Fixes: #11549
When a user passes the wrong argument to a route53_record import, they
got a crash. This was because we expected the ID to parse correctly. The
crash looked like this:
```
% terraform import aws_route53_record.import1 mike.westredd.com
aws_route53_record.import1: Importing from ID "mike.westredd.com"...
aws_route53_record.import1: Import complete!
Imported aws_route53_record (ID: mike.westredd.com)
aws_route53_record.import1: Refreshing state... (ID: mike.westredd.com)
Error importing: 1 error(s) occurred:
* aws_route53_record.import1: unexpected EOF
panic: runtime error: index out of range
```
Rather than throwing a panic to the user, we should present them with a more useful message that tells them what the error is:
```
% terraform import aws_route53_record.import mike.westredd.com
aws_route53_record.import: Importing from ID "mike.westredd.com"...
aws_route53_record.import: Import complete!
Imported aws_route53_record (ID: mike.westredd.com)
aws_route53_record.import: Refreshing state... (ID: mike.westredd.com)
Error importing: 1 error(s) occurred:
* aws_route53_record.import: Error Importing aws_route_53 record. Please make sure the record ID is in the form ZONEID_RECORDNAME_TYPE (i.e. Z4KAPRWWNC7JR_dev_A
```
At least they can work out what the problem is in this case
Cloud SQL Gen 2 instances come with a default 'root'@'%' user on
creation. This change automatically deletes that user after creation. A
Terraform user must use the google_sql_user to create a user with
appropriate host and password.
The `aws_availability_zones` data source test was panicking. This fixes both tests
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAvailabilityZones'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 15:47:39 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAvailabilityZones -timeout 120m
=== RUN TestAccAWSAvailabilityZones_basic
--- PASS: TestAccAWSAvailabilityZones_basic (12.56s)
=== RUN TestAccAWSAvailabilityZones_stateFilter
--- PASS: TestAccAWSAvailabilityZones_stateFilter (13.59s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 26.187s
```
* Added Step Function Activity & Step Function State Machine
* Added SFN State Machine documentation
* Added aws_sfn_activity & documentation
* Allowed import of sfn resources
* Added more checks on tests, fixed documentation
* Handled the update case of a SFN function (might be already deleting)
* Removed the State Machine import test file
* Fixed the eventual consistency of the read after delete for SFN functions
The API asks you to send lower case values, but returns uppercase ones.
Here we lowercase the returned API values.
There is no migration here because the field in question is nested in a
set, so the hash will change regardless. Anyone using this feature now
has it broken anyway.
Fixes 2 acceptance tests for the `aws_instance` data source
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSInstanceDataSource_SecurityGroups'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:12:15 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstanceDataSource_SecurityGroups -timeout 120m
=== RUN TestAccAWSInstanceDataSource_SecurityGroups
--- PASS: TestAccAWSInstanceDataSource_SecurityGroups (119.14s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 119.172s
```
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSInstanceDataSource_tags'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:15:42 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstanceDataSource_tags -timeout 120m
=== RUN TestAccAWSInstanceDataSource_tags
--- PASS: TestAccAWSInstanceDataSource_tags (118.87s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 118.900s
```
The existing hash function for set items cannot generate consistent hashes when using both `Optional` and `Computed` on a schema field.
I tried to add this use case to the existing code base, but came to the conclusion this would be quite an endeavor.
That together with the fact this is the only field in all sets used in all builtin providers/resources that would be using both options at the same time, made me decide to change this single resource instead.
When switching from one Rancher server to another, we want Terraform
to recreate Rancher resources. This currently leads to ugly `EOF` errors.
This patch resets resource Ids when they can't be found in the Rancher API.
* Image and vhdcontainers are mutually exclusive.
* Fix ip configuration handling and update support for load balancer backend pools.
* Fix os disk handling.
* Remove os_type from disk hash.
* Load balancer pools should not be computed.
* Add support for the overprovision property.
* Update documentation.
* Create acceptance test for scale set lb changes.
* Create acceptance test for scale set overprovisioning.
* OS-131 Updated dependencies to use ukcloud/govcloudair instead of hmrc/vmware-govcd
* OS-131 Fixed failing tests by adding package name to imports of ukcloud/govcloudair
* OS-131 Minor change to force Travis to re-build the PR
* added server_side_encryption to s3_bucket_object resource including associated acceptance test and documentation.
* got acceptance tests passing.
* made server_side_encryption a computed attribute and only set kms_key_id attribute if an S3 non-default master key is in use.
* ensured kms api is only interrogated if required.
