Commit Graph

3075 Commits

Author SHA1 Message Date
Martin Atkins 82f958cc17 provider/aws: aws_subnet data source 2016-09-24 15:19:33 -07:00
Martin Atkins 804d714ff6 Restore tls_cert_request to being a managed resource
In c244e5a6 this resource was converted to a data source, but that was
a mistake since data sources are expected to produce stable results on
each run, and yet certificate requests contain a random nonce as part of
the signature.

Additionally, using the data source as a managed resource through the
provided compatibility shim was not actually working, since "Read" was
trying to parse the private key out of a SHA1 hash of the key, which is
what we place in state due to the StateFunc on that attribute.

By restoring this we restore Terraform's ability to produce all of the
parts of a basic PKI/CA, which is useful for creating dev environments
and bootstrapping PKI for production environments.
2016-09-24 12:22:07 -07:00
Sean Chittenden 31f20a1f31
AWS S3 bucket life_cycle rule IDs must be unique. 2016-09-23 15:09:25 -07:00
Sean Chittenden 74eb2e74c1
Whitespace nit. 2016-09-23 10:59:27 -07:00
Alex Meng 79e1c55680 aws_flow_docs
Update aws_flow_log docs with aws_cloudwatch_log_group resource example.
2016-09-23 11:18:17 -06:00
Chris Marchesi 5af63c233e
provider/aws: Add query_string_cache_keys to aws_cloudfront_distribution
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.

This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
2016-09-23 13:11:05 +01:00
Chris Marchesi ec2b345ed0
provider/aws: Enable aws_cloudfront_distribution HTTP/2
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.

Fixes hashicorp/terraform#8730.
2016-09-23 13:10:33 +01:00
stack72 cea685099e
Merge branch 'elasticache-cluster-import' of https://github.com/AMeng/terraform into AMeng-elasticache-cluster-import 2016-09-23 10:04:57 +01:00
Paul Stack a8a1f6d166 Merge pull request #9007 from steve-jansen/patch-2
Update aws_lambda_permission doc for CloudWatch Events
2016-09-23 09:00:52 +01:00
tomgoren 208dc514df Fixed typo - no such thing as `aws_target_group` (#9005)
It seems like there was a typo and a reference was made to
`aws_target_group`, when the actual resource name is
`aws_alb_target_group`.
2016-09-22 22:21:03 -05:00
Clint b7ad602993 provider/aws: Fix importing of EIP by IP address (#8970)
* provider/aws: Fix importing of EIP by IP address

EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.

This PR does:

- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id

I chose not to document that looking up by IP is a method of import,
because the AWS  API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.

Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.

* fix issue with swapping IDs on EC2 Classic

* update docs

* update comment
2016-09-22 21:53:21 -05:00
Steve Jansen 2e7e284bc9 Update aws_lambda_permission for CloudWatch Events
Based on support case with AWS, CloudWatch Events invoking Lambda should also specify the `source_arn`

Example, the resulting policy needs to be like:
```
{
    "Condition": {
        "ArnLike": {
            "AWS:SourceArn": "arn:aws:events:us-east-1:0123456789:rule/my-cloudwatch-events-rule"
        }
    },
    "Action": "lambda:InvokeFunction",
    "Resource": "arn:aws:lambda:us-east-1:0123456789:function:my-lambda-function",
    "Effect": "Allow",
    "Principal": {
        "Service": "events.amazonaws.com"
    },
    "Sid": "AllowMyCloudWatchEventRuleToCallMyLambda"
}
```
2016-09-22 20:14:42 -04:00
Jarrod Jackson 50eb2338f0 Correct a typo in the description of the master_password argument. (#9004) 2016-09-22 15:58:02 -05:00
stack72 9fbbc343e9
provider/aws: VPC ID, Port, Protocol and Name change on
aws_alb_target_group will ForceNew resource

Fixes #8741

The modify-target-group doesn't allow changes to name, port, protocol or
vpc_id - therefore, they should all be ForceNew: true

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/22 16:04:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (50.66s)
=== RUN   TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (84.48s)
=== RUN   TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (95.89s)
=== RUN   TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (85.77s)
=== RUN   TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (85.00s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (88.11s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (82.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    572.083s
```
2016-09-22 17:12:39 +01:00
Paul Stack 27a89ff405 Merge pull request #8671 from hashicorp/f-aws-firehose-cloudwatch
provider/aws: Add support for `cloudwatch_logging_options` to AWS Kinesis Firehose Delivery Streams
2016-09-22 10:01:44 +01:00
James Nugent a64898e0eb provider/aws: Fix other example of vpc_id => id
Also related to #8981.
2016-09-22 09:09:13 +01:00
James Nugent 38b9467dae provider/aws: Change vpc_id to id in documentation 2016-09-22 08:44:22 +01:00
Jay Wallace 947816958b Merge pull request #8975 from mootpt/protocol-fix
Allow use of protocol numbers for ah and esp
2016-09-21 14:40:14 -07:00
Matt Morrison 6754309b4c Fix documentation 2016-09-22 07:49:50 +12:00
Matt Morrison c28c9ef459 Add support for GCS StorageClass
Fixes: #7417
2016-09-22 07:46:35 +12:00
Jay Wallace 45da08c67f
Allow use of protocol numbers for ah and esp 2016-09-21 11:52:23 -07:00
stack72 2813790dd9
provider/bitbucket: Making the necessary documentation changes for the bitbucket typos 2016-09-21 19:47:31 +01:00
stack72 a2970e631c
Merge branch 'cwood/bitbucket-provider' of https://github.com/cwood/terraform into cwood-cwood/bitbucket-provider 2016-09-21 19:35:58 +01:00
Ivan Vergiliev 7b301d7411 Point resource docs to the correct URL (#8969) 2016-09-21 08:32:08 -05:00
Paul Stack 9b23d433c1 Merge pull request #8960 from MiLk/docs/data-source-configuration
Correct the data source configuration example to be valid
2016-09-21 09:44:02 +01:00
James Nugent c942707476 provider/docker: Add alternative to cert_path
Add a note about using `eval $(docker-machine env)` when using Docker
Machine to avoid having to hard code a certificate path.
2016-09-21 09:32:24 +01:00
baboune 1b6c1cccf3 Update index.html.markdown
Add note to reinforce the need for cert_path on any docker-machine based Docker environment.
2016-09-21 09:32:24 +01:00
Emilien Kenler d6296fbb7d
Correct the data source configuration example to be valid 2016-09-21 17:31:44 +09:00
Paul Stack eea215a7c4 Merge pull request #8936 from hashicorp/arm-remote-state-docs
state/remote/azure: Correct documentation
2016-09-21 09:18:29 +01:00
Christoph Blecker 8bbbfcf261 Fix typo in chef provisioner
Typo in example
2016-09-20 09:58:04 -07:00
stack72 067a2744c7
docs/aws: Adding as an exported parameter for the resource 2016-09-20 17:35:04 +01:00
Paul Stack e9e1896ad4 Merge pull request #8775 from TimeIncOSS/f-aws-api-gateway-client-cert
provider/aws: Add API Gateway Client Certificate
2016-09-20 16:52:01 +01:00
James Nugent 71449bb960 state/remote/azure: Correct documentation 2016-09-20 14:53:34 +01:00
Petr Artamonov 05fb519ccb Added missed link to sphere virtual disk 2016-09-20 11:53:45 +02:00
James Nugent d0ac4d41fd Merge pull request #8895 from baboune/patch-1
Update index.html.markdown
2016-09-20 10:32:51 +02:00
Arthur Barr 21563be27c Add heading markdown
It looks like the text is written with the intention of it being a heading, but it wasn't marked as such, which meant it read strangely in HTML.
2016-09-20 09:22:21 +01:00
Rick Fletcher 558cd3b230 Fix typos in the aws_default_security_group docs (#8927)
- "arguement" → "argument"
- link to the default AWS docs, not the fr_fr version
2016-09-19 22:42:50 -05:00
Jay Wallace 8bb4f7f05b Update redshift_security_group.html.markdown
underscores are not valid
2016-09-19 10:47:18 -07:00
Jay Wallace cd9437a82a Update redshift_subnet_group.html.markdown 2016-09-18 21:41:29 -07:00
baboune 22b8b5c532 Update index.html.markdown
Use default docker server remote API port 2376 instead of 1234.
2016-09-17 17:57:37 +02:00
Christoph Blecker 047cdd7c09 Slight tweak to import docs to clarify state management commands (#8885) 2016-09-17 08:15:29 +01:00
Cameron Stokes 351c6bed79 Minor typo in aws_default_security_group docs. 2016-09-16 09:47:54 -07:00
Clint 69f44a04e9 provider/aws: Add reader_endpoint RDS Clusters (supersedes #8878) (#8884)
* provider/aws: Add support for Aurora ReaderEndpoint

* provider/aws: Add reader_endpoint to the schema, document, test
2016-09-16 16:45:04 +01:00
Mike 4f7723bed8 Updated new lines (#8883)
the render in the webpage did not show the code blocks for `Upload file to vSphere` section correctly.
2016-09-16 10:29:08 -05:00
Adrian Hesketh 19e8932a92 Clarify how to notify multiple lambdas (#8854)
Clarified that to send notifications to more than one Lambda function requires a single `s3_bucket_notification` element with multiple `lambda_function` configuration elements.

If multiple `s3_bucket_notification` elements, each with a single `lambda_function` element are used, one of the configurations is applied, seemingly at random.
2016-09-15 15:28:07 -05:00
Clint 79bb2e8a87 provider/aws: Add Default Security Group Resource (#8861)
* Docs for default security group
* overrides of default behavior
* add special disclaimer
* update to support classic environments
2016-09-15 13:59:20 -05:00
Sander van Harmelen 968472a63e Support recreating clients and configuring Chef Vaults (#8577)
Fixes #3605 and adds the functionality suggested in PR #7440.

This PR is using a different appraoch that (IMHO) feels cleaner and (even more important) adds support for Windows at the same time.
2016-09-15 14:20:18 +02:00
Laurent Crisci 64acf0afe5 Fixed typo in aws_elb_attachment website docs
The instance argument is a string and not a list.
It will give you an error if you try to define it as a list.
2016-09-14 23:17:19 +01:00
Cameron Watters b4eb63d710 state/remote: New provider - manta
- add remote state provider backed by Joyent's Manta
- add documentation of Manta remote state provider
- explicitly check for passphrase-protected SSH keys, which are currently
  unsupported, and generate a more helpful error (borrowed from Packer's
  solution to the same problem):
  https://github.com/mitchellh/packer/blob/master/common/ssh/key.go#L27
2016-09-14 20:44:52 +01:00
James Nugent 9d51ebd0aa provider/aws: Expose ARN suffix on ALB (#8833)
When creating a CloudWatch Metric for an Application Load Balancer it is
neccessary to use the suffix of the ARN as the reference to the load
balancer. This commit exposes that as an attribute on the `aws_alb`
resource to prevent the need to use regular expression substitution to
make the reference.

Fixes #8808.
2016-09-14 15:50:10 +01:00
Kerim Satirli 27f8845863 Replaces AWS_SECURITY_TOKEN with AWS_SESSION_TOKEN 2016-09-14 11:22:19 +02:00
Kerim Satirli 5aa1d3a4e5 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN 2016-09-14 11:18:47 +02:00
James Nugent 10226030dd Merge pull request #8823 from RodrigoAlmodovar/patch-1
Update ses_receipt_rule_set.html.markdown
2016-09-14 01:15:41 -07:00
Kerim Satirli dfb85fb0d7 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN (#8816)
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: https://github.com/hashicorp/terraform/pull/1785)

Example ENV:

