Commit Graph

1206 Commits

Author SHA1 Message Date
Niclas Nilsson 2a5b3e406d Bugfix in example
Shouldn't the aws_route53_record in the example should use the "dev" zone_id?
2016-10-21 11:11:39 +02:00
Pat Downey 89803a2d00 fix incorrect reference to iops property in `aws_ami` data source 2016-10-20 09:50:04 -05:00
Krzysztof Wilczynski 2c67f9e875
Re-factor documentation for the aws_ecs_task_definition resource.
This commits changes the documentation of the aws_ecs_task_definition
resource to ensure that the `container_definitions` attribute consumes
a valid JSON document containing a list of valid container definitions,
rather than that the attribute itself is a list, etc.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-19 16:29:43 +01:00
@tmshn 8ec06e82b6 Added "arn" attribute to AWS Lambda alias 2016-10-16 21:43:44 +09:00
dnABic 4daf9eeef4 Changing t1.micro to t2.micro and m4.large 2016-10-15 01:02:44 +02:00
dnABic c1d6e36616 Changing t1 to t2 and us-east-1 to us-west-2 2016-10-15 00:37:30 +02:00
James Turnbull 523fffe176 Data source docs missing `data.`
Several variables were missing the `data.` prefix in the new subnet and
VPC data source documentation.
2016-10-15 06:32:20 +11:00
Clint 46ee2ef51a Merge pull request #6819 from hashicorp/f-aws-vpc-data-sources
provider/aws: data sources for AWS network planning
2016-10-13 14:17:55 -05:00
Nick Santamaria 6edbe2faf3 Removed errant backtick in AWS provider documentation. (#9317) 2016-10-13 08:50:46 -07:00
Dave Walter 5a40fa2914 Update the docs for the AWS security_group_rule resource.
- clarify the description of the from/to port arguments
2016-10-12 12:24:45 -07:00
Joel Vasallo 7dd376216b Added documentation around access_logs enabled and reverted default
value to true
2016-10-10 10:05:13 -05:00
Nick Walke e52ab28218
Add reference about AWS IAM policy requirements
This adds a note in the `aws_iam_policy_document` documentation that
`resources` is required by AWS if used on an IAM policy.  Also added a
note on `aws_iam_policy` that `aws_iam_policy_document` is a good thing
to use when configuring.

Closes #9002
2016-10-07 13:25:12 -05:00
Paul Stack dd66af0fa0 Merge pull request #8701 from steveh/feature/aws-billing-service-account
provider/aws: Add AWS Billing & Cost Management service account
2016-10-07 13:34:51 +01:00
DJ Home 56f35dd67d
Add ability to import AWS OpsWorks Custom Layers 2016-10-07 11:57:11 +01:00
Krzysztof Wilczynski 1260b3a9b5
Add new "ANY" as valid HTTP method to API Gateway validator.
This commit adds a new HTTP method to a list of valid HTTP methods which
is now accepted by API Gateway.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-06 16:11:45 +01:00
clint shryock dad6face2b re-go-fmt after rebase
use us-west-2 region in tests

update test with working config

provider/aws: Update EMR contribution with passing test, polling for instance in DELETE method