Fixes `aws_rds_cluster_parameter_group` acceptance tests, which have been broken since aa8c2ac587
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBClusterParameterGroupOnly'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:20:38 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBClusterParameterGroupOnly -timeout 120m
=== RUN TestAccAWSDBClusterParameterGroupOnly
--- PASS: TestAccAWSDBClusterParameterGroupOnly (15.26s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 15.282s
```
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBClusterParameterGroup_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:22:48 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBClusterParameterGroup_basic -timeout 120m
=== RUN TestAccAWSDBClusterParameterGroup_basic
--- PASS: TestAccAWSDBClusterParameterGroup_basic (29.48s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 29.510s
```
Fixes `aws_cloudwatch_log_subscription_filter` acceptance tests that had been failing since mid December
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudwatchLogSubscriptionFilter_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:00:05 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudwatchLogSubscriptionFilter_basic -timeout 120m
=== RUN TestAccAWSCloudwatchLogSubscriptionFilter_basic
--- PASS: TestAccAWSCloudwatchLogSubscriptionFilter_basic (26.34s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 26.364s
```
* Creates papertrail logging resource for fastly
* Adds modification support for fastly papertrail
* Flattens and lists papertrail resources
* Adds testing for fastly papertrail
* Adds papertrail documentation for fastly to the website
* Fixes schema assignment name mistake
* Changes testing hostnames to pass fastly API validation
Implementing vpc_peering_connection_accept.
Additions from @ewbankkit:
Rename 'aws_vpc_peering_connection_accept' to 'aws_vpc_peering_connection_accepter'.
Get it working reusing functionality from 'aws_vpc_peering_connection' resource.
* Add a new data provider to decrypt AWS KMS secrets
* Address feedback
* Rename aws_kms_secrets to aws_kms_secret
* Add more examples to the documentation
Fixes: #11461
This will allow the user to pass a policy to further restrict the use
of AssumeRole. It is important to note that it will NOT allow an
expansion of access rights
According to https://github.com/hashicorp/errwrap
'{{err}}' has to be used instead of '%s'
Without this patch, error output from terraform is missing important information:
* aws_cloudwatch_log_group.logs: Error Getting CloudWatch Logs Tag List: %s
With this patch, I get the important information. E.g.:
* aws_cloudwatch_log_group.logs: Error Getting CloudWatch Logs Tag List: AccessDeniedException: User: arn:aws:sts::XYZ:assumed-role/AAA-BBB-CCC/terraform-assuming-role-assume-role-ReadOnly is not authorized to perform: logs:ListTagsLogGroup on resource: arn:aws:logs:us-east-1:XYZ:log-group:logs:log-stream:
The support for "use_client_subnet" was half finished.
- Field was defined in schema.
- ResourceData-to-struct code was present but incorrect.
- struct-to-ResourceData code was missing.
Made the change and verified with manual testing:
1. In NS1 UI, switched "Use Client Subnet" between checked and
unchecked.
2. In Terraform config file, switched "use_client_subnet" field between
"true", "false", and omitted.
3. The output of "terraform plan" was as expected in all six cases.
This commit removes the default security group rules that are automatically
created when a security group is created. These rules are usually
permissive egress rules which makes it difficult to add more strict egress
security group rules.
Allows the user to import a default aws_alb_listener_rule. When creating the resource with TF, the AWS API requires that `priority` be an integer.
However, the `DescribeRules` API call returns a string for `priority`. This would work in every case except for the `default` listener rule, which sets the `priority` value to the string "default".
This fixes the previous error:
```
Error importing: 1 error(s) occurred:
* aws_alb_listener_rule.test: Cannot convert rule priority %q to int: strconv.ParseInt: parsing "default": invalid syntax
```
Fixes: #11464
Previously an attempt to destroy a LB stickiness policy would
result in an error like this:
```
* aws_lb_cookie_stickiness_policy.foo: Error removing LBCookieStickinessPolicy: LoadBalancerNotFound: There is no ACTIVE Load Balancer named 'tf-test-lb-tqatd'
status code: 400, request id: 28af1167-e4a4-11e6-8ddd-57ba410cbbb6
```
This checks for a missing load balancer on the policy read and allows
the destroy.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLBCookieStickinessPolicy_missingLB'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/27 07:21:11 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSLBCookieStickinessPolicy_missingLB -timeout 120m
=== RUN TestAccAWSLBCookieStickinessPolicy_missingLB
--- PASS: TestAccAWSLBCookieStickinessPolicy_missingLB (28.90s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 28.929s
```
Add support for creating, updating, and deleting projects, as well as
their enabled services and their IAM policies.
