Commit Graph

14524 Commits

Author SHA1 Message Date
Richard Henning 2a5e1d400d provider/aws: Remove IAM user's MFA devices with `force_destroy` #5908 (#10262)
When `force_destroy` was specifed on an `aws_iam_user` resource, only IAM
access keys and the login profile were destroyed. If a multi-factor auth
device had been activated for that user, deletion would fail as follows:

```
* aws_iam_user.testuser1: Error deleting IAM User testuser1: DeleteConflict: Cannot delete entity, must delete MFA device first.
    status code: 409, request id: aa41b1b7-ac4d-11e6-bb3f-3b4c7a310c65
```

This commit iterates over any of the user's MFA devices and deactivates
them before deleting the user. It follows a pattern similar to that used
to remove users' IAM access keys before deletion.

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUser_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/20 17:09:00 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUser_ -timeout 120m
=== RUN   TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (5.70s)
=== RUN   TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (11.12s)
PASS
ok  	github.com/rhenning/terraform/builtin/providers/aws	20.840s
```
2016-11-21 10:17:27 +02:00
Mitchell Hashimoto e7d59ab245
terraform: test for interpolation escapes 2016-11-20 21:14:16 -08:00
James Nugent 943b41b90f Merge pull request #10258 from jagregory/patch-1
Use RDS::CreateDBInstance docs for more info on parameter values
2016-11-21 02:19:05 +02:00
James Gregory ea658635fe Point to CreateDBInstance docs for more info
The docs for the CreateDBInstance API call include quite a bit more information about each individual option, (for example `Engine` has each of the possible options listed, whilst the cli reference doesn't).
2016-11-21 10:01:17 +11:00
Kit Ewbank fd8d41f6a5 Add note to aws_security_group data source describing the default security group for a VPC. (#10247)
Add a corresponding acceptance test.
2016-11-20 16:28:11 +02:00
Paul Stack 44885f45d3 Update CHANGELOG.md 2016-11-20 16:23:21 +02:00
Kit Ewbank 3255921b6e aws_prefix_list data source - Add ability to select PL by name. (#10248) 2016-11-20 16:21:55 +02:00
Ryan Eschinger 7619d66002 fix aws_availability_zone data source doc example (#10249)
existing example returns an error like the following should you try to
run `terraform plan` against it:

Error reading config for aws_subnet[example]: data.aws_availability_zone.name_suffix: data variables must be four parts: data.TYPE.NAME.ATTR in:

${cidrsubnet(aws_vpc.example.cidr_block, 4, var.az_number[data.aws_availability_zone.name_suffix])}
2016-11-20 16:10:59 +02:00
Mitchell Hashimoto 58013b5a2e Update CHANGELOG.md 2016-11-19 22:18:41 -08:00
Mitchell Hashimoto 656b75711c Merge pull request #10251 from hashicorp/update-hil
vendir: update HIL
2016-11-19 22:17:51 -08:00
Mitchell Hashimoto 784bc25847
vendir: update HIL
Fixes #10236
2016-11-19 22:15:50 -08:00
Mitchell Hashimoto 4406e27eaa
providers/nomad: use DefaultConfig to intialize all fields 2016-11-19 10:20:54 -08:00
Mitchell Hashimoto 283d49f12f Update CHANGELOG.md 2016-11-18 21:34:58 -08:00
Mitchell Hashimoto 178355fc43 Merge pull request #10235 from hashicorp/b-update-nomad
vendor: update to Nomad 0.5
2016-11-18 21:33:52 -08:00
Mitchell Hashimoto f0be9675b5
vendor: update to Nomad 0.5 2016-11-18 21:18:49 -08:00
Evan Brown d357e75201 Merge pull request #10117 from cblecker/f-gke-node-scopes
provider/google: Add support for scope aliases to google_container_cluster
2016-11-18 20:19:26 -08:00
Paul Stack ec4c00ff92 Update CHANGELOG.md 2016-11-18 19:10:27 +02:00
Martin Atkins 399542a168 core: allow outputs to have descriptions (#9722)
We allow variables to have descriptions specified, as additional context
for a module user as to what should be provided for a given variable.

We previously lacked a similar mechanism for outputs. Since they too are
part of a module's public interface, it makes sense to be able to add
descriptions for these for symmetry's sake.

