Commit Graph

1645 Commits

Author SHA1 Message Date
Justin Campbell 89f0def721 providers/aws: Normalize S3 bucket policy
AWS always returns a compressed JSON body, without spaces or newlines, so we round-trip the JSON before storing in the state.
2015-05-18 13:10:44 -04:00
Justin Campbell 4b17554993 providers/aws: test S3 policy unmarshaled JSON 2015-05-18 13:10:44 -04:00
Justin Campbell 9c764a3253 providers/aws: Add support for policy on S3 bucket 2015-05-18 13:10:44 -04:00
Clint 9f52192a79 Merge pull request #1939 from johnewart/sqs
Initial SQS support
2015-05-15 15:44:52 -05:00
John Ewart d538194f59 Added docs, tests, and updated SQS code 2015-05-15 13:09:20 -07:00
Clint Shryock af09f257c8 fix regression in networkacl with conflicts with 2015-05-15 14:38:06 -05:00
Paul Hinze e1ea427649 provider/aws: support ec2 termination protection
closes #1233
2015-05-15 15:20:58 -04:00
John Ewart 8dd479dbe0 Initial SQS support 2015-05-15 11:37:07 -07:00
Clint Shryock 0021906bda fix minor regression with subnet_id 2015-05-15 10:58:59 -05:00
Clint Shryock 5113761f41 Merge branch 'f-aws-network-subnet-ids'
* f-aws-network-subnet-ids:
  document Network ACL Subnet IDs attribute
  provider/aws: Add tests for Network ACL subnets
  upgrade to use typeset for subnet_ids
  network acl cleanups
  provider/aws: Support multiple subnets in Network ACL
2015-05-15 09:58:57 -05:00
Justin Campbell e68dd5a8bf Merge pull request #1909 from justincampbell/s3-redirect
providers/aws: Add support for S3 website redirect
2015-05-15 09:32:39 -04:00
Clint Shryock d9521efbf6 provider/aws: Add tests for Network ACL subnets 2015-05-14 20:57:07 -05:00
Clint Shryock 468de49265 upgrade to use typeset for subnet_ids 2015-05-14 17:09:50 -05:00
John Engelman bd6ff34aa2 Retrieve nameservers for private hosted zone. 2015-05-14 16:04:37 -05:00
John Engelman a6fdb04829 Only d.Set("vpc_region") when creating a private zone. 2015-05-14 16:04:37 -05:00
John Engelman 3275ab0ba1 update acceptance test function names 2015-05-14 16:04:37 -05:00
John Engelman b784908491 Add documentation and changelog for route53_zone_association 2015-05-14 16:04:36 -05:00
John Engelman 766aead4a5 Add tests for cross region VPC associations. 2015-05-14 16:03:51 -05:00
John Engelman 3507c0618b cleanup of zone_association resource 2015-05-14 16:03:51 -05:00
Panagiotis Moustafellos 9da89974fc fix vpc_region param check 2015-05-14 16:03:51 -05:00
Panagiotis Moustafellos d02e247fc7 renamed region to vpc_region for clarity and made optional, updated tests 2015-05-14 16:03:51 -05:00
Panagiotis Moustafellos 450c42f166 keep clean changeinfo as res id 2015-05-14 16:03:51 -05:00
Panagiotis Moustafellos 9c8748d2dc providers/aws: resource aws_route53_zone_association 2015-05-14 16:03:51 -05:00
John Engelman 052ff83670 Handle public zones correctly. Check for associate when reading. 2015-05-14 16:03:51 -05:00
John Engelman 8e62a14f29 verify VPC association on private zone 2015-05-14 16:03:50 -05:00
John Engelman a51bc6007d DelegationSet is not support in private zones. 2015-05-14 16:03:50 -05:00
John Engelman bf97d6a80f AWS/Route53Zone - create private hosted zone associated with VPC. 2015-05-14 16:03:50 -05:00
Paul Hinze e47987651e Merge pull request #1970 from hashicorp/f-asg-wait-for-elb-inservice
provider/aws: ASGs can wait for ELB InService
2015-05-14 15:09:45 -05:00
Paul Hinze b56a42627f provider/aws: ASGs can wait for ELB InService
This enhances the waiting strategy introduced in #1839 to wait for each
ASG instance to become InService in attached ELBs before continuing.
2015-05-14 15:03:53 -05:00