remove defaulted role

document emr_cluster

rename aws_emr -> aws_emr_cluster

update docs for name change

update delete timeout/polling

rename emr taskgroup to emr instance group

default instance group count to 0, down from 60

update to ref emr_cluster, emr_instance_group

more cleanups for instance groups; need to read and update

add read, delete method for instance groups

refactor the read method to seperate out the fetching of the specific group

more refactoring for finding instance groups

update emr instance group docs

err check on reading HTTP. Dont' return the error, just log it

refactor the create method to catch optionals

additional cleanups, added a read method

update test to be non-master-only

wrap up the READ method for clusters

poll for instance group to be running after a modification

patch up a possible deref

provider/aws: EMR cleanups

fix test naming

remove outdated docs

randomize emr_profile names
2016-10-05 14:30:16 -05:00
Paul Stack aa97ebd0e7 Merge pull request #9220 from AMeng/import-db-event-sub
provider/aws: Import aws_db_event_subscription
2016-10-05 01:03:53 +01:00
AMeng b7fae4028c provider/aws: Import aws_db_event_subscription 2016-10-04 15:24:30 -06:00
Michael Henry 0dd9a0db4b document new api_gateway_integration type values 2016-10-04 15:56:38 -04:00
Nick Walke aa87472aa2
Added note about us-east-1 ACM certs.
Fixes hashicorp/terraform#9170
2016-10-03 11:23:53 -05:00
Paul Stack 2d90f8a91c Merge pull request #9140 from hashicorp/import-aws-elasticache_replication_groups
provider/aws: Support Import of AWS elasticache_replication_groups
2016-10-03 16:59:31 +01:00
stack72 520f96e84b
provider/aws: Support Import of AWS elasticache_replication_groups
Fixes #9094