Various concessions were made for backwards compatibility, and will be
removed in 0.9 or 0.10.
Adds EBS Volume support and tests for EMR Instnace Groups
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEMRInstanceGroup_ebsBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/25 10:14:58 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEMRInstanceGroup_ebsBasic -timeout 120m
=== RUN TestAccAWSEMRInstanceGroup_ebsBasic
--- PASS: TestAccAWSEMRInstanceGroup_ebsBasic (675.14s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 675.171s
```
Type of change:
===============
- Bug fix
What changed? ... and Why:
==========================
The regexp is currently set to:
`pattern := `^[a-zA-Z0-9$_]+$`
The AWS docs state that qualifer names must conform to the following
regexp:
`Pattern: (|[a-zA-Z0-9$_-]+)`
As you can see, the current regexp in Terraform is missing the `-` at
the end.
This addresses that.
How has it been tested?
=======================
Added a few test cases to the existing spec for `AwsLambdaQualifier`
validation.
Adds a diff suppress function for the `engine_version` attribute of the `db_instance` AWS resource.
The function only supresses the state diff, if the attribute key `auto_minor_version_upgrade` is set, and if the returned `engine_version` from the running RDS instance shares the same prefix as the configured `engine_version`.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBInstance_MinorVersion'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/23 17:59:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBInstance_MinorVersion -timeout 120m
=== RUN TestAccAWSDBInstance_MinorVersion
--- PASS: TestAccAWSDBInstance_MinorVersion (503.48s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 503.518s
```
This commit adds a StateRefresh func for volume attachments. Mostly
this is to add a buffer of time between the request and the return
of the attachment to give time for the volume to become attached,
however, in some cases the refresh function could work as specified.
Docs have also been updated to reflect that a device could be specified,
but to use with caution.
* vendor: update gopkg.in/ns1/ns1-go.v2
* provider/ns1: Port the ns1 provider to Terraform core
* docs/ns1: Document the ns1 provider
* ns1: rename remaining nsone -> ns1 (#10805)
* Ns1 provider (#11300)
* provider/ns1: Flesh out support for meta structs.
Following the structure outlined by @pashap.
Using reflection to reduce copy/paste.
Putting metas inside single-item lists. This is clunky, but I couldn't
figure out how else to have a nested struct. Maybe the Terraform people
know a better way?
Inside the meta struct, all fields are always written to the state; I
can't figure out how to omit fields that aren't used. This is not just
verbose, it actually causes issues because you can't have both "up" and
"up_feed" set).
Also some minor other changes:
- Add "terraform" import support to records and zones.
- Create helper class StringEnum.
* provider/ns1: Make fmt
* provider/ns1: Remove stubbed out RecordRead (used for testing metadata change).
* provider/ns1: Need to get interface that m contains from Ptr Value with Elem()
* provider/ns1: Use empty string to indicate no feed given.
* provider/ns1: Remove old record.regions fields.
* provider/ns1: Removes redundant testAccCheckRecordState
* provider/ns1: Moves account permissions logic to permissions.go
* provider/ns1: Adds tests for team resource.
* provider/ns1: Move remaining permissions logic to permissions.go
* ns1/provider: Adds datasource.config
* provider/ns1: Small clean up of datafeed resource tests
* provider/ns1: removes testAccCheckZoneState in favor of explicit name check
* provider/ns1: More renaming of nsone -> ns1
* provider/ns1: Comment out metadata for the moment.
* Ns1 provider (#11347)
* Fix the removal of empty containers from a flatmap
Removal of empty nested containers from a flatmap would sometimes fail a
sanity check when removed in the wrong order. This would only fail
sometimes due to map iteration. There was also an off-by-one error in
the prefix check which could match the incorrect keys.
* provider/ns1: Adds ns1 go client through govendor.
* provider/ns1: Removes unused debug line
* docs/ns1: Adds docs around apikey/datasource/datafeed/team/user/record.
* provider/ns1: Gets go vet green
This commit switches out the use of `fmt.Errorf` to `errwrap.Wrapf` in
the `aws_autoscaling_lifecycle_hook` resource, and corrects a typo which
causes the parameter object to be returned to a user rather than the
underlying error.
Allows users from govcloud and other regions (aws-cn) to now use the following resources correctly:
```
- data "aws_billing_service_account"
- data "aws_elb_service_account"
- resource "aws_cloudfront_origin_access_identity"
- resource "aws_ecs_service"
- resource "aws_iam_saml_provider"
- resource "aws_lambda_permission"
- resource "aws_sns_topic_policy"
```
According to the coreos [documentation](https://coreos.com/ignition/docs/latest/configuration.html), systemd units only require the name attribute per each unit. This can also be validated with the CoreOS config validator. This change allows the `ignition_systemd_unit` resource to no longer fail if given an empty `content` and `dropin`.