```
AWS_SECURITY_TOKEN="FQo...vgU="
AWS_ACCESS_KEY_ID="A...A"
AWS_SECRET_ACCESS_KEY="I...t"
AWS_DEFAULT_REGION="eu-west-1"
```
This errors with messages akin to "AWS was not able to validate the provided access credentials".

Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: d1ac7d3b2e/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go (L69), making this whole thing a documentation change.

Happy to provide test cases or additional insights though!
2016-09-13 13:04:46 -05:00
RodrigoAlmodovar d29fb0b691 Update ses_receipt_rule_set.html.markdown
Title was wrong. It said aws_ses_active_receipt_rule_set while the page is referred to aws_ses_receipt_rule_set
2016-09-13 17:19:04 +02:00
Seth Vargo 4ef2fe41ba
Fix a typo in the output command examples 2016-09-13 11:31:51 +01:00
Silvio Moioli 78bb87082b aws_instance doc: fix attachment resource name
Correct name is `aws_volume_attachment`.
2016-09-13 08:41:39 +02:00
stack72 da6c754345
Merge branch 'master' of github.com:hashicorp/terraform 2016-09-12 17:53:46 +01:00
stack72 971b08f320
Merge conflict resolution of virtual_machine.html.markdown in AzureRM 2016-09-12 11:13:24 +01:00
Paul Stack 44bc70971d Merge pull request #8673 from hashicorp/f-aws-alb-generated-name
provider/aws: Allow `aws_alb` to have the name auto-generated
2016-09-12 11:04:47 +01:00
stack72 229f2698ce
Merge branch '6973-codecommit-trigger' of https://github.com/optimisticanshul/terraform into optimisticanshul-6973-codecommit-trigger 2016-09-12 10:44:32 +01:00
stack72 20ad3e0b2f
provider/aws: Allow `aws_alb` to have the name auto-generated
In order to satisify scenarios where a lifecycle is block is used, we
would need the AWS ALB name field to be autogenerated. WE follow the
same work as AWS ELB, we prefix it with `tl-lb-`

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/08 12:43:40 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout
120m
=== RUN   TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (79.81s)
=== RUN   TestAccAWSALB_generatedName
--- PASS: TestAccAWSALB_generatedName (93.81s)
=== RUN   TestAccAWSALB_namePrefix
--- PASS: TestAccAWSALB_namePrefix (73.48s)
=== RUN   TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (181.32s)
=== RUN   TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (66.03s)
=== RUN   TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (130.82s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    625.285s
```
2016-09-12 10:38:13 +01:00
Radek Simko 46d5d51ad6
provider/aws: Add API Gateway Client Certificate 2016-09-12 10:09:47 +01:00
Paul Stack 04e675c663 Merge pull request #8779 from TimeIncOSS/docs-fix-misspellings
docs: Fix misspelled words
2016-09-12 09:41:26 +01:00
Anshul Sharma 7150bafb84 Remove Region Condition From CodeCommit Repo Resource (#8778) 2016-09-12 07:30:46 +01:00
Radek Simko 43de2afde1
docs: Fix misspelled words 2016-09-12 07:08:00 +01:00
Anshul Sharma 497063af3e Added Codecommit Trigger 2016-09-12 10:17:04 +05:30
Steve Hoeksema 1d04cdb9bc Export AWS ELB service account ARN (#8700) 2016-09-11 19:13:58 +01:00
Colin Wood 453ac9bb3d Refactor of username -> owner 2016-09-09 12:13:45 -07:00
Paul Stack 02a80496d9 Merge pull request #8726 from cblecker/providers-doc-fix
Reword "Multiple Provider Instances" documentation
2016-09-08 08:45:06 +01:00
Christoph Blecker c3ab4a1352
Reword "Multiple Provider Instances" documentation
Fixes #8702.
2016-09-07 20:55:03 -07:00
John Dittmar ddc8f21edc typo consul catalog entry example
In the consul catalog entry example `name` was specified in the root of the resource rather than the key `node` which is the actual required key-name.
2016-09-07 19:04:18 -05:00
stack72 d81cbdb4fb
provider/aws: Add support for `cloudwatch_logging_options` to AWS
Kinesis Firehose Delivery Streams

Fixes #7152

Adding support for CloudWatch Logging to Firehose as per the
instructions here -
http://docs.aws.amazon.com/firehose/latest/dev/monitoring-with-cloudwatch-logs.html

```

```
2016-09-07 23:29:08 +01:00
Evan Brown 262661a05f providers/google: Add documentation for google_iam_policy resource 2016-09-07 13:35:33 -07:00
Paul Stack de53db01b9 Merge pull request #8653 from TimeIncOSS/f-aws-lambda-publish
provider/aws: Support 'publish' attribute in lambda_function
2016-09-07 09:32:01 +01:00
Stephane Jourdan 8a355a2059 fix typo 2016-09-07 09:16:50 +02:00
Steve Hoeksema 74587baa4a Add AWS Billing & Cost Management service account
This adds a very simple data source for the AWS Billing account ID magic number.