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/30 00:09:04 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSElasticacheReplicationGroup_importBasic -timeout 120m
=== RUN   TestAccAWSElasticacheReplicationGroup_importBasic
--- PASS: TestAccAWSElasticacheReplicationGroup_importBasic (756.38s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws756.398s
```
2016-10-03 16:52:29 +01:00
stack72 2f81f47d49
Merge branch 'import-opsworks-stacks' of https://github.com/DJRH/terraform into DJRH-import-opsworks-stacks 2016-10-03 16:23:03 +01:00
Paul Stack a72719a06b Revert "Fix docs aws_instance" 2016-10-03 15:45:34 +01:00
DJ Home 967335eae3 Merge branch 'master' into import-opsworks-stacks 2016-10-03 11:28:28 +01:00
dnABic 1cfc27730f Changing virtualization type in documentation for aws_instance 2016-10-02 23:54:16 +02:00
dnABic 34764c52af mostly typos in documens and aws autoscaling id instead of name 2016-09-30 22:41:15 +02:00
Alex Meng f6ce1ff5a5 Docs: Example import for cloudfront_distribution 2016-09-29 14:40:57 -06:00
DJ Home 1bc154535f Add ability to import OpsWorks stacks 2016-09-29 11:44:58 +01:00
Paul Stack b6718de299 Merge pull request #9010 from hashicorp/aws-elasticache-cluster-import
Aws elasticache cluster import
2016-09-28 19:49:42 +01:00
Anshul Sharma 1d443e87bc Fix docs
Fixes #8714
2016-09-27 13:26:15 +05:30
Radek Simko ac7f551155
aws: Fix docs after changing Aurora instance schema 2016-09-26 20:50:20 +01:00
hanks e12f42a8b5 remove `description` section in Argument Reference of AWS_DEFAULT_SECURITY_GROUP,
because do not support description field according to the source code.
2016-09-26 13:55:57 -05:00
Martin Atkins 94c45c67cd provider/aws: aws_region data source
The primary purpose of this data source is to ask the question "what is
my current region?", but it can also be used to retrieve the endpoint
hostname for a particular (possibly non-current) region, should that be
useful for some esoteric case.
2016-09-24 15:19:33 -07:00
Martin Atkins fca9216f53 provider/aws: availability zone data source
This adds a singular data source in addition to the existing plural one.
This allows retrieving data about a specific AZ.

As a helper for writing reusable modules, the AZ letter (without its
usual region name prefix) is exposed so that it can be used in
region-agnostic mappings where a different value is used per AZ, such as
for subnet numbering schemes.
2016-09-24 15:19:33 -07:00
Martin Atkins aa0b6019f8 provider/aws: aws_vpc data source 2016-09-24 15:19:33 -07:00
Martin Atkins 82f958cc17 provider/aws: aws_subnet data source 2016-09-24 15:19:33 -07:00
Sean Chittenden 31f20a1f31
AWS S3 bucket life_cycle rule IDs must be unique. 2016-09-23 15:09:25 -07:00
Alex Meng 79e1c55680 aws_flow_docs
Update aws_flow_log docs with aws_cloudwatch_log_group resource example.
2016-09-23 11:18:17 -06:00
Chris Marchesi 5af63c233e
provider/aws: Add query_string_cache_keys to aws_cloudfront_distribution
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.

This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
2016-09-23 13:11:05 +01:00
Chris Marchesi ec2b345ed0
provider/aws: Enable aws_cloudfront_distribution HTTP/2
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.

Fixes hashicorp/terraform#8730.
2016-09-23 13:10:33 +01:00
stack72 cea685099e
Merge branch 'elasticache-cluster-import' of https://github.com/AMeng/terraform into AMeng-elasticache-cluster-import 2016-09-23 10:04:57 +01:00
Paul Stack a8a1f6d166 Merge pull request #9007 from steve-jansen/patch-2
Update aws_lambda_permission doc for CloudWatch Events
2016-09-23 09:00:52 +01:00
tomgoren 208dc514df Fixed typo - no such thing as `aws_target_group` (#9005)
It seems like there was a typo and a reference was made to
`aws_target_group`, when the actual resource name is
`aws_alb_target_group`.
2016-09-22 22:21:03 -05:00
Clint b7ad602993 provider/aws: Fix importing of EIP by IP address (#8970)
* provider/aws: Fix importing of EIP by IP address

EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.

This PR does:

- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id

I chose not to document that looking up by IP is a method of import,
because the AWS  API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.

Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.

* fix issue with swapping IDs on EC2 Classic

* update docs

* update comment
2016-09-22 21:53:21 -05:00
Steve Jansen 2e7e284bc9 Update aws_lambda_permission for CloudWatch Events
Based on support case with AWS, CloudWatch Events invoking Lambda should also specify the `source_arn`

Example, the resulting policy needs to be like:
```
{
    "Condition": {
        "ArnLike": {
            "AWS:SourceArn": "arn:aws:events:us-east-1:0123456789:rule/my-cloudwatch-events-rule"
        }
    },
    "Action": "lambda:InvokeFunction",
    "Resource": "arn:aws:lambda:us-east-1:0123456789:function:my-lambda-function",
    "Effect": "Allow",
    "Principal": {
        "Service": "events.amazonaws.com"
    },
    "Sid": "AllowMyCloudWatchEventRuleToCallMyLambda"
}
```
2016-09-22 20:14:42 -04:00
Jarrod Jackson 50eb2338f0 Correct a typo in the description of the master_password argument. (#9004) 2016-09-22 15:58:02 -05:00
stack72 9fbbc343e9
provider/aws: VPC ID, Port, Protocol and Name change on
aws_alb_target_group will ForceNew resource

Fixes #8741

The modify-target-group doesn't allow changes to name, port, protocol or
vpc_id - therefore, they should all be ForceNew: true

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/22 16:04:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (50.66s)
=== RUN   TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (84.48s)
=== RUN   TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (95.89s)
=== RUN   TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (85.77s)
=== RUN   TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (85.00s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (88.11s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (82.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    572.083s
```
2016-09-22 17:12:39 +01:00
Paul Stack 27a89ff405 Merge pull request #8671 from hashicorp/f-aws-firehose-cloudwatch
provider/aws: Add support for `cloudwatch_logging_options` to AWS Kinesis Firehose Delivery Streams
2016-09-22 10:01:44 +01:00
James Nugent a64898e0eb provider/aws: Fix other example of vpc_id => id
Also related to #8981.
2016-09-22 09:09:13 +01:00
James Nugent 38b9467dae provider/aws: Change vpc_id to id in documentation 2016-09-22 08:44:22 +01:00
Jay Wallace 45da08c67f
Allow use of protocol numbers for ah and esp 2016-09-21 11:52:23 -07:00
stack72 067a2744c7
docs/aws: Adding as an exported parameter for the resource 2016-09-20 17:35:04 +01:00
Paul Stack e9e1896ad4 Merge pull request #8775 from TimeIncOSS/f-aws-api-gateway-client-cert
provider/aws: Add API Gateway Client Certificate
2016-09-20 16:52:01 +01:00
Arthur Barr 21563be27c Add heading markdown
It looks like the text is written with the intention of it being a heading, but it wasn't marked as such, which meant it read strangely in HTML.
2016-09-20 09:22:21 +01:00
Rick Fletcher 558cd3b230 Fix typos in the aws_default_security_group docs (#8927)
- "arguement" → "argument"
- link to the default AWS docs, not the fr_fr version
2016-09-19 22:42:50 -05:00
Jay Wallace 8bb4f7f05b Update redshift_security_group.html.markdown
underscores are not valid
2016-09-19 10:47:18 -07:00
Jay Wallace cd9437a82a Update redshift_subnet_group.html.markdown 2016-09-18 21:41:29 -07:00
Cameron Stokes 351c6bed79 Minor typo in aws_default_security_group docs. 2016-09-16 09:47:54 -07:00
Clint 69f44a04e9 provider/aws: Add reader_endpoint RDS Clusters (supersedes #8878) (#8884)
* provider/aws: Add support for Aurora ReaderEndpoint