Also adds a test to cover this use case.
Fixes failing acceptance test:
```
$ make testacc TEST=./builtin/providers/digitalocean TESTARGS='-run=TestAccDigitalOceanVolume_Droplet'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/20 11:38:26 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/digitalocean -v -run=TestAccDigitalOceanVolume_Droplet -timeout 120m
=== RUN TestAccDigitalOceanVolume_Droplet
--- PASS: TestAccDigitalOceanVolume_Droplet (57.38s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/digitalocean 57.411s
```
Also removes all redundant type declarations in the digitalocean package.
* provider/aws: Remove hardcoded https from the ecr repository
When the ECR resource was created, we hardcoded the repository URL to
start with https://
This was a mistake as all interaction with the repository now must
include a replace function for the https:// to "" for this to be usable
We need to note this change in the backward incompatibilities
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEcrRepository_' ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/20 14:37:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEcrRepository_ -timeout 120m
=== RUN TestAccAWSEcrRepository_importBasic
--- PASS: TestAccAWSEcrRepository_importBasic (20.46s)
=== RUN TestAccAWSEcrRepository_basic
--- PASS: TestAccAWSEcrRepository_basic (18.77s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 39.251s
```
* Update ecr_repository.html.markdown
Fixes AwsS3BucketPolicy Acceptance Tests to match policy document changes from upstream.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSS3BucketPolicy'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/20 11:55:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSS3BucketPolicy -timeout 120m
=== RUN TestAccAWSS3BucketPolicy_basic
--- PASS: TestAccAWSS3BucketPolicy_basic (33.64s)
=== RUN TestAccAWSS3BucketPolicy_policyUpdate
--- PASS: TestAccAWSS3BucketPolicy_policyUpdate (61.91s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 95.591s
```
Updates ECS task_definition documentation, and schema validation functions to match the AWS API documentation.
Updates ECS service documentation, and schema validation functions match the AWS API documentation.
* removes region param from backend_service
- this param was not being used in this service
- you need a regional_backend_service if you want to pass this
* deprecated region instead of outright removing
* put session affinity formatting back
* providers/google: add support for encrypting a disk
* providers/google: Add docs for encrypting disks
* providers/google: CSEK small fixes: sensitive params and mismatched state files
This fixes storage related operations for all environments outside of the public
Azure cloud, tested by deploying all storage resources in a German subscription.
* provider/scaleway: fix bootscript tests
the bootscript tests where failing because the referenced bootscript is no
longer available.
for now this just makes the tests pass again, next step should be to lookup a
bootscript so we don't have to update the tests all the time
* provider/scaleway: fix bootscript data source filter bug
when providing a name only the architecture was ignoerd, which can lead to
issues since some bootscript names are identical, even though the architecture
is different.
* provider/scaleway: remove data bootscript exact name test
the test fails after some time because scaleway removes older bootscripts.
let's just settle with filtered tests for now, which don't have this problem.
* Remove contradiction with Scaleway documentation
The parameters previously termed by Terraform:
1. Organization
2. Access key
Are referred to, respectively, by Scaleway [0] as:
1. Access key
2. Token
which is a confusing contradiction for a user.
Since Scaleway terms (1) both 'access key' [0] and 'organization ID' [1],
@nicolai86 suggested keeping the latter as already used, but changing (2) for
'token'; removing the contradiction.
This commit thus changes the parameters to:
1. Organization
2. Token
Closes#10815.
[0] - https://cloud.scaleway.com/#/credentials
[1] - https://www.scaleway.com/docs/retrieve-my-organization-id-throught-the-api
* Update docs to reflect Scaleway offering x86
Scaleway now provides x86 servers [0] as well as ARM.
This commit removes 'ARM' from various references suggesting that might be the
only option.
[0] - https://blog.online.net/2016/03/08/c2-insanely-affordable-x64-servers/
Adds a validation function for cloudflare record types. Also adds an apply-time validation for the record's content based on record type. Currently only validating `A` and `AAAA` records, can be expanded to verify record content for every possible record type in the future.
```
$ make test TEST=./builtin/providers/cloudflare
==> Checking that code complies with gofmt requirements...
==> Checking AWS provider for unchecked errors...