This change makes a "description" attribute valid within an "output"
configuration block and stores it within the configuration data structure,
but doesn't yet do anything further with it. For now this is useful only
for third-party tools that might parse a module's config to generate
user documentation; later we could expose the descriptions as part of
the "apply" output, but that is left for a separate change.
2016-11-18 19:09:43 +02:00
Paul Stack 44cc380bd7 Update CHANGELOG.md 2016-11-18 17:26:53 +02:00
Peter McAtominey 507efcb180 state/azure: support passing of lease ID when writing storage blob (#10115)
Also fixed tests failing auth caused by getStorageAccountAccessKey returning the
key name rather than the value

TF_ACC= go test ./state/remote -v -run=TestAz -timeout=10m -parallel=4
=== RUN   TestAzureClient_impl
--- PASS: TestAzureClient_impl (0.00s)
=== RUN   TestAzureClient
2016/11/18 13:57:34 [DEBUG] New state was assigned lineage "96037426-f95e-45c3-9183-6c39b49f590b"
2016/11/18 13:57:34 [TRACE] Preserving existing state lineage "96037426-f95e-45c3-9183-6c39b49f590b"
--- PASS: TestAzureClient (130.60s)
=== RUN   TestAzureClientEmptyLease
2016/11/18 13:59:44 [DEBUG] New state was assigned lineage "d9997445-1ebf-4b2c-b4df-15ae152f6417"
2016/11/18 13:59:44 [TRACE] Preserving existing state lineage "d9997445-1ebf-4b2c-b4df-15ae152f6417"
--- PASS: TestAzureClientEmptyLease (128.15s)
=== RUN   TestAzureClientLease
2016/11/18 14:01:55 [DEBUG] New state was assigned lineage "85912a12-2e0e-464c-9886-8add39ea3a87"
2016/11/18 14:01:55 [TRACE] Preserving existing state lineage "85912a12-2e0e-464c-9886-8add39ea3a87"
--- PASS: TestAzureClientLease (138.09s)
PASS
ok  	github.com/hashicorp/terraform/state/remote	397.111s
2016-11-18 17:26:25 +02:00
Kit Ewbank 9aba1b4238 Better explanation of the description attribute (#10221) 2016-11-18 17:20:45 +02:00
Clint 10632ad6cf Merge pull request #10219 from ewbankkit/patch-1
Correct the name of the notes section mentioned
2016-11-18 09:10:58 -06:00
Kit Ewbank 2b39f5afdd Correct the name of the notes section mentioned 2016-11-18 09:55:37 -05:00
Ben Abrams 6dd2fb947c closes #5880 (#9970)
Adding doc how to setup azure auth with cli
2016-11-18 14:30:54 +02:00
Paul Stack dc0cb70e95 provider/github: Creating a github repository before adding a label (#10213) 2016-11-18 13:38:46 +02:00
Paul Stack fc3d0f7216 Update CHANGELOG.md 2016-11-18 13:36:44 +02:00
Ian L f584d53ba9 provider/github: add GitHub labels resource (#10142)
* provider/github: add GitHub labels resource

Provides a GitHub issue label resource.

This resource allows easy management of issue labels for an
organisation's repositories. A name, and a color can be set.
These attributes can be updated without creating a new resource.

* provider/github: add documentation for GitHub issue labels resource
2016-11-18 13:24:37 +02:00
Paul Stack d80a7a0cb0 Update CHANGELOG.md 2016-11-18 13:07:57 +02:00
Paul Stack 0d98d581a6 Update CHANGELOG.md 2016-11-18 13:02:54 +02:00
Chris Marchesi 3ac05a539b provider/aws: Add aws_alb_listener data source (#10181)
* provider/aws: Add aws_alb_listener data source

This adds the aws_alb_listener data source to get information on an AWS
Application Load Balancer listener.

The schema is slightly modified (only option-wise, attributes are the
same) and we use the aws_alb_listener resource read function to get the
data.

Note that the HTTPS test here may fail due until
hashicorp/terraform#10180 is merged.

* provider/aws: Add aws_alb_listener data source docs

Now documented.
2016-11-18 13:01:21 +02:00
Paul Stack 80e033eb16 provider/chef: Updating the provider_test comments to remove a company name (#10197) 2016-11-18 10:53:21 +02:00
Sander van Harmelen fbf27714e3 Remove the need for specifying a network ID (#10204)
When using the static NAT resource, you no longer have to specify a `network_id`. This can be inferred from the choosen `virtual_machine_id` and/or the `vm_guest_ip`.
