Commit Graph

13187 Commits

Author SHA1 Message Date
Martin Atkins 804d714ff6 Restore tls_cert_request to being a managed resource
In c244e5a6 this resource was converted to a data source, but that was
a mistake since data sources are expected to produce stable results on
each run, and yet certificate requests contain a random nonce as part of
the signature.

Additionally, using the data source as a managed resource through the
provided compatibility shim was not actually working, since "Read" was
trying to parse the private key out of a SHA1 hash of the key, which is
what we place in state due to the StateFunc on that attribute.

By restoring this we restore Terraform's ability to produce all of the
parts of a basic PKI/CA, which is useful for creating dev environments
and bootstrapping PKI for production environments.
2016-09-24 12:22:07 -07:00
Martin Atkins 7d2b51e6c5 Merge #9033: Fix crash in aws_ami data source with name_regex 2016-09-24 08:27:57 -07:00
Krzysztof Wilczynski 5af8c8080a
Fix. Handle missing AMI name when matching against image name.
This commit fixes the issues where in a very rare cases the Amazon Machine
Image (AMI) would not have an image name set causing regular expression match
to fail with a nil pointer dereference. Also, the logic of if-else statements
was simplified (reduced branching since return is used a lot).

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-09-24 14:34:00 +01:00
Paul Stack 3a3a424479 Update CHANGELOG.md 2016-09-24 10:27:06 +01:00
Paul Stack 979af97b52 Merge pull request #9031 from kjmkznr/b-aws-s3-lifecycle
provider/aws: Fix failed remove S3 lifecycle_rule
2016-09-24 10:26:18 +01:00
Paul Stack 07edf65337 Update CHANGELOG.md 2016-09-24 09:56:43 +01:00
Paul Stack 464ea2d12a Merge pull request #9032 from AlexanderEkdahl/master
Corrected Seoul S3 Website Endpoint
2016-09-24 09:55:29 +01:00
Alexander Ekdahl d2861be48e Corrected Seoul S3 Website Endpoint 2016-09-24 17:43:58 +09:00
Alexander Ekdahl ec1ee7f2be Corrected Seoul S3 Website Endpoint Test 2016-09-24 17:42:52 +09:00
Kazunori Kojima 71f721cd3e
provider/aws: Fix failed remove S3 lifecycle_rule 2016-09-24 16:56:25 +09:00
Paul Hinze d642e6fbc0 Update CHANGELOG.md 2016-09-23 18:31:48 -05:00
Paul Hinze 12e76c0110 Merge pull request #9021 from kyhavlov/destroy_target_fix
core: Fixed variables not being in scope for destroy -target on modules
2016-09-23 18:31:24 -05:00
Paul Hinze 2449b45087
provider/aws: Fix reading dimensions on cloudwatch alarms
They're structs that need to be unrolled and d.Set was silently failing
on them before. This enhances the basic test to cover the change.
2016-09-23 18:26:04 -05:00
Kyle Havlovitz 3a2819de25 core: Fixed variables not being in scope for destroy -target on modules 2016-09-23 19:05:40 -04:00
Paul Stack bba511e9e7 Merge pull request #9027 from hashicorp/b-s3-life-doc
AWS S3 bucket life_cycle rule IDs must be unique.
2016-09-23 23:33:06 +01:00
Sean Chittenden 31f20a1f31
AWS S3 bucket life_cycle rule IDs must be unique. 2016-09-23 15:09:25 -07:00
Sean Chittenden 74eb2e74c1
Whitespace nit. 2016-09-23 10:59:27 -07:00
Paul Stack 00d88853bf Merge pull request #9017 from AMeng/patch-1
provider/aws: Update docs for aws_flow_log
2016-09-23 18:22:40 +01:00
Alex Meng 79e1c55680 aws_flow_docs
Update aws_flow_log docs with aws_cloudwatch_log_group resource example.
2016-09-23 11:18:17 -06:00
Paul Stack 582ba66e6c Update CHANGELOG.md 2016-09-23 13:48:58 +01:00
Chris Marchesi 5af63c233e
provider/aws: Add query_string_cache_keys to aws_cloudfront_distribution
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.

This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
2016-09-23 13:11:05 +01:00
Chris Marchesi c2b44217dd
provider/aws: Require CloudFront S3 origin origin_access_identity
This fixes an issue where an empty s3_origin_config could be supplied to
aws_cloudfront_distribution, "correctly" setting an empty default value.
Unfortunately the rest of the CloudFront structure helper functions are
not equipped to deal with this kind of scenario, and TF produces
spurious diffs upon future runs.

This removes the default and makes origin_access_identity required when
specifying s3_origin_config.

Note that it has always been intended behaviour that if someone does not
want to use an origin access identity, that s3_origin_config should not
be specified at all. This behaviour still works, as should be evident by
the (still) passing tests.

Fixes hashicorp/terraform#7930.
2016-09-23 13:10:50 +01:00
Chris Marchesi ec2b345ed0
provider/aws: Enable aws_cloudfront_distribution HTTP/2
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.

Fixes hashicorp/terraform#8730.
2016-09-23 13:10:33 +01:00
stack72 cea685099e
Merge branch 'elasticache-cluster-import' of https://github.com/AMeng/terraform into AMeng-elasticache-cluster-import 2016-09-23 10:04:57 +01:00
Paul Stack a8a1f6d166 Merge pull request #9007 from steve-jansen/patch-2
Update aws_lambda_permission doc for CloudWatch Events
2016-09-23 09:00:52 +01:00
tomgoren 208dc514df Fixed typo - no such thing as `aws_target_group` (#9005)
It seems like there was a typo and a reference was made to
`aws_target_group`, when the actual resource name is
`aws_alb_target_group`.
2016-09-22 22:21:03 -05:00
Clint 18e05a52e2 Update CHANGELOG.md 2016-09-22 21:54:31 -05:00
Clint b7ad602993 provider/aws: Fix importing of EIP by IP address (#8970)
* provider/aws: Fix importing of EIP by IP address

EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.