==> NOTE: at this time we only look for uncheck errors in the AWS package
==> Installing errcheck...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/13 14:41:37 Generated command/internal_plugin_list.go
TF_ACC= go test ./builtin/providers/cloudflare -timeout=30s -parallel=4
ok github.com/hashicorp/terraform/builtin/providers/cloudflare 0.018s
```
Fixes: #11173
statistic
Fixes: #11189
This introduces a new parameter and makes an existing parameter from
`required` to `optional` as both cannot be specified together
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchMetricAlarm_' 2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/13 11:25:24 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchMetricAlarm_ -timeout 120m
=== RUN TestAccAWSCloudWatchMetricAlarm_importBasic
--- PASS: TestAccAWSCloudWatchMetricAlarm_importBasic (19.80s)
=== RUN TestAccAWSCloudWatchMetricAlarm_basic
--- PASS: TestAccAWSCloudWatchMetricAlarm_basic (20.42s)
=== RUN TestAccAWSCloudWatchMetricAlarm_extendedStatistic
--- PASS: TestAccAWSCloudWatchMetricAlarm_extendedStatistic (18.92s)
PASS
```
the CI sees many failing Scaleway tests due to request quotas being exceeded.
this PR aims to address this issue by switching from `resource.Retry`, which
waits 100ms between retries, to `resource.StateChangeConf` with a configured
delay of 5s between retries.
this should help us fixing the quota issue…
* provider/aws: New DataSource: aws_elb_hosted_zone_id
This datasource is a list of all of the ELB DualStack Hosted Zone IDs.
This will allow us to reference the correct hosted zone id when creating
route53 alias records
There are many bugs for this - this is just the beginning of fixing them
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElbHostedZoneId_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/04 13:04:32 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSElbHostedZoneId_basic -timeout 120m
=== RUN TestAccAWSElbHostedZoneId_basic
--- PASS: TestAccAWSElbHostedZoneId_basic (20.46s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 20.484s
```
* Update elb_hosted_zone_id.html.markdown
us-east-1
Fixes#11175
Because of a previous limitation that codecommit only ran in us-east-1,
we hard coded the session under which it should run. This has caused the
repository to be spun up in the wrong region regardless of what region
was passed to the provider
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCodeCommitRepository_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/12 16:09:52 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCodeCommitRepository_ -timeout 120m
=== RUN TestAccAWSCodeCommitRepository_basic
--- PASS: TestAccAWSCodeCommitRepository_basic (23.28s)
=== RUN TestAccAWSCodeCommitRepository_withChanges
--- PASS: TestAccAWSCodeCommitRepository_withChanges (33.71s)
=== RUN TestAccAWSCodeCommitRepository_create_default_branch
--- PASS: TestAccAWSCodeCommitRepository_create_default_branch (22.70s)
=== RUN TestAccAWSCodeCommitRepository_create_and_update_default_branch
--- PASS: TestAccAWSCodeCommitRepository_create_and_update_default_branch (32.72s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 112.437s
```
* Add subnetwork_project field to allow for XPN in GCE instance templates
* Missing os import
* Removing unneeded check
* fix formatting
* Add subnetwork_project to read
* provider/openstack: LoadBalancer Security Groups
This commit adds the ability to specify security groups on a loadbalancer
resource.
* provider/openstack: LoadBalancer Security Groups Refactor
Moving common security group code into a dedicated function.
If an error occurred which prevented the lb sub resources being written to state
then the next apply would fail as the resources would already exist in the API.
go test -c ./builtin/providers/azurerm -o ./builtin/providers/azurerm/test-azurerm
TestAccAzureRMLoadBalancerBackEndAddressPool_reapply
TestAccAzureRMLoadBalancerBackEndAddressPool_removal
TestAccAzureRMLoadBalancerNatPool_basic
TestAccAzureRMLoadBalancerBackEndAddressPool_basic
TestAccAzureRMLoadBalancerNatRule_basic
TestAccAzureRMLoadBalancerNatPool_reapply
TestAccAzureRMLoadBalancerNatPool_removal
TestAccAzureRMLoadBalancerNatPool_update
TestAccAzureRMLoadBalancerProbe_basic
TestAccAzureRMLoadBalancerNatRule_removal
TestAccAzureRMLoadBalancerNatRule_update
TestAccAzureRMLoadBalancerNatRule_reapply
TestAccAzureRMLoadBalancerProbe_removal
TestAccAzureRMLoadBalancerProbe_reapply
TestAccAzureRMLoadBalancerProbe_update
TestAccAzureRMLoadBalancerRule_basic
TestAccAzureRMLoadBalancerRule_inconsistentReads
TestAccAzureRMLoadBalancerRule_removal
TestAccAzureRMLoadBalancerProbe_updateProtocol
TestAccAzureRMLoadBalancer_basic
TestAccAzureRMLoadBalancerRule_update
TestAccAzureRMLoadBalancerRule_reapply
TestAccAzureRMLoadBalancer_frontEndConfig
TestAccAzureRMLoadBalancer_tags
Utilize the ChangeResourceRecordSets to change the type of a record by
deleting and recreating with a new type.