Clint 0b548a4a99 Merge pull request #1965 from hashicorp/f-export-cache-cluster-endpoints
provider/aws: export elasticache nodes
2015-05-14 14:05:33 -05:00
Clint Shryock d81e63cc3c provider/aws: ElastiCache test updates
- rename test to have _basic suffix, so we can run it individually
- use us-east-1 for basic test, since that's probably the only region that has
  Classic
- update the indexing of nodes; cache nodes are 4 digits
2015-05-14 13:57:01 -05:00
Clint Shryock 10fc184c97 add tags helper library for ElastiCache 2015-05-14 12:32:40 -05:00
Mitchell Hashimoto 32f6eb77f3 Merge pull request #1960 from hashicorp/b-lc-ami
provider/aws: bad AMI won't block LC refresh [GH-1901]
2015-05-14 09:58:58 -07:00
Clint Shryock 2809280e98 cleanup 2015-05-14 11:51:08 -05:00
Clint Shryock d8f3783d09 provider/aws: Add tag support to ElastiCache 2015-05-14 11:44:24 -05:00
Clint Shryock aad0808cc5 make parameter group optional 2015-05-14 11:12:07 -05:00
Clint Shryock a552db0c8c provider/aws: ElastiCache enhancements
- request cache node info
- read after create, to populate nodes
2015-05-14 11:10:21 -05:00
Paul Hinze 7d9ee79660 provider/aws: add license_model to db_instance 2015-05-14 09:57:51 -05:00
Paul Hinze 6f3ce6bf3c WIP export cache nodes
Needs to wait for len(cluster.CacheNodes) == cluster.NumCacheNodes, since
apparently that takes a bit of time and the initial response always has
an empty collection of nodes
2015-05-14 09:16:39 -05:00
Mitchell Hashimoto e7c6cb22c5 provider/aws: bad AMI won't block LC refresh [GH-1901] 2015-05-13 20:28:36 -07:00
Joe Topjian 4daaacd292 Minor volume fixes
This commit follows suit of #1897 by fixing volume-related
parameters which allow the volume attach acceptance test
to work. It also re-enables the volume attach test.
2015-05-14 02:59:21 +00:00
Clint Shryock 898fa91595 network acl cleanups 2015-05-12 22:23:55 -05:00
Clint Shryock f7b6b6b2b5 Strip 'sdk' suffix from methods; it's a remnant 2015-05-12 14:58:10 -05:00
Dave Cunningham 372908cc6f Merge pull request #980 from BashtonLtd/gce_instance_template_network_update
Update Instance Template network definition to match changes to Instance.
2015-05-12 15:46:04 -04:00
Clint Shryock 0dda704cbf provider/aws: Support multiple subnets in Network ACL 2015-05-12 13:50:28 -05:00
Dave Cunningham e27393af41 Merge pull request #1894 from dcarley/gce_health_check_defaults
provider/gce: Fix updates for http_health_check (set defaults)
2015-05-12 12:29:40 -04:00
Justin Campbell b8cd6b2bae providers/aws: Add support for S3 website redirect 2015-05-12 11:24:08 -04:00
Radek Simko 931d05198c Merge pull request #1886 from TimeIncOSS/subnet-timeout-fix
Increase subnet & security group deletion timeout (2 -> 5 mins)
2015-05-12 07:02:28 +01:00
Dave Cunningham 5f15a9d26a Allow local SSDs, Fix #1088 2015-05-11 21:40:37 -04:00
Mitchell Hashimoto e1627883b2 Merge pull request #1907 from PeopleNet/rds-update
provider/aws: Closes #1906. Only submit modification requests if there is a change
2015-05-11 16:38:02 -07:00
Mitchell Hashimoto c9b483d92a Merge pull request #1910 from PeopleNet/rds-tags
Closes #1908. Parse AccountId from User ARN for RDS tags
2015-05-11 16:37:10 -07:00
Mitchell Hashimoto cc28d04777 Merge pull request #1911 from hashicorp/b-template-diffs
provider/template: don't diff when there's no diff
2015-05-11 16:34:09 -07:00
John Engelman 1798df8e03 Closes #1906. Only submit modification requests if there is a change 2015-05-11 11:49:43 -05:00
Paul Hinze a96a3372c6 provider/template: don't diff when there's no diff
This reworks the template lifecycle a bit such that we get nicer diff
behavior.

