-05-11 16:38:02 -07:00
John Engelman
1798df8e03
Closes #1906 . Only submit modification requests if there is a change
2015-05-11 11:49:43 -05:00
John Engelman
04214c8c1a
Closes #1908 . Parse AccountId from User ARN for RDS tags
2015-05-11 10:32:06 -05:00
Radek Simko
754bcd8307
Increase subnet & security group deletion timeout (2 -> 5 mins)
...
- this should prevent DependencyViolation errors while waiting for larger ASGs to shut down
2015-05-09 22:18:04 +01:00
Clint Shryock
eaf96d9d6f
provider/aws: Document AWS ElastiCache cluster
...
- ElastiCache subnet group name is computed
2015-05-08 14:33:41 -05:00
Radek Simko
ce8351ddef
provider/aws: Add FQDN as output to route53_record
2015-05-08 20:19:40 +01:00
Justin Campbell
870b48b1c0
Merge pull request #1865 from justincampbell/s3-region-zone
...
providers/aws: Add hosted_zone_id and region to attributes
2015-05-08 14:49:12 -04:00
Paul Hinze
a28267b886
provider/aws: SG description should be ForceNew
...
Description cannot be handled in Update (there is no ModifySecurityGroup
API call), so we have to recreate to change the description.
Closes #1870
2015-05-08 12:16:54 -05:00
Justin Campbell
73651e2c70
providers/aws: Extract normalizeRegion
2015-05-08 10:49:21 -04:00
Justin Campbell
445f92e48a
providers/aws: Move HostedZoneIDForRegion into TF
2015-05-08 10:49:20 -04:00
Justin Campbell
64d2b495c3
providers/aws: Add region to S3 attrs
2015-05-08 10:02:16 -04:00
Justin Campbell
839688d477
providers/aws: Add hosted_zone_id to S3 attrs
2015-05-08 10:02:16 -04:00
Justin Campbell
d7c9d8702c
providers/aws: Extract website endpoint logic
2015-05-08 10:02:16 -04:00
Felix Rodriguez
60c3ca0430
typo
2015-05-07 23:21:47 +01:00
Clint Shryock
44461f49fd
update structure test
2015-05-07 17:18:47 -05:00
Clint Shryock
70984526a4
Merge remote-tracking branch 'ctiwald/ct/fix-protocol-problem'
...
* ctiwald/ct/fix-protocol-problem:
aws: Document the odd protocol = "-1" behavior in security groups.
aws: Fixup structure_test to handle new expandIPPerms behavior.
aws: Add security group acceptance tests for protocol -1 fixes.
aws: error on expndIPPerms(...) if our ports and protocol conflict.
2015-05-07 17:13:21 -05:00
Clint
4874179e9a
Merge pull request #1843 from ctiwald/ct/fix-network-acls
...
Fix a number of issues in AWS network ACLs
2015-05-07 16:39:10 -05:00
Paul Hinze
1594cb3dbe
provider/aws: remove names from LCs in ASG tests
...
Makes the tests a little more durable if your account happens to end up
with a dangling LC.
2015-05-07 10:14:49 -05:00
Clint Shryock
20ebb38b8f
update s3bucket website tests
2015-05-07 10:13:08 -05:00
Clint Shryock
fed42fe1b3
update tests so go vet is happy
2015-05-07 10:03:28 -05:00
Paul Hinze
e7b101dba4
provider/aws: elasticache_cluster engine_version is computed
...
fixes the TestAccAWSElasticacheCluster test
2015-05-07 08:47:52 -05:00
Christopher Tiwald
9e8aefcd40
aws: Fix network ACL acceptance tests and add -1 protocol rule.
2015-05-06 23:54:14 -04:00
Christopher Tiwald
5b0d61727e
aws: Only store protocol numbers for ingress/egress rules on ACLs.
...
Users can input a limited number of protocol names (e.g. "tcp") as
inputs to network ACL rules, but the API only supports valid protocol
number:
http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
Preserve the convenience of protocol names and simultaneously support
numbers by only writing numbers to the state file. Also use numbers
when hashing the rules, to keep everything consistent.
2015-05-06 23:54:12 -04:00
Christopher Tiwald
8056b5f8f7
aws: Force users to use valid network masks on ACL ingress/egress
...
AWS will accept any overly-specific IP/mask combination, such as
10.1.2.2/24, but will store it by its implied network: 10.1.2.0/24.
This results in hashing errors, because the remote API will return
hashing results out of sync with the local configuration file.
Enforce a stricter API rule than AWS. Force users to use valid masks,
and run a quick calculation on their input to discover their intent.
2015-05-06 23:53:34 -04:00
Christopher Tiwald
b888b31e08
aws: Force users to use from_port, to_port = 0 on network ACLs with -1 protocol
...