As change batches are considered transactional changes, Amazon Route 53
either makes all or none of the changes in the batch request ensuring the
update will never be partially applied.
Documentation for the `aws_route_table` data source mentions that it supports a route table `id` as an argument, however it was missing from the actual provider code.
Adds in the missing provider code, adds a test, and updates the documentation to use `rtb_id` as the argument, instead of the more ambiguous `id`.
A VPC's main route table has an implicit subnet association, not an explicit subnet association. This caused a Terraform panic when using the `data_source_aws_route_table` resource to query the main route table for a VPC.
This fixes the Terraform panic, and allows the data lookup to complete successfully. Also added an acceptance test to verify the bugfix.
Fixes: #11134
The second step of the `TestAccDigitalOceanDroplet_ResizeWithOutDisk` acceptance test was regularly failing. Upon investigation it was found that the second step's Terraform configuration had omitted the `user_data` parameter, thus forcing Terraform to create a new droplet resource instead of updating the current resource.
```
-/+ digitalocean_droplet.foobar
disk: "20" => "<computed>"
image: "centos-7-x64" => "centos-7-x64"
ipv4_address: "138.197.0.55" => "<computed>"
ipv4_address_private: "" => "<computed>"
ipv6_address: "" => "<computed>"
ipv6_address_private: "" => "<computed>"
locked: "false" => "<computed>"
name: "foo" => "foo"
region: "nyc3" => "nyc3"
resize_disk: "true" => "false"
size: "512mb" => "1gb"
ssh_keys.#: "1" => "1"
ssh_keys.0: "5770472" => "5770472"
status: "active" => "<computed>"
user_data: "foobar" => "" (forces new resource)
vcpus: "1" => "<computed>"
```
This fixes the acceptance test by adding the missing `user_data` parameter.
request_path had Computed enabled which prevented updating it to an empty value
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMLoadBalancerProbe -timeout 120m
=== RUN TestAccAzureRMLoadBalancerProbe_basic
--- PASS: TestAccAzureRMLoadBalancerProbe_basic (119.63s)
=== RUN TestAccAzureRMLoadBalancerProbe_removal
--- PASS: TestAccAzureRMLoadBalancerProbe_removal (122.50s)
=== RUN TestAccAzureRMLoadBalancerProbe_update
--- PASS: TestAccAzureRMLoadBalancerProbe_update (129.98s)
=== RUN TestAccAzureRMLoadBalancerProbe_duplicate
--- PASS: TestAccAzureRMLoadBalancerProbe_duplicate (115.22s)
=== RUN TestAccAzureRMLoadBalancerProbe_updateProtocol
--- PASS: TestAccAzureRMLoadBalancerProbe_updateProtocol (127.25s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 614.657s
As brought up in #10174, our update_strategy property for instance group
managers in GCP would always be set to "RESTART" on read, even if the
user asked for them to be "NONE" in the config.
This adds a test to ensure that the user wishes were respected, which
fails until we check for update_strategy in the ResourceData before we
update it within the Read function. Because the update_strategy property
doesn't map to anything in the API, we never need to read it from
anywhere but the config, which means the ResourceData should be
considered authoritative by the time we get to the Read function.
The fix for this was provided by @JDiPierro in #10198 originally, but
was missing tests, so it got squashed into this.
* provider/aws: Save disabled ELB accesslogs to state
Save any explicitly disabled access_log to state. Do not save disabled
access_logs if they are not in the configuration.
* test that fails on master
Adds validation for the `type` parameter of an `aws_route53_record` resource.
This will allow Terraform to catch any user errors of a `type` parameter during a `terraform plan` instead of during a `terraform apply`.
Fixes: #11114
* provider/aws: New Resource - aws_codedeploy_deployment_config
* provider/aws: Adding acceptance tests for new
aws_codedeploy_deployment_config resource
* provider/aws: Documentation for the aws_codedeploy_deployment_config resource
* Update codedeploy_deployment_config.html.markdown
subnet_group
Fixes#11024
A change was introduced in 0.8.2 that allows db_instances to change
their db_subnet_group. Unfortunately, this caused an issue for
db_instances that were being restored from snapshot. The restore from
snapshot part of create calls the Update func whereas a normal create
calls the Read func
When calling the Update func, the db_instance was trying to go through a
db_subnet_group_name change and was failing for the following reason:
```
InvalidVPCNetworkStateFault: You cannot move DB instance _rds_instance_name_ to subnet group _subnet_group_name_. The specified DB subnet group and DB instance are in the same VPC. Choose a DB subnet group in different VPC than the specified DB instance and try again.