First, we tick ForceNew on for both filename and vars, so that the diff
indicates that the template will be "replaced" on change. This is mostly
cosmetic, but it also tracks conceptually with the fact that the
identifier we use is a hash of the contents, so any change essentially
makes a "new resource".

Second, we change the Exists implementation to only return `false` when
there has been a change in the rendered template. This lets descendent
resources see the computed value changing so that they'll properly
trigger in the plan.

Fixes #1898
Refs #1866 (but does not fix, there's another deeper issue there)
2015-05-11 10:38:19 -05:00
Paul Hinze 2783521960 Merge pull request #1897 from jtopjian/openstack-acctest-fixes
provider/openstack: Acceptance Test Fixes
2015-05-11 10:35:24 -05:00
John Engelman 04214c8c1a Closes #1908. Parse AccountId from User ARN for RDS tags 2015-05-11 10:32:06 -05:00
Joe Topjian 9c27194ee1 gofmt fixes 2015-05-11 00:58:16 +00:00
Dan Carley 579c37cd74 provider/gce: Set defaults for http_health_check
In order to fix the failing test in the preceding commit when optional
params are changed from their default "computed" values.

These weren't working well with `HttpHealthCheck.Patch()` because it was
attempting to set all unspecified params to Go's type defaults (eg. 0 for
int64) which the API rejected.

Changing the call to `HttpHealthCheck.Update()` seemed to fix this but it
still didn't allow you to reset a param back to it's default by no longer
specifying it.

Settings defaults like this, which match the Terraform docs, seems like the
best all round solution. Includes two additional tests for the acceptance
tests which verify the params are really getting set correctly.
2015-05-10 21:20:40 +01:00
Dan Carley 13e9e6f51d provider/gce: Test updates to http_health_check
By first creating a very simple resource that mostly uses the default
values and then changing the two thresholds from their computed defaults.

This currently fails with the following error and will be fixed in a
subsequent commit:

    --- FAIL: TestAccComputeHttpHealthCheck_update (5.58s)
            testing.go:131: Step 1 error: Error applying: 1 error(s) occurred:

                    * 1 error(s) occurred:

                    * 1 error(s) occurred:

                    * Error patching HttpHealthCheck: googleapi: Error 400: Invalid value for field 'resource.port': '0'.  Must be greater than or equal to 1
                    More details:
                    Reason: invalid, Message: Invalid value for field 'resource.port': '0'.  Must be greater than or equal to 1
                    Reason: invalid, Message: Invalid value for field 'resource.checkIntervalSec': '0'.  Must be greater than or equal to 1
                    Reason: invalid, Message: Invalid value for field 'resource.timeoutSec': '0'.  Must be greater than or equal to 1
2015-05-10 21:20:32 +01:00
Dan Carley 88f4df28ac provider/gce: Fix whitespace in test fixture
Mixture of hard and soft tabs, which isn't picked up by `go fmt` because
it's inside a string. Standardise on hard-tabs since that is what's used
in the rest of the code.
2015-05-10 21:06:33 +01:00
Joe Topjian fe668a1ac7 Fixing TestAccFWPolicyV1 2015-05-10 04:39:00 +00:00
Joe Topjian a6b9a63231 Fixing TestAccFWFirewallV1 2015-05-10 04:38:36 +00:00
Joe Topjian 4811112a6a Fixing TestAccNetworkingV2Subnet_basic 2015-05-10 04:38:06 +00:00
Joe Topjian feb5a3c6bb Fixing TestAccNetworkingV2RouterInterface_basic 2015-05-09 23:04:45 +00:00
Joe Topjian 1e7a227ea6 Fixing TestAccNetworkingV2FloatingIP_basic 2015-05-09 22:58:25 +00:00
Joe Topjian 5535a9ba32 Fixing TestAccLBV1Pool_basic 2015-05-09 22:43:40 +00:00
Joe Topjian de74f3e586 Fixing TestAccLBV1Monitor_basic 2015-05-09 22:26:23 +00:00
Radek Simko 754bcd8307 Increase subnet & security group deletion timeout (2 -> 5 mins)
- this should prevent DependencyViolation errors while waiting for larger ASGs to shut down
2015-05-09 22:18:04 +01:00
Joe Topjian 2d512343a0 Fixing TestAccBlockStorageV1Volume_basic 2015-05-09 20:31:34 +00:00
Joe Topjian 04d694fe53 Disabling volume attach test for now 2015-05-09 17:07:50 +00:00
Clint Shryock eaf96d9d6f provider/aws: Document AWS ElastiCache cluster
- ElastiCache subnet group name is computed
2015-05-08 14:33:41 -05:00
Radek Simko ce8351ddef provider/aws: Add FQDN as output to route53_record 2015-05-08 20:19:40 +01:00
Justin Campbell 870b48b1c0 Merge pull request #1865 from justincampbell/s3-region-zone
providers/aws: Add hosted_zone_id and region to attributes
2015-05-08 14:49:12 -04:00
Paul Hinze a28267b886 provider/aws: SG description should be ForceNew
Description cannot be handled in Update (there is no ModifySecurityGroup
API call), so we have to recreate to change the description.

Closes #1870
2015-05-08 12:16:54 -05:00
Justin Campbell 73651e2c70 providers/aws: Extract normalizeRegion 2015-05-08 10:49:21 -04:00
Justin Campbell 445f92e48a providers/aws: Move HostedZoneIDForRegion into TF 2015-05-08 10:49:20 -04:00
Justin Campbell 64d2b495c3 providers/aws: Add region to S3 attrs 2015-05-08 10:02:16 -04:00
Justin Campbell 839688d477 providers/aws: Add hosted_zone_id to S3 attrs 2015-05-08 10:02:16 -04:00
Justin Campbell d7c9d8702c providers/aws: Extract website endpoint logic 2015-05-08 10:02:16 -04:00
Felix Rodriguez 60c3ca0430 typo 2015-05-07 23:21:47 +01:00
Clint Shryock 44461f49fd update structure test 2015-05-07 17:18:47 -05:00
Clint Shryock 70984526a4 Merge remote-tracking branch 'ctiwald/ct/fix-protocol-problem'
* ctiwald/ct/fix-protocol-problem:
  aws: Document the odd protocol = "-1" behavior in security groups.
  aws: Fixup structure_test to handle new expandIPPerms behavior.
  aws: Add security group acceptance tests for protocol -1 fixes.
  aws: error on expndIPPerms(...) if our ports and protocol conflict.
2015-05-07 17:13:21 -05:00
Clint 4874179e9a Merge pull request #1843 from ctiwald/ct/fix-network-acls
Fix a number of issues in AWS network ACLs
2015-05-07 16:39:10 -05:00
Mitchell Hashimoto ddad945717 provider/terraform: test fixture 2015-05-07 09:59:23 -07:00
Paul Hinze 1594cb3dbe provider/aws: remove names from LCs in ASG tests
Makes the tests a little more durable if your account happens to end up
with a dangling LC.
2015-05-07 10:14:49 -05:00
Clint Shryock 20ebb38b8f update s3bucket website tests 2015-05-07 10:13:08 -05:00
Clint ef62385a95 Merge pull request #1849 from hashicorp/f-aws-update-s3-website-tests
update tests so go vet is happy
2015-05-07 10:06:43 -05:00
Clint Shryock fed42fe1b3 update tests so go vet is happy 2015-05-07 10:03:28 -05:00
Paul Hinze 44e448b8c9 provider/docker: update image sha
Should eventually see if there's a way to rework this so it's less
brittle. But for now, we band-aid!
2015-05-07 09:50:16 -05:00
Paul Hinze 28875f49cd provider/heroku: fix config_vars in addons
These were never read properly - on Addons they show up as just a list
of var names, not a Map.