Used to allow AWS to dump detailed billing reports into an S3 bucket you control.

http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2
2016-09-07 17:43:45 +12:00
Marcus Noble 55a43c444a Corrected stage_name argument 2016-09-06 16:40:08 +01:00
Evan Brown bfc30b4b89 providers/google: Fix VPN Tunnel acceptance test
This fix changes acceptance tests for VPN tunnel to use the correct ports (UDP
500 and 4500). It also changes the documentation to demonstrate using these
port single ports in a `port_range` field.
2016-09-05 12:34:40 -07:00
Lars Wander 9c3f39e6d3 Merge pull request #8639 from sl1pm4t/b-gogole-network-value
provider/google: Make network attribute more consistent across resources
2016-09-05 12:42:58 -04:00
Paul Stack 1022542c72 Merge pull request #8657 from TimeIncOSS/f-aws-sqs-policy
provider/aws: Add aws_sqs_queue_policy
2016-09-05 11:04:28 +02:00
Radek Simko 5820ce6c5c
provider/aws: Add aws_sqs_queue_policy 2016-09-05 08:17:48 +01:00
ndouba fd9ee32bd1 typo fix (#8656) 2016-09-05 07:17:12 +01:00
Matt Morrison 6ca21ec009 Make network attribute more consistent.
Some google resources required network be refernced by resource URL (aka self_link), while others required network name.
This change allows either to be supplied.

DRY it out, and add a fix for #5552.
2016-09-05 08:02:54 +12:00
Radek Simko c1178967b0
provider/aws: Add aws_sns_topic_policy 2016-09-04 18:34:24 +01:00
Radek Simko 03df8360cb
provider/aws: Support 'publish' attribute in lambda_function 2016-09-04 17:15:35 +01:00
James Nugent 6c23181686 Merge pull request #8383 from kjmkznr/import-aws-s3-b-notification
provider/aws: Support import `aws_s3_bucket_notification`
2016-09-03 15:50:25 -07:00
James Nugent 8d0a68e1d4 state/remote: Officially Support local backend
This is a rework of pull request #6213 submitted by @joshuaspence,
adjusted to work with the remote state data source. We also add
a deprecation warning for people using the unsupported API, and retain
the ability to refer to "_local" as well as "local" for users in a mixed
version environment.
2016-09-03 15:42:40 -07:00
James Nugent d31656af91 docs: Clarify note on local provisioners 2016-09-03 15:22:26 -07:00
Jakub Holy 8d0540865f local-exec: the OS doesn't need to be ready
It is not obvious that the resource being created doesn't mean that the OS and system services such as sshd are ready (contrary to `remote-exec`). It is better to make that explicit and same developers like me some headache :-)
2016-09-03 15:21:20 -07:00
Paul Stack ef330241bb Merge pull request #8626 from hashicorp/aws-cloudwatch-log-stream
provider/aws: `aws_cloudwatch_log_stream` resource
2016-09-04 00:31:46 +03:00
Paul Stack b49fbb5383 Merge pull request #8566 from MiLk/docs/interpolation-template-data
Template are now data sources
2016-09-04 00:30:11 +03:00
stack72 49b8568bec
provider/aws: `aws_cloudwatch_log_stream` resource
This is a requirement for enabling CloudWatch Logging on Kinesis
Firehost

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchLogStream_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/02 16:19:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSCloudWatchLogStream_ -timeout 120m
=== RUN   TestAccAWSCloudWatchLogStream_basic
--- PASS: TestAccAWSCloudWatchLogStream_basic (22.31s)
=== RUN   TestAccAWSCloudWatchLogStream_disappears
--- PASS: TestAccAWSCloudWatchLogStream_disappears (21.21s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    43.538s
2016-09-04 00:26:02 +03:00
James Nugent 54784864fc Merge pull request #8640 from TimeIncOSS/f-aws-cloudformation-data-source
provider/aws: Add cloudformation_stack data source
2016-09-03 14:16:46 -07:00
Paul Stack 0370f41df5 Merge pull request #8440 from hashicorp/aws-spotfeed-sub
provider/aws: New resource `aws_spot_datafeed_subscription`
2016-09-04 00:16:14 +03:00
Paul Stack 7485061635 Merge pull request #8637 from jrm16020/jeremy_tls_provider_docs_update
Adding reference to docs for supported ECDSA curves.
2016-09-03 23:11:57 +03:00
stack72 7e89c1d3a2
Merge branch 'paybyphone-paybyphone_GH_6396' 2016-09-03 23:10:27 +03:00
James Nugent 94ca84e772 Merge pull request #8638 from hashicorp/f-aws-assume-role
provider/aws: Add support for AssumeRole prior to operations
2016-09-03 13:04:03 -07:00
Chris Marchesi 38d2a2e717
provider/aws: VPC Peering: allow default peer VPC ID
Update the aws_vpc_peering_connection resource to allow peer_owner_id
to be omitted, defaulting to the connected AWS account ID (ie: for
VPC-to-VPC peers in the same account).

Also included is a doc cleanup and updates to the peer test in
resource_aws_route_table_test.go.

This fixes hashicorp/terraform#6396.
2016-09-03 23:03:31 +03:00
James Nugent e3ccb51168 provider/aws: Add assume_role block to provider
This replaces the previous `role_arn` with a block which looks like
this:

```
provider "aws" {
        // secret key, access key etc

	assume_role {
	        role_arn = "<Role ARN>"
		session_name = "<Session Name>"
		external_id = "<External ID>"
	}
}
```

We also modify the configuration structure and read the values from the
block if present into those values and adjust the call to AssumeRole to
include the SessionName and ExternalID based on the values set in the
configuration block.

Finally we clean up the tests and add in missing error checks, and clean
up the error handling logic in the Auth helper functions.
2016-09-03 12:54:30 -07:00
stack72 900e14e168
provider/aws: New resource `aws_spot_datafeed_subscription`
Fixes: #4922