```
Adds region specific S3 bucket name validation. Currently all regions except for us-east-1 force a dns-compliant naming convention. Thus we cannot utilize the standard `SchemaValidateFunc` interface to validate an S3 bucket name.
This change creates a helper function outside of the schema validation interface so we can validate S3 bucket names for both naming conventions. At a later date, when the us-east-1 region is updated to conform to a dns-compliant naming scheme, we can refactor the `validateS3BucketName` function to fit the `SchemaValidateFunc` interface.
aws_api_gateway_integration_response
This continues the work carried out in #10696
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAPIGatewayIntegrationResponse_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 14:18:46 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSAPIGatewayIntegrationResponse_ -timeout 120m
=== RUN TestAccAWSAPIGatewayIntegrationResponse_basic
--- PASS: TestAccAWSAPIGatewayIntegrationResponse_basic (57.33s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws57.352s
```
* Importing the OpsGenie SDK
* Adding the goreq dependency
* Initial commit of the OpsGenie / User provider
* Refactoring to return a single client
* Adding an import test / fixing a copy/paste error
* Adding support for OpsGenie docs
* Scaffolding the user documentation for OpsGenie
* Adding a TODO
* Adding the User data source
* Documentation for OpsGenie
* Adding OpsGenie to the internal plugin list
* Adding support for Teams
* Documentation for OpsGenie Team's
* Validation for Teams
* Removing Description for now
* Optional fields for a User: Locale/Timezone
* Removing an implemented TODO
* Running makefmt
* Downloading about half the internet
Someone witty might simply sign this commit with "npm install"
* Adding validation to the user object
* Fixing the docs
* Adding a test creating multple users
* Prompting for the API Key if it's not specified
* Added a test for multiple users / requested changes
* Fixing the linting
Fixes:#10902
AWS introduced a change to the Mount Target DNS Name to remove the
availability_zone from it -
https://aws.amazon.com/about-aws/whats-new/2016/12/simplified-mounting-of-amazon-efs-file-systems/
This was because there used to be a limit of 1 mount target per AZ -
this has been raised.
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEFSMountTarget_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/04 10:45:35 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEFSMountTarget_ -timeout 120m
=== RUN TestAccAWSEFSMountTarget_importBasic
--- PASS: TestAccAWSEFSMountTarget_importBasic (236.19s)
=== RUN TestAccAWSEFSMountTarget_basic
--- PASS: TestAccAWSEFSMountTarget_basic (445.52s)
=== RUN TestAccAWSEFSMountTarget_disappears
--- PASS: TestAccAWSEFSMountTarget_disappears (228.31s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 910.044s
```
* vendor: update jen20/riviera to pull in endpoints change
* provider/auzrerm: support non public clouds
Ran tests below with ARM_ENVIRONMENT=german and changes the location to Germany
Central in the test config. The virtual network tests cover both Riviera (resource
groups) and the official SDK client.