* provider/aws: Add reader_endpoint to the schema, document, test
2016-09-16 16:45:04 +01:00
Adrian Hesketh 19e8932a92 Clarify how to notify multiple lambdas (#8854)
Clarified that to send notifications to more than one Lambda function requires a single `s3_bucket_notification` element with multiple `lambda_function` configuration elements.

If multiple `s3_bucket_notification` elements, each with a single `lambda_function` element are used, one of the configurations is applied, seemingly at random.
2016-09-15 15:28:07 -05:00
Clint 79bb2e8a87 provider/aws: Add Default Security Group Resource (#8861)
* Docs for default security group
* overrides of default behavior
* add special disclaimer
* update to support classic environments
2016-09-15 13:59:20 -05:00
Laurent Crisci 64acf0afe5 Fixed typo in aws_elb_attachment website docs
The instance argument is a string and not a list.
It will give you an error if you try to define it as a list.
2016-09-14 23:17:19 +01:00
James Nugent 9d51ebd0aa provider/aws: Expose ARN suffix on ALB (#8833)
When creating a CloudWatch Metric for an Application Load Balancer it is
neccessary to use the suffix of the ARN as the reference to the load
balancer. This commit exposes that as an attribute on the `aws_alb`
resource to prevent the need to use regular expression substitution to
make the reference.

Fixes #8808.
2016-09-14 15:50:10 +01:00
Kerim Satirli 5aa1d3a4e5 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN 2016-09-14 11:18:47 +02:00
James Nugent 10226030dd Merge pull request #8823 from RodrigoAlmodovar/patch-1
Update ses_receipt_rule_set.html.markdown
2016-09-14 01:15:41 -07:00
Kerim Satirli dfb85fb0d7 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN (#8816)
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: https://github.com/hashicorp/terraform/pull/1785)

Example ENV:

```
AWS_SECURITY_TOKEN="FQo...vgU="
AWS_ACCESS_KEY_ID="A...A"
AWS_SECRET_ACCESS_KEY="I...t"
AWS_DEFAULT_REGION="eu-west-1"
```
This errors with messages akin to "AWS was not able to validate the provided access credentials".

Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: d1ac7d3b2e/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go (L69), making this whole thing a documentation change.

Happy to provide test cases or additional insights though!
2016-09-13 13:04:46 -05:00
RodrigoAlmodovar d29fb0b691 Update ses_receipt_rule_set.html.markdown
Title was wrong. It said aws_ses_active_receipt_rule_set while the page is referred to aws_ses_receipt_rule_set
2016-09-13 17:19:04 +02:00
Silvio Moioli 78bb87082b aws_instance doc: fix attachment resource name
Correct name is `aws_volume_attachment`.
2016-09-13 08:41:39 +02:00
Paul Stack 44bc70971d Merge pull request #8673 from hashicorp/f-aws-alb-generated-name
provider/aws: Allow `aws_alb` to have the name auto-generated
2016-09-12 11:04:47 +01:00
stack72 229f2698ce
Merge branch '6973-codecommit-trigger' of https://github.com/optimisticanshul/terraform into optimisticanshul-6973-codecommit-trigger 2016-09-12 10:44:32 +01:00
stack72 20ad3e0b2f
provider/aws: Allow `aws_alb` to have the name auto-generated
In order to satisify scenarios where a lifecycle is block is used, we
would need the AWS ALB name field to be autogenerated. WE follow the
same work as AWS ELB, we prefix it with `tl-lb-`