AWS doesn't store ports for -1 protocol rules, thus the read from the
API will always come up with a different hash. Force the user to make a
deliberate port choice when enabling -1 protocol rules. All from_port
and to_port's on these rules must be 0.
2015-05-06 23:51:23 -04:00
Christopher Tiwald
d14049c8ad
aws: Don't try to modify or delete the untouchable network_acl rules.
...
AWS includes default rules with all network ACL resources which cannot
be modified by the user. Don't attempt to store them locally or change
them remotely if they are already stored -- it'll consistently result
in hashing problems.
2015-05-06 23:03:25 -04:00
Christopher Tiwald
03ee059da3
aws: Write ingress/egress rules into a map so they can be set.
...
resourceAwsNetworkAclRead swallowed these errors resulting in rules
that never properly updated. Implement an entry-to-maplist function
that'll allow us to write something that Set knows how to read.
2015-05-06 23:03:24 -04:00
Paul Hinze
a9678bd252
Merge pull request #1840 from hashicorp/f-aws-asg-handle-scaling-activity-in-progress-errors
...
provider/aws: handle in progress errs from ASG deletes
2015-05-06 19:39:23 -05:00
Paul Hinze
90907c8be5
Merge pull request #1738 from justincampbell/s3-website
...
providers/aws: S3 bucket website support
2015-05-06 19:37:29 -05:00
Paul Hinze
03530d1285
provider/aws: handle in progress errs from ASG deletes
...
If an AutoScalingGroup is in the middle of performing a Scaling
Activity, it cannot be deleted, and yields a ScalingActivityInProgress
error.
Retry the delete for up to 5m so we don't choke on this error. It's
telling us something's in progress, so we'll keep trying until the
scaling activity completed.
2015-05-06 18:54:59 -05:00
Paul Hinze
761523e8f9
Merge pull request #1839 from hashicorp/f-aws-asg-wait-for-capacity
...
provider/aws: wait for ASG capacity on creation
2015-05-06 18:40:13 -05:00
Paul Hinze
063454e9b8
provider/aws: wait for ASG capacity on creation
...
On ASG creation, waits for up to 10m for desired_capacity or min_size
healthy nodes to show up in the group before continuing.
With CBD and proper HealthCheck tuning, this allows us guarantee safe
ASG replacement.
2015-05-06 18:34:20 -05:00
Clint
c44ba73a2a
Merge pull request #1837 from hashicorp/b-fix-aws-sg-vpcid
...
provider/aws: fix issue with reading VPC id in AWS Security Group
2015-05-06 17:01:20 -05:00
Clint Shryock
8705f0f78f
provider/aws: fix issue with reading VPC id in AWS Security Group
2015-05-06 16:54:43 -05:00
Mitchell Hashimoto
4a61d0abc9
provider/aws: do connection draining stuff totally separate
2015-05-06 11:47:06 -07:00
Clint Shryock
acbca8101c
provider/aws: Update Elasticache Subnet test
2015-05-06 13:44:24 -05:00
Mitchell Hashimoto
5378d904a2
provider/aws: remove debug
2015-05-06 11:43:36 -07:00
Mitchell Hashimoto
74665f27c8
provider/aws: must set connection draining timeout separate frrom
...
enabled
2015-05-06 11:43:18 -07:00
Mitchell Hashimoto
5d12c79d90
provider/aws: retry VGW connection a bit due to eventual consistency
2015-05-06 11:09:51 -07:00
Mitchell Hashimoto
f2ddb53c8f
provider/aws: only include network in hash if instance is not set
2015-05-06 10:32:17 -07:00
Mitchell Hashimoto
7311019efe
provider/aws: fix incorrect test
2015-05-06 10:20:19 -07:00
Mitchell Hashimoto
4db68cee89
providers/aws: eip network interface is computed
2015-05-06 10:04:38 -07:00
Mitchell Hashimoto
37c56d0084
provider/aws: fix alias test
2015-05-06 09:55:14 -07:00
Clint Shryock
4e717829f8
Merge branch 'master' of github.com:hashicorp/terraform
...
* 'master' of github.com:hashicorp/terraform:
provider/aws: detach VPN gateway with proper ID
update CHANGELOG
provider/aws: Update ARN in instanceProfileReadResult
provider/aws: remove placement_group from acctest
core: module targeting
Added support for more complexly images repos such as images on a private registry that are stored as namespace/name
2015-05-06 11:45:35 -05:00
Mitchell Hashimoto
b184e283b9
provider/aws: detach VPN gateway with proper ID
2015-05-06 09:45:08 -07:00
Clint Shryock
cd90648d4e
provider/aws: Fix acceptance issue with Network Acls
2015-05-06 11:44:09 -05:00
TANABE Ken-ichi
5be4ecdcdb
provider/aws: Update ARN in instanceProfileReadResult
2015-05-07 00:26:57 +09:00
Paul Hinze
010a39a58e
provider/aws: remove placement_group from acctest
...