Fixes one issue in Addon acceptance tests.
2015-05-07 09:11:31 -05:00
Paul Hinze e7b101dba4 provider/aws: elasticache_cluster engine_version is computed
fixes the TestAccAWSElasticacheCluster test
2015-05-07 08:47:52 -05:00
Christopher Tiwald 9e8aefcd40 aws: Fix network ACL acceptance tests and add -1 protocol rule. 2015-05-06 23:54:14 -04:00
Christopher Tiwald 5b0d61727e aws: Only store protocol numbers for ingress/egress rules on ACLs.
Users can input a limited number of protocol names (e.g. "tcp") as
inputs to network ACL rules, but the API only supports valid protocol
number:

http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml

Preserve the convenience of protocol names and simultaneously support
numbers by only writing numbers to the state file. Also use numbers
when hashing the rules, to keep everything consistent.
2015-05-06 23:54:12 -04:00
Christopher Tiwald 8056b5f8f7 aws: Force users to use valid network masks on ACL ingress/egress
AWS will accept any overly-specific IP/mask combination, such as
10.1.2.2/24, but will store it by its implied network: 10.1.2.0/24.
This results in hashing errors, because the remote API will return
hashing results out of sync with the local configuration file.

Enforce a stricter API rule than AWS. Force users to use valid masks,
and run a quick calculation on their input to discover their intent.
2015-05-06 23:53:34 -04:00
Christopher Tiwald b888b31e08 aws: Force users to use from_port, to_port = 0 on network ACLs with -1 protocol
AWS doesn't store ports for -1 protocol rules, thus the read from the
API will always come up with a different hash. Force the user to make a
deliberate port choice when enabling -1 protocol rules. All from_port
and to_port's on these rules must be 0.
2015-05-06 23:51:23 -04:00
Christopher Tiwald d14049c8ad aws: Don't try to modify or delete the untouchable network_acl rules.
AWS includes default rules with all network ACL resources which cannot
be modified by the user. Don't attempt to store them locally or change
them remotely if they are already stored -- it'll consistently result
in hashing problems.
2015-05-06 23:03:25 -04:00
Christopher Tiwald 03ee059da3 aws: Write ingress/egress rules into a map so they can be set.
resourceAwsNetworkAclRead swallowed these errors resulting in rules
that never properly updated. Implement an entry-to-maplist function
that'll allow us to write something that Set knows how to read.
2015-05-06 23:03:24 -04:00
Paul Hinze a9678bd252 Merge pull request #1840 from hashicorp/f-aws-asg-handle-scaling-activity-in-progress-errors
provider/aws: handle in progress errs from ASG deletes
2015-05-06 19:39:23 -05:00
Paul Hinze 90907c8be5 Merge pull request #1738 from justincampbell/s3-website
providers/aws: S3 bucket website support
2015-05-06 19:37:29 -05:00
Paul Hinze 9a286402c3 Merge pull request #1838 from josharian/consul-scheme
providers/consul: add scheme argument
2015-05-06 19:09:11 -05:00