This PR does:

- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id

I chose not to document that looking up by IP is a method of import,
because the AWS  API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.

Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.

* fix issue with swapping IDs on EC2 Classic

* update docs

* update comment
2016-09-22 21:53:21 -05:00
Steve Jansen 2e7e284bc9 Update aws_lambda_permission for CloudWatch Events
Based on support case with AWS, CloudWatch Events invoking Lambda should also specify the `source_arn`

Example, the resulting policy needs to be like:
```
{
    "Condition": {
        "ArnLike": {
            "AWS:SourceArn": "arn:aws:events:us-east-1:0123456789:rule/my-cloudwatch-events-rule"
        }
    },
    "Action": "lambda:InvokeFunction",
    "Resource": "arn:aws:lambda:us-east-1:0123456789:function:my-lambda-function",
    "Effect": "Allow",
    "Principal": {
        "Service": "events.amazonaws.com"
    },
    "Sid": "AllowMyCloudWatchEventRuleToCallMyLambda"
}
```
2016-09-22 20:14:42 -04:00
Jarrod Jackson 50eb2338f0 Correct a typo in the description of the master_password argument. (#9004) 2016-09-22 15:58:02 -05:00
Clint 5a17f4a448 Update CHANGELOG.md 2016-09-22 15:23:05 -05:00
Clint becdfef87b provider/aws: Wait for Spot Fleet to drain before removing from state (#8938)
* provider/aws: Wait for Spot Fleet to drain before removing from state

Ensures the spot fleet is drained before reporting successful destroy
and moving on

* remove unreachable code

* hack to sleep and test regression/leak

* fix broken english in warning
2016-09-22 15:22:27 -05:00
Paul Stack b0e751129a Update CHANGELOG.md 2016-09-22 20:58:17 +01:00
Paul Stack ecabebf5e6 Merge pull request #8989 from hashicorp/b-aws-alb-protocol-change-forcenew
provider/aws: VPC ID, Port, Protocol and Name change on aws_alb_target_group will ForceNew resource
2016-09-22 20:57:36 +01:00
Paul Stack 5cc4f17189 Merge pull request #8992 from kwilczynski/feature/check-error-aws_cloudformation_stack
provider/aws: Handle JSON parsing error in the ReadFunc for various JSON documents.
2016-09-22 17:28:24 +01:00
Krzysztof Wilczynski 828a8f4729
provider/aws: Handle JSON parsing error in the ReadFunc for various JSON documents.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-09-22 17:21:27 +01:00
stack72 9fbbc343e9
provider/aws: VPC ID, Port, Protocol and Name change on
aws_alb_target_group will ForceNew resource

Fixes #8741

The modify-target-group doesn't allow changes to name, port, protocol or
vpc_id - therefore, they should all be ForceNew: true

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/22 16:04:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (50.66s)
=== RUN   TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (84.48s)
=== RUN   TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (95.89s)
=== RUN   TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (85.77s)
=== RUN   TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (85.00s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (88.11s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (82.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    572.083s
```
2016-09-22 17:12:39 +01:00
Paul Stack 2b966cf2cc Merge pull request #8988 from kwilczynski/feature/refactor-function-aws_cloudwatch_event_rule
provider/aws: Allow buildPutRuleInputStruct helper function to return an error.
2016-09-22 16:29:09 +01:00
Krzysztof Wilczynski c115d69d88
Allow buildPutRuleInputStruct helper function to return an error.
This commits allows for the helper function to return an error which
would bubble up from e.g. JSON parsing, etc.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-09-22 15:37:12 +01:00
Clint b93bcbbbed Update CHANGELOG.md 2016-09-22 08:22:17 -05:00
Paul Stack 0ed7140c88 Merge pull request #8985 from w3st3ry/fmt
Fmt all the config files
2016-09-22 12:57:41 +01:00
Valentin Pichard c6beaa7ce8 Fmt all the config files
Signed-off-by: Valentin Pichard <valentin.pichard@corp.ovh.com>
2016-09-22 11:49:09 +00:00
Paul Stack 196955c93c Update CHANGELOG.md 2016-09-22 12:46:35 +01:00
stack72 37eb24f77f
Merge branch 'elblivion-fix-librato-bugs' 2016-09-22 12:44:41 +01:00
stack72 0867ed4961
provider/librato: Randomize the test case names as dangling resources were causing failures 2016-09-22 12:43:06 +01:00
Anthony Stanton 1d329c8927
provider/librato: Fixes for various integer type casting bugs
Fixes #8968
2016-09-22 12:42:54 +01:00
Anthony Stanton cfe7979692
provider/librator: Always send required attributes on update
Fixes #8966
2016-09-22 12:42:19 +01:00
Peter McAtominey 9fb9b67381 provider/azurerm: update Azure SDK
Based off master v4
2016-09-22 10:15:57 +01:00
Paul Stack 23009ec837 Update CHANGELOG.md 2016-09-22 10:02:21 +01:00
Paul Stack 27a89ff405 Merge pull request #8671 from hashicorp/f-aws-firehose-cloudwatch
provider/aws: Add support for `cloudwatch_logging_options` to AWS Kinesis Firehose Delivery Streams
2016-09-22 10:01:44 +01:00