Depends on there being an existing placement group in the account called
"terraform-placement-group" - we'll need to circle back around to cover
this with AccTests after TF gets an `aws_placement_group` resource.
2015-05-06 10:13:24 -05:00
Clint Shryock
34609c6c22
provider/aws: Change Route 53 record test name, so it can be ran individually
2015-05-06 09:48:15 -05:00
Paul Hinze
66fa633b80
provider/aws: move EBS test into us-west-2
2015-05-06 09:22:34 -05:00
Paul Hinze
bcb4067cb3
provider/aws: update test name
2015-05-06 09:20:40 -05:00
Paul Hinze
7303568469
providers/aws: update test name
2015-05-06 09:18:41 -05:00
Paul Hinze
b91796368f
provider/aws: update test name
2015-05-06 09:18:00 -05:00
Justin Campbell
2745adba56
providers/aws: Test S3 website endpoint attr
2015-05-06 09:41:02 -04:00
Justin Campbell
87e6d3d17f
providers/aws: Fix S3 website error doc
2015-05-06 09:41:02 -04:00
Justin Campbell
0b78a71ed5
providers/aws: Test S3 website removal
2015-05-06 09:41:02 -04:00
Justin Campbell
eeb65b8d4c
providers/aws: Read S3 website config
2015-05-06 09:41:02 -04:00
Paul Hinze
6c6eafa232
provider/aws: removing stray "Ecache" in tests
2015-05-06 08:33:05 -05:00
Justin Campbell
20e531ae0d
providers/aws: Check that S3 website sets docs
2015-05-06 08:15:56 -04:00
Justin Campbell
be84cf8a8c
providers/aws: Add note for us-east-1 empty location
2015-05-06 08:15:56 -04:00
Justin Campbell
348942d3fb
providers/aws: Use GetOk instead of Get + cast
2015-05-06 08:15:56 -04:00
Justin Campbell
562bd6541b
providers/aws: Use explicit returns in websiteEndpoint
2015-05-06 08:15:56 -04:00
Justin Campbell
30f737c781
providers/aws: Change S3 website to block
2015-05-06 08:15:56 -04:00
Justin Campbell
38e04b3765
providers/aws: Add website_endpoint to S3 output
2015-05-06 08:15:55 -04:00
Justin Campbell
b7a9ef5ef6
providers/aws: Add S3 error_document
...
Also fix when index/error document is empty
2015-05-06 08:15:55 -04:00
Justin Campbell
e6d9dcfb1a
providers/aws: Initial S3 bucket website support
2015-05-06 08:15:55 -04:00
Mitchell Hashimoto
1a2bac7645
provider/aws: main route table refresh handles VPC being gone [GH-1806]
2015-05-05 18:07:22 -07:00
Clint Shryock
885efa0837
provider/aws: Add Security Group Rule as a top level resource
...
- document conflict with sg rules and sg in-line rules
- for this to work, ingress rules need to be computed
2015-05-05 16:56:39 -05:00
Clint
a4000941c2
Merge pull request #1765 from hashicorp/f-aws-security-group-remove-default-egress
...
provider/aws: Remove default egress rule from Security Group on creation
2015-05-05 16:47:23 -05:00
Mitchell Hashimoto
fb4ac42c65
Merge pull request #1516 from henrikhodne/aws-propagating-vgws
...
provider/aws: add propagating_vgws to route tables
2015-05-05 14:42:45 -07:00
Clint Shryock
eb7c1bb218
fix go formatting
2015-05-05 16:42:08 -05:00
Clint Shryock
e9b08cf31f
revert the required part
2015-05-05 16:23:26 -05:00
Clint Shryock
1ed81da9a9
update ENI test for SG egress constraint
2015-05-05 16:23:26 -05:00
Clint Shryock
85b1756c27
revise tests and check for vpc_id
2015-05-05 16:23:26 -05:00
Clint Shryock
8ded3c2d1b
Move block for deleing default rule into the create method; only invoke once
2015-05-05 16:23:26 -05:00
Clint Shryock
ee65684abe
Add spec for removing default egress rule
2015-05-05 16:23:26 -05:00
Clint Shryock
b145ce88b7
Document Egress+VPC change, update link
2015-05-05 16:23:26 -05:00
Clint Shryock
1558fd1c3e
provider/aws: Remove default egress rule from Security Group on creation
2015-05-05 16:23:25 -05:00