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/08 12:43:40 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout
120m
=== RUN   TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (79.81s)
=== RUN   TestAccAWSALB_generatedName
--- PASS: TestAccAWSALB_generatedName (93.81s)
=== RUN   TestAccAWSALB_namePrefix
--- PASS: TestAccAWSALB_namePrefix (73.48s)
=== RUN   TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (181.32s)
=== RUN   TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (66.03s)
=== RUN   TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (130.82s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    625.285s
```
2016-09-12 10:38:13 +01:00
Radek Simko 46d5d51ad6
provider/aws: Add API Gateway Client Certificate 2016-09-12 10:09:47 +01:00
Paul Stack 04e675c663 Merge pull request #8779 from TimeIncOSS/docs-fix-misspellings
docs: Fix misspelled words
2016-09-12 09:41:26 +01:00
Anshul Sharma 7150bafb84 Remove Region Condition From CodeCommit Repo Resource (#8778) 2016-09-12 07:30:46 +01:00
Radek Simko 43de2afde1
docs: Fix misspelled words 2016-09-12 07:08:00 +01:00
Anshul Sharma 497063af3e Added Codecommit Trigger 2016-09-12 10:17:04 +05:30
Steve Hoeksema 1d04cdb9bc Export AWS ELB service account ARN (#8700) 2016-09-11 19:13:58 +01:00
stack72 d81cbdb4fb
provider/aws: Add support for `cloudwatch_logging_options` to AWS
Kinesis Firehose Delivery Streams

Fixes #7152

Adding support for CloudWatch Logging to Firehose as per the
instructions here -
http://docs.aws.amazon.com/firehose/latest/dev/monitoring-with-cloudwatch-logs.html

```

```
2016-09-07 23:29:08 +01:00
Paul Stack de53db01b9 Merge pull request #8653 from TimeIncOSS/f-aws-lambda-publish
provider/aws: Support 'publish' attribute in lambda_function
2016-09-07 09:32:01 +01:00
Steve Hoeksema 74587baa4a Add AWS Billing & Cost Management service account
This adds a very simple data source for the AWS Billing account ID magic number.

Used to allow AWS to dump detailed billing reports into an S3 bucket you control.

http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2
2016-09-07 17:43:45 +12:00
Marcus Noble 55a43c444a Corrected stage_name argument 2016-09-06 16:40:08 +01:00
Radek Simko 5820ce6c5c
provider/aws: Add aws_sqs_queue_policy 2016-09-05 08:17:48 +01:00
Radek Simko c1178967b0
provider/aws: Add aws_sns_topic_policy 2016-09-04 18:34:24 +01:00
Radek Simko 03df8360cb
provider/aws: Support 'publish' attribute in lambda_function 2016-09-04 17:15:35 +01:00
James Nugent 6c23181686 Merge pull request #8383 from kjmkznr/import-aws-s3-b-notification
provider/aws: Support import `aws_s3_bucket_notification`
2016-09-03 15:50:25 -07:00
stack72 49b8568bec
provider/aws: `aws_cloudwatch_log_stream` resource
This is a requirement for enabling CloudWatch Logging on Kinesis
Firehost

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchLogStream_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/02 16:19:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSCloudWatchLogStream_ -timeout 120m
=== RUN   TestAccAWSCloudWatchLogStream_basic
--- PASS: TestAccAWSCloudWatchLogStream_basic (22.31s)
=== RUN   TestAccAWSCloudWatchLogStream_disappears
--- PASS: TestAccAWSCloudWatchLogStream_disappears (21.21s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    43.538s
2016-09-04 00:26:02 +03:00
James Nugent 54784864fc Merge pull request #8640 from TimeIncOSS/f-aws-cloudformation-data-source
provider/aws: Add cloudformation_stack data source
2016-09-03 14:16:46 -07:00
Paul Stack 0370f41df5 Merge pull request #8440 from hashicorp/aws-spotfeed-sub
provider/aws: New resource `aws_spot_datafeed_subscription`
2016-09-04 00:16:14 +03:00
Paul Stack 7485061635 Merge pull request #8637 from jrm16020/jeremy_tls_provider_docs_update
Adding reference to docs for supported ECDSA curves.
2016-09-03 23:11:57 +03:00
stack72 7e89c1d3a2
Merge branch 'paybyphone-paybyphone_GH_6396' 2016-09-03 23:10:27 +03:00
James Nugent 94ca84e772 Merge pull request #8638 from hashicorp/f-aws-assume-role
provider/aws: Add support for AssumeRole prior to operations
2016-09-03 13:04:03 -07:00
Chris Marchesi 38d2a2e717
provider/aws: VPC Peering: allow default peer VPC ID
Update the aws_vpc_peering_connection resource to allow peer_owner_id
to be omitted, defaulting to the connected AWS account ID (ie: for
VPC-to-VPC peers in the same account).

Also included is a doc cleanup and updates to the peer test in
resource_aws_route_table_test.go.

This fixes hashicorp/terraform#6396.
2016-09-03 23:03:31 +03:00
James Nugent e3ccb51168 provider/aws: Add assume_role block to provider
This replaces the previous `role_arn` with a block which looks like
this:

```
provider "aws" {
        // secret key, access key etc

	assume_role {
	        role_arn = "<Role ARN>"
		session_name = "<Session Name>"
		external_id = "<External ID>"
	}
}
```

We also modify the configuration structure and read the values from the
block if present into those values and adjust the call to AssumeRole to
include the SessionName and ExternalID based on the values set in the
configuration block.

Finally we clean up the tests and add in missing error checks, and clean
up the error handling logic in the Auth helper functions.
2016-09-03 12:54:30 -07:00
stack72 900e14e168
provider/aws: New resource `aws_spot_datafeed_subscription`
Fixes: #4922

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSpotDatafeedSubscription_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 10:46:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSpotDatafeedSubscription_ -timeout 120m
=== RUN   TestAccAWSSpotDatafeedSubscription_importBasic
--- PASS: TestAccAWSSpotDatafeedSubscription_importBasic (56.31s)
=== RUN   TestAccAWSSpotDatafeedSubscription_basic
--- PASS: TestAccAWSSpotDatafeedSubscription_basic (56.77s)
=== RUN   TestAccAWSSpotDatafeedSubscription_disappears
--- PASS: TestAccAWSSpotDatafeedSubscription_disappears (56.79s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    169.893s
```
2016-09-03 20:06:40 +03:00
Radek Simko a3c21d6c3b
provider/aws: Add cloudformation_stack data source 2016-09-03 11:33:59 +01:00
Jeremy Young b295192ed3 Adding reference in ELB docs for supported ECDSA curves. 2016-09-02 16:25:20 -05:00
Ian Duffy 767914bbdc [GH-1275] Support for AWS access via IAMs AssumeRole functionality
This commit enables terraform to utilise the assume role functionality
of sts to execute commands with different privileges than the API
keys specified.

Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-09-02 10:22:57 -07:00
Jesse Mandel f168c90afa Update ami.html.markdown
typo `i368` to `i386`
2016-09-02 10:22:18 -07:00
James Nugent 93f31fce17 provider/aws: Add aws_s3_bucket_policy resource
This commit adds a new "attachment" style resource for setting the
policy of an AWS S3 bucket. This is desirable such that the ARN of the
bucket can be referenced in an IAM Policy Document.

In addition, we now suppress diffs on the (now-computed) policy in the
S3 bucket for structurally equivalent policies, which prevents flapping
because of whitespace and map ordering changes made by the S3 endpoint.
2016-09-02 09:07:54 -07:00