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMVirtualNetwork_ -timeout 120m
=== RUN TestAccAzureRMVirtualNetwork_importBasic
--- PASS: TestAccAzureRMVirtualNetwork_importBasic (81.84s)
=== RUN TestAccAzureRMVirtualNetwork_basic
--- PASS: TestAccAzureRMVirtualNetwork_basic (78.14s)
=== RUN TestAccAzureRMVirtualNetwork_disappears
--- PASS: TestAccAzureRMVirtualNetwork_disappears (78.45s)
=== RUN TestAccAzureRMVirtualNetwork_withTags
--- PASS: TestAccAzureRMVirtualNetwork_withTags (81.78s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 320.310s
bool not string
Fixes: #11010
Adds a test to show cover the use-case that the OP suggested caused the
panic
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDataSourceIAMServerCertificate_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 22:39:21 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDataSourceIAMServerCertificate_ -timeout 120m
=== RUN TestAccAWSDataSourceIAMServerCertificate_basic
--- PASS: TestAccAWSDataSourceIAMServerCertificate_basic (19.48s)
=== RUN TestAccAWSDataSourceIAMServerCertificate_matchNamePrefix
--- PASS: TestAccAWSDataSourceIAMServerCertificate_matchNamePrefix (1.95s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 21.454s
```
* provider:aws: Add support for updating aws_emr_cluster parameters
Fixes#10962
We now support the update of `visibile_to_add_users` and
`termination_protected` parameters
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEMRCluster_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 18:45:20 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEMRCluster_ -timeout 120m
=== RUN TestAccAWSEMRCluster_basic
--- PASS: TestAccAWSEMRCluster_basic (551.98s)
=== RUN TestAccAWSEMRCluster_terminationProtected
--- PASS: TestAccAWSEMRCluster_terminationProtected (545.52s)
=== RUN TestAccAWSEMRCluster_visibleToAllUsers
--- PASS: TestAccAWSEMRCluster_visibleToAllUsers (552.09s)
=== RUN TestAccAWSEMRCluster_tags
--- PASS: TestAccAWSEMRCluster_tags (598.91s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 2248.537s
```
* Update resource_aws_emr_cluster_test.go
Fixes: #10958
This wasn't implemented the first time around for some reason
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEMRCluster_' 2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 15:40:09 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEMRCluster_ -timeout 120m
=== RUN TestAccAWSEMRCluster_basic
--- PASS: TestAccAWSEMRCluster_basic (529.36s)
=== RUN TestAccAWSEMRCluster_tags
--- PASS: TestAccAWSEMRCluster_tags (556.81s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 1086.197s
```
There is 1 breaking change. The OpsWorks Update API no longer supports
`tenancy` as an update. So that has to be marked as ForceNew: true
```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSOpsworksInstance'
% 2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/02 17:11:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSOpsworksInstance -timeout 120m
=== RUN TestAccAWSOpsworksInstance
--- PASS: TestAccAWSOpsworksInstance (99.89s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws99.911s
```
* Adding a missing property to the Consumer Groups doc
* Support for Event Hub Authorization Rules
* Documentation for Authorization Rules
* Missed a comment
* Fixing the `no authorisation rule` state
* Making the documentation around the Permissions more explicit / updating the import url
* Fixing up the tests
* Clearing up the docs
* Fixing the linting
* Moving the validation inside of the expand
* Fixing the indentation
* Adding the Container Registry SDK
* Implementing the container registry
* Enabling the provider / registering the Resource Provider
* Acceptance Tests
* Documentation for Container Registry
* Fixing the name validation
* Validation for the Container Registry Name
* Added Import support for Containr Registry
* Storage Account is no longer optional
* Updating the docs
* Forcing a re-run in Travis
The provider now consults the Providers API to detect which providers are already
registered and uses this call to test the credentials
A new option `skip_provider_registration` / `ARM_SKIP_PROVIDER_REGISTRATION` is
now available to opt out of provider registration entirely
Ensure that the `key_name` attribute is available to `aws_key_pair`
resource dependents, even when the attribute is not specifically
set (i.e., when `key_name_prefix` or automatic naming is performed).
Fixes#10983.
* Add 'aws_vpc_peering_connection' data source.
* Changes after code review.
* Add 'accepter' and 'requester' blocks to aws_vpc_peering_connection data source output attributes.
Computed
Fixes: #10887
In the Terraform documentation, we say the following:
```
metric_aggregation_type - (Optional) The aggregation type for the policy's metrics. Valid values are "Minimum", "Maximum", and "Average". Without a value, AWS will treat the aggregation type as "Average".
```
Therefore, because the parameter wasn't set as computed, we got a diff as follows:
```
~ aws_autoscaling_policy.scale
metric_aggregation_type: "Average" => ""
```
With the change in place, we get the correct behaviour
```
% terraform plan
[WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider.
If you did not expect to see this message you will need to remove the old plugin.
See https://www.terraform.io/docs/internals/internal-plugins.html
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but
will not be persisted to local or remote state storage.
aws_launch_configuration.launch: Refreshing state... (ID: config)
aws_autoscaling_group.asg: Refreshing state... (ID: asg)
aws_autoscaling_policy.scale: Refreshing state... (ID: scale)
No changes. Infrastructure is up-to-date. This means that Terraform
could not detect any differences between your configuration and
the real physical resources that exist. As a result, Terraform
doesn't need to do anything.
```
* Documentation
* Scaffolding Consumer Groups
* Linting
* Adding a missing </li>
* User MetaData needs to explicitly be optional
* Typo
* Fixing the test syntax
* Removing the eventHubPath field since it appears to be deprecated
* Added a Complete import test
* WIP
* Updating to use SDK 7.0.1
* Calling the correct method
* Removing eventhubPath and updating the docs
* Fixing a typo