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSpotDatafeedSubscription_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 10:46:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSpotDatafeedSubscription_ -timeout 120m
=== RUN   TestAccAWSSpotDatafeedSubscription_importBasic
--- PASS: TestAccAWSSpotDatafeedSubscription_importBasic (56.31s)
=== RUN   TestAccAWSSpotDatafeedSubscription_basic
--- PASS: TestAccAWSSpotDatafeedSubscription_basic (56.77s)
=== RUN   TestAccAWSSpotDatafeedSubscription_disappears
--- PASS: TestAccAWSSpotDatafeedSubscription_disappears (56.79s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    169.893s
```
2016-09-03 20:06:40 +03:00
Radek Simko a3c21d6c3b
provider/aws: Add cloudformation_stack data source 2016-09-03 11:33:59 +01:00
Jeremy Young b295192ed3 Adding reference in ELB docs for supported ECDSA curves. 2016-09-02 16:25:20 -05:00
Ian Duffy 767914bbdc [GH-1275] Support for AWS access via IAMs AssumeRole functionality
This commit enables terraform to utilise the assume role functionality
of sts to execute commands with different privileges than the API
keys specified.

Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-09-02 10:22:57 -07:00
Jesse Mandel f168c90afa Update ami.html.markdown
typo `i368` to `i386`
2016-09-02 10:22:18 -07:00
Mitchell Hashimoto f4a7740beb Merge pull request #8629 from ProcessOut/scaleway-security_group_rule-port-documentation
provider/scaleway: Document ports in security group rules properly
2016-09-02 10:06:45 -07:00
Louis-Paul Dareau 7adcac2d6c
provider/scaleway: Fix a documentation typo 2016-09-02 12:16:42 -04:00
Louis-Paul Dareau ab36c4299f
provider/scaleway: Document ports in security group rules properly 2016-09-02 12:10:52 -04:00
James Nugent 93f31fce17 provider/aws: Add aws_s3_bucket_policy resource
This commit adds a new "attachment" style resource for setting the
policy of an AWS S3 bucket. This is desirable such that the ARN of the
bucket can be referenced in an IAM Policy Document.

In addition, we now suppress diffs on the (now-computed) policy in the
S3 bucket for structurally equivalent policies, which prevents flapping
because of whitespace and map ordering changes made by the S3 endpoint.
2016-09-02 09:07:54 -07:00
Joe Topjian 20b25043b6 Merge pull request #8625 from Fodoj/provider-openstack-lb2-better-docs
provider/openstack: Fix documentation of openstack LBaaS resources
2016-09-02 08:39:45 -06:00
liamjbennett e98e5fb017
provider/aws: add aws_ssm_association resource 2016-09-02 16:46:05 +03:00
Sander van Harmelen 47dd1ad153 Add wildcard (match all) support to ignore_changes (#8599) 2016-09-02 15:44:35 +02:00
Kirill Shirinkin b4ac5bcf17 provider/openstack: Fix the list of available LB methods for LB pool 2016-09-02 07:54:29 -05:00
Kirill Shirinkin 52f130cb64 provider/openstack: Fix documentaion for whole LBaaS v2 group 2016-09-02 07:51:44 -05:00
Kirill Shirinkin 3468b6d9f1 provider/openstack: Improve documentation of openstack lb v2 member 2016-09-02 07:35:14 -05:00
Paul Stack 827a899c9b Merge pull request #8619 from BabakMN/fix-iam-policy-document-documentation
Add missing json attribute to documentation for aws_iam_policy_document
2016-09-02 08:11:22 +01:00
Paul Stack 05994cef31 Merge pull request #7694 from jtopjian/provider-rabbitmq
RabbitMQ Provider
2016-09-02 08:08:18 +01:00
Babak Mahmoudy 28767a20df Add missing json attribute to documentation 2016-09-02 12:55:14 +10:00
Alfonso Cabrera 30ea22c252 Fix multiple typos (#8611) 2016-09-01 15:07:58 -05:00
Joe Topjian d1e6f5c3dc provider/rabbitmq: docs 2016-09-01 19:04:41 +00:00
Juan Carlos Alonso cab71c98cd Minor typos 2016-09-01 11:30:55 +01:00
Sander van Harmelen 1a85d06843 Fix the acceptance tests and some cosmetic tweaks (#8598) 2016-09-01 11:19:37 +02:00
Bart van der Schans 0835b64456 Add ability to manage cloudstack affinity groups (#8360)
Add documentation for cloudstack affinity group resource

Implement improvements from review by svanharmelen

Update to latest go-cloudstack v2.1.3
2016-09-01 10:48:49 +02:00
stack72 019a13eb7f
Merge branch 'elblivion-librato-alerts' 2016-08-31 21:46:15 +01:00
Paul Stack 5de8137eb3 Merge pull request #8582 from hashicorp/fix-aws-alb-docs
docs/aws: `aws_alb` name parameter is now documented as a Required field
2016-08-31 20:17:59 +01:00
stack72 a6c55ddea9
Merge branch 'librato-alerts' of https://github.com/elblivion/terraform into elblivion-librato-alerts 2016-08-31 20:14:52 +01:00
stack72 cea2ff6be0
docs/aws: `aws_alb` name parameter is now documented as a Required
field

The validation rules are also included in the documentation

Fixes #8561
2016-08-31 20:06:04 +01:00
Anthony Stanton 83d4a71423
fixup! Support for Librato Alerts and Services 2016-08-31 17:20:20 +02:00
zhuk-intetics 3308b974e2 Update interpolation.html.md 2016-08-31 10:19:17 +03:00
Emilien Kenler 95a86cc617
Template are now data sources 2016-08-31 12:04:55 +09:00
Sean Knight 76ea6c59cd website: fix error in the Kinesis Firehose ElasticSearch example
"destination" was set to "redshift" by mistake.
2016-08-29 17:00:38 -07:00
stack72 d330ac4d26
docs/aws: AWS ELB access_logs now support whether to enable or disable logging 2016-08-29 21:15:10 +01:00
Radek Simko cc38378870 provider/aws: API Gateway Custom Authorizer (#8535)
* [WIP] AWS APIGateway Custom Authorizer

* provider/aws: api_gateway_method - Add missing fields to Read+Update

* provider/aws: Make API Gateway name in test more specific

* provider/aws: APIG - Use minimal configuration in create request
2016-08-29 20:51:59 +01:00
Krzysztof Wilczynski 52eeaa0b72 Fix example. Do not use deprecated attribute. (#8531)
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-29 15:39:29 +01:00
Paul Stack 53ac54ac06 docs/aws: Add `primary_endpoint_address` to the docs for (#8528)
`aws_elasticache_replication_group`
2016-08-29 14:39:15 +01:00
stack72 b158cbc2dd
docs/statuscake: Adding the parameter to the docs 2016-08-29 00:00:27 +01:00
Martin Atkins 5412ad54f7 Merge #8507: Installation guide to reflect the single-binary model from 0.7 2016-08-27 13:18:04 -07:00
Martin Atkins 4f906dba7a Merge #8403: name_regex attribute on aws_ami data source 2016-08-27 13:11:45 -07:00
Martin Atkins 39d68025a5 Merge #8505: correct mistake in example for aws_ip_ranges data source 2016-08-27 07:28:58 -07:00
Clint daac877c82 provider/aws: Get and export ASG ARN value (#8503) 2016-08-27 15:20:11 +01:00
Neil Calabroso f425472862 Update installation guide
Mention that there's only a single binary file in package as of 0.7.2
2016-08-27 16:14:36 +08:00
knakayama 0b67962338 Fix doc for provider/aws_ip_ranges 2016-08-27 09:41:34 +09:00
Clint 3cfce54910 Update alb_listener_rule.html.markdown
fix typo
2016-08-26 09:40:36 -05:00
sethp-jive 36d0e6690d aws_iam_instance_profile: Restrict example perms
In this example, principal "AWS": "*" tells IAM that any user in the world can assume that role as long as they know the account ID + role name. 

In my testing, "Service": "ec2.amazonaws.com" is sufficiently permissive to allow the instance_profile to work without allowing global accesses.
2016-08-25 15:28:39 -07:00
Clint 49ecfe8921 provider/aws: Add aws_default_route_table resource (#8323)
* provider/aws: Add docs for Default Route Table

* add new default_route_table_id attribute, test to VPC

* stub

* add warning to docs

* rough implementation

* first test

* update test, add swap test

* fix typo
2016-08-25 16:02:44 -05:00
stack72 0087068a0e
provider/aws: `aws_ecs_container_definition` datasource parameter
changes to memory_reservation
2016-08-25 18:10:08 +01:00
Radek Simko 1494f493a2 aws/docs: Add missing ssm link to the sidebar (#8476) 2016-08-25 17:46:52 +01:00
Paul Stack 0adc1fc4b2 provider/aws: Allow `aws_rds_instance` to upgrade the major version (#8471)
Fixes #8468

If a user wished to bump the `engine_version` of an RDS instance,
Terraform was not sending `allow_major_version_upgrade` to the API
*unless* that value also changed at the same time. This caused the
following error from RDS API:

```
* aws_db_instance.bar: Error modifying DB Instance
* tf-20160825101420910562798obb: InvalidParameterCombination: The
* AllowMajorVersionUpgrade flag must be present when upgrading to a new
* major version.
    status code: 400, request id: 20e36364-6ab0-11e6-b794-51f12f4135f1
```

This change will always send the `allow_major_version_upgrade` flag to
the API when the `engine_version` changes.

This still relies on the user setting the correct value i.e. if they are
upgrading from postgres 0.4.7 -> 9.5.2 then the config will need to set
the `allow_major_version_upgrade` flag to be `true`
2016-08-25 13:54:40 +01:00
Paul Stack 64510d9cfb provider/aws: Adding `aws_ssm_document` resource (#8460)
* provider/aws: add `aws_ssm_document` resource

* provider/aws: Changes to `aws_ssm_document` post code review

The changes are things like using d.Id rather than d.Get("name").(string)

and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 09:47:24 +01:00
Paul Stack 3901827b40 provider/aws: Validate `aws_iam_policy_attachment` Name parameter to stop being empty (#8441)
* provider/aws: Validate `aws_iam_policy_attachment` Name parameter to
stop being empty

Fixes #8368

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSPolicyAttachment_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 11:46:01 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSPolicyAttachment_ -timeout 120m
=== RUN   TestAccAWSPolicyAttachment_basic
--- PASS: TestAccAWSPolicyAttachment_basic (44.67s)
=== RUN   TestAccAWSPolicyAttachment_paginatedEntities
--- PASS: TestAccAWSPolicyAttachment_paginatedEntities (161.68s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    206.379s
```

* Update resource_aws_iam_policy_attachment.go
2016-08-24 21:28:41 +01:00
stack72 7cfe85ee70
Merge branch 'master' of github.com:hashicorp/terraform 2016-08-24 20:53:57 +01:00
stack72 01fca172cb
provider/aws: Removing the merge conflict from the redshift_cluster resource 2016-08-24 20:50:06 +01:00
Jearvon Dharrie 14deee1fd4 Fix typo (#8459)
Change `you project` to `your project`
2016-08-24 20:44:24 +01:00
Clint 341c7bf766 provider/aws: Update VPC Peering connect accept/request attributes (supersedes #8338) (#8432)
* Fix crash when reading VPC Peering Connection options.

This resolves the issue introduced in #8310.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* Do not de-reference values when using Set().

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* provider/aws: Update VPC Peering connect accept/request attributes

* change from type list to type set

* provider/aws: Update VPC Peering accept/requst options, tests

* errwrap some things
2016-08-24 13:24:42 -05:00
Paul Stack e524603d3f provider/aws: AWS SpotFleet Requests now works with Subnets and AZs (#8320)
* provider/aws: Change Spot Fleet Request to allow a combination of
subnet_id and availability_zone

Also added a complete set of tests that reflect all of the use cases
that Amazon document
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-examples.html

It is important to note there that Terraform will be suggesting that
users create multiple launch configurations rather than AWS's version of
combing values into CSV based parameters. This will ensure that we are
able to enforce the correct state

Also note that `associate_public_ip_address` now defaults to `false` - a migration has been
included in this PR to migration users of this functionality. This needs
to be noted in the changelog. The last part of changing functionality
here is waiting for the state of the request to become `active`. Before
we get to this state, we cannot guarantee that Amazon have accepted the
request or it could have failed validation.

```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSSpotFleetRequest_'
% 2 ↵
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 15:44:21 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSpotFleetRequest_ -timeout 120m
=== RUN   TestAccAWSSpotFleetRequest_changePriceForcesNewRequest
--- PASS: TestAccAWSSpotFleetRequest_changePriceForcesNewRequest (133.90s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceAzOrSubnetInRegion
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceAzOrSubnetInRegion (76.67s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceAzInGivenList
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceAzInGivenList (75.22s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceSubnetInGivenList
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceSubnetInGivenList (96.95s)
=== RUN   TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameAz
--- PASS: TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameAz (74.44s)
=== RUN   TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameSubnet
--- PASS: TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameSubnet (97.82s)
=== RUN   TestAccAWSSpotFleetRequest_overriddingSpotPrice
--- PASS: TestAccAWSSpotFleetRequest_overriddingSpotPrice (76.22s)
=== RUN   TestAccAWSSpotFleetRequest_diversifiedAllocation
--- PASS: TestAccAWSSpotFleetRequest_diversifiedAllocation (79.81s)
=== RUN   TestAccAWSSpotFleetRequest_withWeightedCapacity
--- PASS: TestAccAWSSpotFleetRequest_withWeightedCapacity (77.15s)
=== RUN   TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName
--- PASS: TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName (0.00s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    788.184s
```

* Update resource_aws_spot_fleet_request.go
2016-08-24 11:08:46 +01:00
Paul Stack 3a2d73a2b1 provider/aws: Add support to `aws_redshift_cluster` for restoring from (#8414)
snapshot

Fixes #6406

Adds 2 new parameters:

* `snapshot_identifier`
* `snapshot_cluster_identifier`

These will be used to allow the Redshift cluster to be restored from a
pre-existing snapshot. Also makes the redshift username and password
fields optional as these are not required for the snapshot

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRedshiftCluster_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 12:04:53 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftCluster_ -timeout 120m
=== RUN   TestAccAWSRedshiftCluster_importBasic
--- PASS: TestAccAWSRedshiftCluster_importBasic (741.03s)
=== RUN   TestAccAWSRedshiftCluster_basic
--- PASS: TestAccAWSRedshiftCluster_basic (656.33s)
=== RUN   TestAccAWSRedshiftCluster_loggingEnabled
--- PASS: TestAccAWSRedshiftCluster_loggingEnabled (718.65s)
=== RUN   TestAccAWSRedshiftCluster_iamRoles
--- PASS: TestAccAWSRedshiftCluster_iamRoles (818.10s)
=== RUN   TestAccAWSRedshiftCluster_publiclyAccessible
--- PASS: TestAccAWSRedshiftCluster_publiclyAccessible (853.30s)
=== RUN   TestAccAWSRedshiftCluster_updateNodeCount
--- PASS: TestAccAWSRedshiftCluster_updateNodeCount (2083.37s)
=== RUN   TestAccAWSRedshiftCluster_tags
--- PASS: TestAccAWSRedshiftCluster_tags (621.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws
6491.963s
```

When deploying this, I was able to use config as follows:

```
resource "aws_redshift_cluster" "restore" {
  cluster_identifier = "my-test-restored-cluster"
  snapshot_identifier = "sample-snapshot-for-restore"
  node_type = "dc1.large"
}
```

And it resulted in:

```
terraform apply
[WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider.
  If you did not expect to see this message you will need to remove the old plugin.
  See https://www.terraform.io/docs/internals/internal-plugins.html
aws_redshift_cluster.restore: Creating...
  allow_version_upgrade:               "" => "true"
  automated_snapshot_retention_period: "" => "1"
  availability_zone:                   "" => "<computed>"
  bucket_name:                         "" => "<computed>"
  cluster_identifier:                  "" => "my-test-restored-cluster"
  cluster_parameter_group_name:        "" => "<computed>"
  cluster_public_key:                  "" => "<computed>"
  cluster_revision_number:             "" => "<computed>"
  cluster_security_groups.#:           "" => "<computed>"
  cluster_subnet_group_name:           "" => "<computed>"
  cluster_type:                        "" => "<computed>"
  cluster_version:                     "" => "1.0"
  database_name:                       "" => "<computed>"
  enable_logging:                      "" => "false"
  encrypted:                           "" => "<computed>"
  endpoint:                            "" => "<computed>"
  iam_roles.#:                         "" => "<computed>"
  kms_key_id:                          "" => "<computed>"
  node_type:                           "" => "dc1.large"
  number_of_nodes:                     "" => "1"
  port:                                "" => "5439"
  preferred_maintenance_window:        "" => "<computed>"
  publicly_accessible:                 "" => "true"
  s3_key_prefix:                       "" => "<computed>"
  skip_final_snapshot:                 "" => "true"
  snapshot_identifier:                 "" => "sample-snapshot-for-restore"
  vpc_security_group_ids.#:            "" => "<computed>"
..........
aws_redshift_cluster.restore: Still creating... (5m20s elapsed)
aws_redshift_cluster.restore: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
```
2016-08-24 10:58:05 +01:00
Paul Stack eec7b342c8 provider/aws: Support `snapshot_name` for ElastiCache Cluster and (#8419)
Replication Groups

In order to be able to restore a named snapshot as ElastiCache Cluster
or a Replication Group, the `snapshot_name` parameter was needed to be
passed. Changing the `snapshot_name` will force a new resource to be
created

