Commit Graph

38 Commits

Author SHA1 Message Date
Sander van Harmelen 10c6c873ed provider/aws: add an option to skip getting the EC2 platforms (#13672)
* Add an option to skip getting the EC2 platforms

Even through this call fails silently in case of an error (usually lack of rights), it’s still a pretty extensive call.

In our region (eu-west-1) this can take up to 3 seconds. And since we have a system that involves doing much planning with the option `-refresh=false` these additional 3 seconds are really very annoying and totally not needed.

So being able to choose to skip them would make our lives a little better 😉

* Update the docs accordingly
2017-04-14 23:41:59 +02:00
Clint a3ae38d1bb docs: Update AWS Data Source docs to have HCL formatted examples (#13467)
* docs: update AWS examples. Disntinguish between alb and alb listener datasource

* more hcl highlighting

* more hcl

* fix missing end quote in docs

* docs: finish updates to AWS data source highlights

Also updates layout to distinguish some resources
2017-04-07 10:54:28 -05:00
Paul Stack 805612c38c provider/aws: Remove deprecated endpoints from Provider introduction (#13461)
Fixes: #13450
2017-04-07 17:02:39 +03:00
George Christou 61277c0dbd website/docs: Run `terraform fmt` on code examples (#12075)
* docs/vsphere: Fix code block

* docs: Convert `...` to `# ...` to allow `terraform fmt`ing

* docs: Trim trailing whitespace

* docs: First-pass run of `terraform fmt` on code examples
2017-02-19 00:48:50 +02:00
Paul Stack 4ebd207803 provider/aws: Add support for policy to AWS provider assume_role (#11501)
Fixes: #11461

This will allow the user to pass a policy to further restrict the use
of AssumeRole. It is important to note that it will NOT allow an
expansion of access rights
2017-01-29 20:32:24 +00:00
Radek Simko 6d8d596883
provider/aws: Allow bypassing region validation 2017-01-23 15:04:46 +00:00
James Turnbull 86b7333a1f Fixed some typos and formatting in AWS index docs (#10189)
* Fixed whitespace

* Fixed some typos and formatting in AWS index docs
2016-11-17 13:52:06 +02:00
Nick Santamaria 6edbe2faf3 Removed errant backtick in AWS provider documentation. (#9317) 2016-10-13 08:50:46 -07:00
Kerim Satirli 5aa1d3a4e5 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN 2016-09-14 11:18:47 +02:00
Kerim Satirli dfb85fb0d7 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN (#8816)
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: https://github.com/hashicorp/terraform/pull/1785)

Example ENV:

```
AWS_SECURITY_TOKEN="FQo...vgU="
AWS_ACCESS_KEY_ID="A...A"
AWS_SECRET_ACCESS_KEY="I...t"
AWS_DEFAULT_REGION="eu-west-1"
```
This errors with messages akin to "AWS was not able to validate the provided access credentials".

Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: d1ac7d3b2e/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go (L69), making this whole thing a documentation change.

Happy to provide test cases or additional insights though!
2016-09-13 13:04:46 -05:00
Radek Simko 43de2afde1
docs: Fix misspelled words 2016-09-12 07:08:00 +01:00
James Nugent e3ccb51168 provider/aws: Add assume_role block to provider
This replaces the previous `role_arn` with a block which looks like
this:

```
provider "aws" {
        // secret key, access key etc

	assume_role {
	        role_arn = "<Role ARN>"
		session_name = "<Session Name>"
		external_id = "<External ID>"
	}
}
```

We also modify the configuration structure and read the values from the
block if present into those values and adjust the call to AssumeRole to
include the SessionName and ExternalID based on the values set in the
configuration block.

Finally we clean up the tests and add in missing error checks, and clean
up the error handling logic in the Auth helper functions.
2016-09-03 12:54:30 -07:00
Ian Duffy 767914bbdc [GH-1275] Support for AWS access via IAMs AssumeRole functionality
This commit enables terraform to utilise the assume role functionality
of sts to execute commands with different privileges than the API
keys specified.

Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-09-02 10:22:57 -07:00
Renier Morales ef9f3a45b1 Add S3 endpoint override ability and expose S3 path style option (#7871)
* Overriding S3 endpoint - Enable specifying your own
  S3 api endpoint to override the default one, under
  endpoints.
* Force S3 path style - Expose this option from the aws-sdk-go
  configuration to the provider.
2016-08-12 17:52:12 +01:00
Radek Simko d1272808d8
aws/docs: Document new skip_* fields 2016-08-10 17:30:49 +01:00
Radek Simko d23fac3a28 aws: Update docs after #6385 (account ID via sts) 2016-05-05 17:51:44 +01:00
Colin Hebert f1f602cdf6 aws: Enable account ID check for assumed roles + EC2 instances 2016-04-27 12:56:03 +02:00
Hasan Türken 766dac4d79 update documentation 2016-02-12 09:56:48 -06:00
Hasan Türken e41266e971 Move endpoint options into endpoints block 2016-02-12 09:38:21 -06:00
Hasan Türken 231604e8b7 support custom endpoints for AWS EC2 ELB and IAM 2016-02-12 09:35:50 -06:00
Rich Burroughs cb537e9d7d fixed typo in AWS docs, export was misspelled 2016-02-04 15:43:42 -08:00
clint shryock 70fae670b7 Update auth page for AWS 2016-01-29 09:09:24 -06:00
clint shryock 45c9a10d0f provider/aws: Provide a better message if no AWS creds are found 2016-01-27 16:30:03 -06:00
James Nugent ace215481a provider/aws: Add profile to provider config
This allows specification of the profile for the shared credentials
provider for AWS to be specified in Terraform configuration. This is
useful if defining providers with aliases, or if you don't want to set
environment variables. Example:

$ aws configure --profile this_is_dog
... enter keys

$ cat main.tf
provider "aws" {
    profile = "this_is_dog"

    # Optionally also specify the path to the credentials file
    shared_credentials_file = "/tmp/credentials"
}

This is equivalent to specifying AWS_PROFILE or
AWS_SHARED_CREDENTIALS_FILE in the environment.
2016-01-14 15:39:35 +00:00
mcinteer 64d982ac9e Change the docs as the token can be explicitly set
This tripped me up today when I was trying to connect using MFA. I had a look at the source and found the token property, tested it out and low and behold it worked! 

Hopefully this saves someone else going through the same pain
2015-11-10 11:27:45 +13:00
Garrett Heel 9c2725e0a5 provider/aws: allow local kinesis 2015-10-13 14:29:50 -07:00
Pavel Vaněček d649af8813 Update AWS provider documentation
Changed `AWS_SECURITY_TOKEN` to `AWS_SESSION_TOKEN`
2015-08-05 14:40:26 +02:00
Pablo Cantero 2f6d20837f dynamodb-local Update aws provider docs to include the `dynamodb_endpoint` argument 2015-07-29 13:33:51 -03:00
Koen De Causmaecker 398c22adcd aws: make MaxRetries for API calls configurable
- Make it configurable in the AWS provider by add an option
  'max_retries'.
- Set the default from 3 to 11 retries.
2015-05-03 15:35:51 +02:00
Mitchell Hashimoto 5dcf639fc8 website: remove forbidden account IDs from aws docs 2015-04-22 08:09:04 +02:00
Radek Simko 150fd00932 AWS account ID protection added 2015-04-20 12:07:39 +01:00
Mitchell Hashimoto 16cafe9d46 website; clarify where the args go for AWS [GH-853] 2015-03-03 17:35:54 -08:00
Mitchell Hashimoto 9efd20cd7c website: document MFA token for AWS [GH-390] 2015-03-03 17:31:45 -08:00
Seth Vargo 5713b7abcc Remove extra newline 2015-01-22 16:09:26 -05:00
Seth Vargo 038d241043 Update the documentation to read the new AWS environment variables 2015-01-22 16:09:25 -05:00
Seth Vargo 073a0f76c5 Add meta descriptions to all pages 2014-10-21 23:21:56 -04:00
Armon Dadgar ae1fc27cc0 website: AWS Provider 2014-07-23 15:14:35 -04:00
Armon Dadgar f934a1004d website: Starting to add providers 2014-07-23 14:50:44 -04:00