2016-11-18 08:20:31 +01:00
Evan Brown 3920460220 Merge pull request #10081 from aditya87/google_compute_image_timeout
Added create timeout for compute images and instances
2016-11-17 12:56:02 -08:00
Paddy 657e482145 Update CHANGELOG.md 2016-11-17 11:05:11 -08:00
Paddy 642dd87f34 Merge pull request #9946 from evandbrown/google-service-account-resource
providers/google: Create and delete Service Accounts
2016-11-17 11:03:21 -08:00
Mitchell Hashimoto 3be4f7a2b8
update CHANGELOG 2016-11-17 10:13:35 -08:00
Mitchell Hashimoto 0ea11ad691 Merge pull request #10201 from hashicorp/b-plugin-vesrion
plugin: bump protocol version
2016-11-17 10:11:42 -08:00
Mitchell Hashimoto b3124e16ca
plugin: bump protocol version
This is necessary since the TypeUnknown HIL handling in helper/schema
makes providers compiled WITHOUT TypeUnknown incompatible with the way
core handles unknown values.
2016-11-17 10:06:29 -08:00
Evan Brown a32fe2d47f Resolve review feedback 2016-11-17 09:49:22 -08:00
Patrick Decat d4b4ecc0a9 Fix typo: retry_duraction => retry_duration (#10191) 2016-11-17 16:05:56 +02:00
Paul Stack 757f45014b Update CHANGELOG.md 2016-11-17 15:09:10 +02:00
Raphael Randschau a422bf02f1 provider/scaleway: improve volume attachment (#10084)
* provider/scaleway: increase wait for server time

according to the scaleway community, shutdown/ startup might actually take an
hour. since a regular shutdown transfers data this is bound by the size of the
actual volumes in use.

https://community.online.net/t/solving-the-long-shutdown-boot-when-only-needed-to-attach-detach-a-volume/326

anyhow, 20 minutes seems quite optimistic, and we've seen some timeout errors in
the logs, too

* provider/scaleway: clear cache on volume attachment

the volume attachment errors quite often, and while I have no hard evidence
(yet) I guess it might be related to the cache that the official scaleway SDK
includes.

for now this is just a tiny experiment, clearing the cache when creating/
destroying volume attachments. let's see if this improves anything, really

* provider/scaleway: guard against attaching already attached volumes

* provider/scaleway: use cheaper instance types for tests

Scaleway bills by the hour and C2S costs much more than C1, since in the tests
we just spin up instances, to destroy them later on...
2016-11-17 15:08:05 +02:00
Paul Stack d190eef063 Update CHANGELOG.md 2016-11-17 14:50:17 +02:00
Chris Marchesi 99528f17cd provider/aws: Add CertificateNotFound retry waiter to aws_alb_listener (#10180)
Looks like sometimes it takes some time for IAM certificates to
propagate, which can cause errors on ALB listener creation.
Possibly same thing as hashicorp/terraform#5178, but for ALB
now instead of ELB.

This was discovered via acceptance tests, specifically the
TestAccAWSALBListener_https test. Updated the creation process to wait
on CertificateNotFound for a max of 5min.
2016-11-17 14:49:41 +02:00
Paul Stack 3782fefd3e Update CHANGELOG.md 2016-11-17 14:04:03 +02:00
Andrew Garrett 3822c69995 Add name_prefix to aws_iam_policy (#10178)
This is intended to behave the same way as name_prefix does in
aws_iam_role.

Fixes #10176
2016-11-17 14:03:03 +02:00
James Turnbull 86b7333a1f Fixed some typos and formatting in AWS index docs (#10189)
* Fixed whitespace

* Fixed some typos and formatting in AWS index docs
2016-11-17 13:52:06 +02:00
Paul Stack 3774b162f2 Merge pull request #10190 from jamtur01/console
Minor fixes to the console docs
2016-11-17 13:45:10 +02:00
James Turnbull f7e23360bd Fixed formatting 2016-11-17 05:33:02 -05:00
James Turnbull e34be68633 Added exit command mention 2016-11-17 04:23:50 -05:00