```

```
2016-08-24 10:55:20 +01:00
Paul Stack 0d8709bdf3 provider/aws: Support Tags for `aws_alb` and `aws_alb_target_group` (#8422)
resources

Fixes #8420

Adds the ability to update tags on the ALB resource as well as
supporting tags on `aws_alb_target_group`

```
ALB Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'                                                                                                                         2 ↵ ✹
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 19:30:16 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout 120m
=== RUN   TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (67.18s)
=== RUN   TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (99.88s)
=== RUN   TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (62.49s)
=== RUN   TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (126.25s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	355.835s
```

```
ALB Target Group Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 19:37:37 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (47.26s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (81.01s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (78.74s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	207.025s
```
2016-08-24 10:54:43 +01:00
Sarah Zelechoski 3c63c04c11 Allow custom Compute Engine service account 2016-08-23 17:04:13 -04:00
Paul Stack f22564c6c8 docs/aws: Documentation Update for `aws_db_option_group` (#8424)
Remove `apply_immediately` from the example and add a short note that we
apply_immediately by default
2016-08-23 20:02:22 +01:00
Radek Simko 070942df0f provider/aws: Add support for ECS svc - LB target group (#8190) 2016-08-23 11:19:43 -05:00
Joe Topjian c30398ed90 Merge pull request #8405 from jtopjian/openstack-allowedadresspairs-docs-tests
provider/openstack: docs and tests for allowed_address_pairs
2016-08-23 08:16:17 -06:00
Adam Dehnel 6f3fd1faa0 Added example of how the Option settings works (#8413)
It took me some googling to find this and thought it would be good to have an example of how that structure is meant to be right in the docs.
2016-08-23 14:47:10 +01:00
Shawn Silva bf68590f02 provider/aws: rename local_name_filter attribute to name_regex
Renamed the local_name_filter attribute to name_regex and made it clear in the
docs that this runs locally and could have a performance impact on a large set
of AMIs returned from AWS.
2016-08-23 08:44:07 -04:00
Paul Stack 2f936eaad4 provider/aws: Add support for `network_mode` to `aws_ecs_task_definition` (#8391)
* provider/aws: Add support for `network_mode` to
`aws_ecs_task_definition`

Fixes #8281

```

```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEcsTaskDefinition_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 18:12:20 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEcsTaskDefinition_ -timeout 120m
=== RUN   TestAccAWSEcsTaskDefinition_basic
--- PASS: TestAccAWSEcsTaskDefinition_basic (29.02s)
=== RUN   TestAccAWSEcsTaskDefinition_withScratchVolume
--- PASS: TestAccAWSEcsTaskDefinition_withScratchVolume (16.75s)
=== RUN   TestAccAWSEcsTaskDefinition_withEcsService
--- PASS: TestAccAWSEcsTaskDefinition_withEcsService (147.77s)
=== RUN   TestAccAWSEcsTaskDefinition_withTaskRoleArn
--- PASS: TestAccAWSEcsTaskDefinition_withTaskRoleArn (19.49s)
=== RUN   TestAccAWSEcsTaskDefinition_withNetworkMode
--- PASS: TestAccAWSEcsTaskDefinition_withNetworkMode (19.52s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	232.588

* Update resource_aws_ecs_task_definition.go

* Update ecs_task_definition.html.markdown
2016-08-23 11:27:45 +01:00
Paul Stack 83dc4d0535 provider/aws: Add Primary Endpoint Address output for (#8385)
`aws_elasticache_replication_group`

Fixes #8377

Now we can output the endpoint of the primary

```
resource "aws_elasticache_replication_group" "bar" {
    replication_group_id = "tf-11111"
    replication_group_description = "test description"
    node_type = "cache.m1.small"
    number_cache_clusters = 2
    port = 6379
    parameter_group_name = "default.redis2.8"
    apply_immediately = true
}

output "primary_endpoint_address" {
  value = "${aws_elasticache_replication_group.bar.primary_endpoint_address}"
}
```

This gives us:

```
% terraform apply
...................
aws_elasticache_replication_group.bar: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

primary_endpoint_address = tf-11111.d5jx4z.ng.0001.use1.cache.amazonaws.com
```

This was the addition of a computed field only so the basic test still works as expected:

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_basic'                        ✹
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 17:11:13 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSElasticacheReplicationGroup_basic -timeout 120m
=== RUN   TestAccAWSElasticacheReplicationGroup_basic
--- PASS: TestAccAWSElasticacheReplicationGroup_basic (741.71s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	741.735s
```
2016-08-23 11:13:26 +01:00
Joe Topjian a41ae4b9ac provider/openstack: docs and tests for allowed_address_pairs 2016-08-23 02:13:37 +00:00
Shawn Silva 6977fff406 provider/aws: add local name filter to aws_ami datasource
In cases where the filters provided by AWS against the name of an AMI are not
sufficient, allow adding a "local_name_filter" which is a regex that is used
to filter the AMIs returned by amazon.
2016-08-22 19:32:32 -04:00
Kazunori Kojima ed05161fd0
provider/aws: Support import `aws_s3_bucket_notification` 2016-08-23 08:19:06 +09:00
Martin Atkins 38289ddbd5 Merge #8353: New resources for custom domains on AWS API Gateway 2016-08-22 15:44:52 -07:00
Martin Atkins c4255f195b website: Docs for AWS API Gateway domain name and base path mapping 2016-08-22 15:36:20 -07:00
Mitchell Hashimoto d32487c335
website: remove numeric suffixes, they haven't worked in real long time 2016-08-22 14:43:58 -07:00
Brad Sickles 35d4d4bdbf Fixing archive file website docs. (#8373) 2016-08-22 13:27:43 +01:00
Mitchell Hashimoto 041094fb85 Merge pull request #8352 from ajlanghorn/add-whitespace-note
Add note to use Server-Defined-Cipher-Order
2016-08-22 02:11:11 -04:00
James Nugent 2070fa44c3 provider/datadog: Fix docs sidebar 2016-08-22 06:01:50 +02:00
James Nugent 3264f56860 provider/datadog: Document import support 2016-08-22 06:00:05 +02:00
James Nugent 11acfca54e docs: Note envvars for Datadog configuration 2016-08-22 05:43:04 +02:00
James Nugent 296071f259 Merge pull request #7964 from szollo/master
Update AMI ID on documentation
2016-08-22 05:39:11 +02:00
James Nugent dd5651ef23 Merge pull request #8357 from hashicorp/sethvargo/docs
Add more output grammar and CLI examples
2016-08-22 05:34:17 +02:00
James Nugent 61f885aa86 website: Add archive provider to sidebar and css 2016-08-22 05:30:37 +02:00
James Nugent 74315d6d1b provider/archive: Fix doc sidebar title 2016-08-22 05:23:08 +02:00
Seth Vargo 988b0325a1 Add more output grammar and CLI examples 2016-08-21 15:17:31 -04:00
Andrew Langhorn 8bd2a249ce Add note to use Server-Defined-Cipher-Order
The Terraform documentation, rather correctly, refers to a list of options
you can pass to an Elastic Load Balancer from the AWS documentation. All but
one of these options works; 'Server Order Preference' doesn't work, because
the API refers to it as 'Server-Defined-Cipher-Order'.

Add a note to explain this, at least as a temporary solution.

Fixes #8340.
2016-08-21 14:21:02 +01:00
f440 e37dbefd90 Fix file extension (#8343) 2016-08-20 12:03:20 +01:00
kyhavlov 0b165164c4 docs: Fix exported attribute name in docker_registry_image 2016-08-19 20:35:00 -04:00
Clint 771155cea5 provider/aws: Add support for TargetGroups to AutoScaling Groups (#8327)
* start of ALB support. Waiting for ALB top level to move forward

* initial test

* cleanup

* small docs

* beef up test
2016-08-19 14:07:53 -05:00
AMeng eff11efff3 provider/aws: Support Import aws_elasticache_cluster 2016-08-19 11:10:57 -06:00
James Nugent 41d8a45ae9 Merge pull request #8321 from hashicorp/f-aws-alb-attachment
provider/aws: Add aws_alb_target_group_attachment
2016-08-19 16:26:04 +01:00
Anastas Dancha bd25d77615 health_check's target explained 2016-08-19 11:12:56 -04:00
James Nugent e4ce708bf9 provider/aws: Add aws_alb_target_group_attachment 2016-08-19 16:12:19 +01:00
James Nugent b5e0f2e347 Merge pull request #8318 from hashicorp/f-aws-application-lb-rules
provider/aws: Add aws_alb_listener_rule resource
2016-08-19 13:24:02 +01:00
James Nugent e2445497ab Merge pull request #8319 from hashicorp/aws-route53-cloudwatch-metric
provider/aws: Implement support for CloudWatch Metric in `aws_route53_health_check`
2016-08-19 13:09:33 +01:00
James Nugent 417b98bafb provider/aws: Add aws_alb_listener_rule resource
This commit adds the aws_alb_listener_rule resource along with
acceptance tests and documentation.
2016-08-19 13:07:20 +01:00
stack72 da5abccfd9
provider/aws: Implement support for CloudWatch Metric in
`aws_route53_health_check`

fixes #7830

```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSRoute53HealthCheck_'           ✚
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/19 12:58:00 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRoute53HealthCheck_ -timeout 120m
=== RUN   TestAccAWSRoute53HealthCheck_importBasic
--- PASS: TestAccAWSRoute53HealthCheck_importBasic (20.03s)
=== RUN   TestAccAWSRoute53HealthCheck_basic
--- PASS: TestAccAWSRoute53HealthCheck_basic (31.42s)
=== RUN   TestAccAWSRoute53HealthCheck_withChildHealthChecks
--- PASS: TestAccAWSRoute53HealthCheck_withChildHealthChecks (26.88s)
=== RUN   TestAccAWSRoute53HealthCheck_IpConfig
--- PASS: TestAccAWSRoute53HealthCheck_IpConfig (30.27s)
=== RUN   TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck
--- PASS: TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck (26.08s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    134.692s

```
2016-08-19 13:00:45 +01:00
Krzysztof Wilczynski 5df0b08e86 Add ability to set peering options in aws_vpc_peering_connection. (#8310)
This commit adds two optional blocks called "accepter" and "requester" to the
resource allowing for setting desired VPC Peering Connection options for VPCs
that participate in the VPC peering.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-19 11:19:49 +01:00
Radek Simko 73f0c47915 aws/docs: Add example of aws_alb_target_group (#8311) 2016-08-19 09:13:39 +01:00
Radek Simko 4c47e0dc37 docs/aws: Fix example of aws_redshift_service_account (#8313) 2016-08-19 09:09:48 +01:00
kyhavlov dd33357fbb docs: Fix example for docker_registry_image (#8308) 2016-08-19 07:40:50 +01:00
Jeff Goldschrafe 08f2e6797b provider/azurerm: support Diagnostics Profile
Add support for a diagnostics profile, which allows boot diagnostics to
be enabled on a virtual machine.
2016-08-18 23:46:47 -04:00
Mitchell Hashimoto 9d41100c13 Merge pull request #8267 from ChrisMcKenzie/patch-1
Document credentials variable and env var for gcs remote state
2016-08-18 23:34:45 -04:00
Mitchell Hashimoto e529df1255 Merge pull request #8307 from cblecker/google/acctest-image-update
provider/google: Update Acceptance Tests to use Debian 8
2016-08-18 23:22:01 -04:00
Christoph Blecker 20ca61a88a
Update docs to use GCP Image Families 2016-08-18 17:23:15 -07:00
James Nugent 76910c15d6 docs: Remove output from `terraform_remote_state`
Fixes #8296.
2016-08-19 00:50:43 +01:00
Martin Atkins 0007346a33 Merge: #8300: Correct spelling of "certificate" in tls provider docs 2016-08-18 13:46:38 -07:00
Jarrod Jackson 98cc77c57a Correct spelling of the word certificate. 2016-08-18 14:38:00 -06:00
James Nugent 56907d9931 Merge pull request #8268 from hashicorp/f-aws-application-lb-listener
provider/aws: Add aws_alb_listener resource
2016-08-18 21:18:35 +01:00
Paul Stack 09de4f82ce provider/aws: `aws_elasticache_replication_groups` only support Redis (#8297)
* provider/aws: `aws_elasticache_replication_groups` only support Redis

therefore, making our users add `engine = redis` to the configuration
felt wasted

* Update resource_aws_elasticache_replication_group.go

* Update resource_aws_elasticache_replication_group.go

* Update resource_aws_elasticache_replication_group.go

* Update resource_aws_elasticache_replication_group_test.go

* Update resource_aws_elasticache_replication_group_test.go

* Update resource_aws_elasticache_replication_group.go
2016-08-18 20:30:12 +01:00
Paul Stack 51f216306f provider/aws: Implement the `aws_elasticache_replication_group` resource (#8275) 2016-08-18 19:42:29 +01:00
Dan Norris c61f04c89d docs/remote_state: Update docs to use data instead of resource (#8293) 2016-08-18 19:38:34 +01:00
James Nugent e38d41b7a7 provider/aws: Add `arn` fields to ALB resources
This commit adds an `arn` field to `aws_alb` and `aws_alb_target_group`
resources, in order to present a more coherant user experience to people
using resource variables in fields suffixed "arn".
2016-08-18 18:54:39 +01:00
James Nugent 59f66eca02 provider/aws: Add aws_alb_listener resource
This commit adds the `aws_alb_listener` resource and associated
acceptance tests and documentation.
2016-08-18 18:49:44 +01:00
Paul Stack ff0d9aff76 docs/aws: Update documentation example to remove \ from bucket prefix (#8289) 2016-08-18 18:44:19 +01:00
Otto Jongerius 245e211b00 provider/datadog: Allow `tags` to be configured for monitor resources. (#8284) 2016-08-18 16:54:44 +01:00
KOJIMA Kazunori 23d2ae3740 provider/aws: Support import of `aws_s3_bucket` (#8262) 2016-08-18 16:01:20 +01:00
Lars Wander 23ab7ee6bb Merge pull request #8147 from nwwebb/import-instance-template
provider/google: Support Import of 'google_compute_instance_template'
2016-08-18 10:30:46 -04:00
Ryan Uber ec7fc60d5f Adds consul_prepared_query resource (#7474)
* provider/consul: first stab at adding prepared query support

* provider/consul: flatten pq resource

* provider/consul: implement updates for PQ's

* provider/consul: implement PQ delete

* provider/consul: add acceptance tests for prepared queries

* provider/consul: add template support to PQ's

* provider/consul: use substructures to express optional related components for PQs

* website: first pass at consul prepared query docs

* provider/consul: PQ's support datacenter option and store_token option

* provider/consul: remove store_token on PQ's for now

* provider/consul: allow specifying a separate stored_token

* website: update consul PQ docs

* website: add link to consul_prepared_query resource

* vendor: update github.com/hashicorp/consul/api

* provider/consul: handle 404's when reading prepared queries

* provider/consul: prepared query failover dcs is a list

* website: update consul PQ example usage

* website: re-order arguments for consul prepared queries
2016-08-18 08:46:30 +01:00
Ryan Moran d7c028d210 Update dns_zone.html.markdown (#8273) 2016-08-17 22:46:18 +01:00
alex goretoy 7938eaf76f Fix typo on interpolation.html.md (#8274) 2016-08-17 16:07:52 -05:00
Christopher McKenzie ed68fcc752 Document credentials variable and env var 2016-08-17 10:29:25 -07:00
James Nugent 531a976306 provider/aws: Add aws_alb_target_group resource
This commit adds a resource, acceptance tests and documentation for the
Target Groups for Application Load Balancers.

This is the second in a series of commits to fully support the new
resources necessary for Application Load Balancers.
2016-08-17 15:48:16 +01:00
James Nugent 0b421b6998 provider/aws: Add `aws_alb` resource
This commit adds a resource, acceptance tests and documentation for the
new Application Load Balancer (aws_alb). We choose to use the name alb
over the package name, elbv2, in order to avoid confusion.

This is the first in a series of commits to fully support the new
resources necessary for Application Load Balancers.
2016-08-17 15:48:06 +01:00
kawa efd6b997ae provider/google: Fix typo in document. auto_create_subnets -> auto_create_subnetworks (#8250) 2016-08-17 07:50:05 +01:00
Radek Simko 523627ba24 Merge pull request #8239 from TimeIncOSS/f-aws-r53-zone-force-destroy
provider/aws: Add force_destroy option to aws_route53_zone
2016-08-17 07:10:00 +01:00
Mitchell Hashimoto 73f685a8b6 Merge pull request #8242 from TimeIncOSS/f-aws-elb-svc-acc-fix
aws: Implement naming changes for aws_elb_service_account
2016-08-16 15:30:10 -07:00
Paul Stack 5c8c325f43 docs/aws: Fixing the size documentation to be GiBs not GBs (#8240) 2016-08-16 21:07:59 +01:00
Radek Simko 73791b47b3
aws: Implement naming changes for aws_elb_service_account 2016-08-16 21:05:27 +01:00
Joe Topjian 9a324f1399 Merge pull request #8181 from fatmcgav/openstack_add_valuespec_subnet_v2_provider
provieder/openstack: Add 'value_specs' support for openstack_networki…
2016-08-16 13:25:59 -06:00
Brian Shumate c122ce0bf6 Updated Plugins section. (#8235)
- Minor update to remove some posisbly confusing discussion about
  pre 0.7 seperate binaries for plugins, and link to internal
  plugins section for more clarification of how plugins are
  handled in 0.7+.
2016-08-16 14:21:33 -05:00
Clint 72a81ff3ae provider/aws: Update ElasticTranscoder to allow empty notifications, removing notifications, etc (#8207)
* provider/aws: Add failing ETC + notifications test

* tidy up the docs some

* provider/aws: Update ElasticTranscoder to allow empty notifications, removing notifications, etc
2016-08-16 13:41:12 -05:00
Radek Simko 079e0c5b86
provider/aws: Allow force_destroying records in R53 hosted zone 2016-08-16 19:34:58 +01:00
James Nugent f933b2cf16 Merge pull request #8200 from hashicorp/fix-state-rm
core: Add `terraform state rm` command
2016-08-16 19:10:17 +01:00
Paul Stack 9fefcf62a4 docs/aws: Fixing the documentation (#8231) 2016-08-16 18:55:24 +01:00
Paul Stack 65aa02b6df provider/aws: DataSource for RedShift Account ID (#8224)
When you need to enable monitoring for Redshift, you need to create the
correct policy in the bucket for logging. This needs to have the
Redshift Account ID for a given region. This data source provides a
handy lookup for this

http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging

% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSRedshiftAccountId_basic'         2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/16 14:39:35 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftAccountId_basic -timeout 120m
=== RUN   TestAccAWSRedshiftAccountId_basic
--- PASS: TestAccAWSRedshiftAccountId_basic (19.47s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    19.483s
2016-08-16 17:58:46 +01:00
Tim Martin ddb62d026e Clean up whitespace in `aws_appautoscaling_policy` docs (#8228)
The whitespace in the documentation for `aws_appautoscaling_policy` was very confusing.  I believe it was due to a mix up of tabs and spaces.  It's much prettier and easier to read now.
2016-08-16 16:46:56 +01:00
Mitchell Hashimoto 3fdc08a9eb core: Add `terraform state rm` command and docs
This commit adds the `state rm` command for removing an address from
state. It is the result of a rebase from pull-request #5953 which was
lost at some point during the Terraform 0.7 feature branch merges.
2016-08-16 16:45:44 +01:00
Radek Simko 180d6d934a aws: Sort sidebar items alphabetically (#8223) 2016-08-16 12:37:33 +01:00
Radek Simko e356f27db6
aws: Add elb_account_id data source 2016-08-16 11:36:58 +01:00
James Nugent 90bdaef197 Merge pull request #8206 from hashicorp/f-aws-account-id
provider/aws: Add aws_account_id data source
2016-08-16 05:33:32 -05:00
James Nugent 3e14f56a96 provider/aws: Add aws_caller_identity data source
This data source provides access during configuration to the ID of the
AWS account for the connection to AWS. It is primarily useful for
interpolating into policy documents, for example when creating the
policy for an ELB or ALB access log bucket.

This will need revisiting and further testing once the work for
AssumeRole is integrated.
2016-08-16 11:24:26 +01:00
KOJIMA Kazunori 4b93f63d75 docs: Fix resource name (#8220) 2016-08-16 10:06:57 +01:00
Amos Shapira acd3d43bff Fix typo "yor" -> "your" 2016-08-16 09:10:41 +10:00
Christoph Blecker 84162586b0 Add support for using GCP Image Family names. (#8083) 2016-08-15 22:29:58 +01:00
Paul Stack c9dd75923f docs/azurerm: Adding a layout section for ServiceBus (#8197) 2016-08-15 18:14:45 +01:00
Andy Royle e18b1962a9 provider/azurerm: Add support for servicebus namespaces (#8195)
* add dep for servicebus client from azure-sdk-for-node

* add servicebus namespaces support

* add docs for servicebus_namespaces

* add Microsoft.ServiceBus to providers list
2016-08-15 18:00:00 +01:00
Srikalyan Swayampakula 2aa28c34ca Not Error out on AWS Lambda VPC config if both subnet_ids and security_group_ids are empty. (#6191)
AWS Lambda VPC config is an optional configuration and which needs to both subnet_ids and
security_group_ids to tie the lambda function to a VPC. We should make it optional if
both subnet_ids and security_group_ids are not net which would add better flexiblity in
creation of more useful modules as there are "if else" checks. Without this we are creating
duplicate modules one with VPC and one without VPC resulting in various anomalies.
2016-08-15 17:52:42 +01:00
Paul Stack 9a39057a4f docs/import: Add a note to the Import section that only ENV VARs can be used atm (#8194) 2016-08-15 17:06:50 +01:00
Noah Webb fe5d7d1c63 provider/google: Support Import of 'google_compute_instance_template' 2016-08-15 10:03:31 -04:00
stack72 fdb168e433
Merge branch 'add_volume' of https://github.com/ayudemura/terraform into ayudemura-add_volume 2016-08-15 08:28:54 +01:00
Gavin Williams ee56f1d075 provieder/openstack: Add 'value_specs' support for openstack_networking_subnet_v2 provider.
Updated provider documentation to support.
2016-08-15 08:28:37 +01:00
Krzysztof Wilczynski e943851429 Add ability to set Storage Class in aws_s3_bucket_object. (#8174)
An S3 Bucket owner may wish to select a different underlying storage class
for an object. This commit adds an optional "storage_class" attribute to the
aws_s3_bucket_object resource so that the owner of the S3 bucket can specify
an appropriate storage class to use when creating an object.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-15 07:30:47 +01:00