Commit Graph

2842 Commits

Author SHA1 Message Date
stack72 7e89c1d3a2
Merge branch 'paybyphone-paybyphone_GH_6396' 2016-09-03 23:10:27 +03:00
James Nugent 94ca84e772 Merge pull request #8638 from hashicorp/f-aws-assume-role
provider/aws: Add support for AssumeRole prior to operations
2016-09-03 13:04:03 -07:00
Chris Marchesi 38d2a2e717
provider/aws: VPC Peering: allow default peer VPC ID
Update the aws_vpc_peering_connection resource to allow peer_owner_id
to be omitted, defaulting to the connected AWS account ID (ie: for
VPC-to-VPC peers in the same account).

Also included is a doc cleanup and updates to the peer test in
resource_aws_route_table_test.go.

This fixes hashicorp/terraform#6396.
2016-09-03 23:03:31 +03:00
James Nugent e3ccb51168 provider/aws: Add assume_role block to provider
This replaces the previous `role_arn` with a block which looks like
this:

```
provider "aws" {
        // secret key, access key etc

	assume_role {
	        role_arn = "<Role ARN>"
		session_name = "<Session Name>"
		external_id = "<External ID>"
	}
}
```

We also modify the configuration structure and read the values from the
block if present into those values and adjust the call to AssumeRole to
include the SessionName and ExternalID based on the values set in the
configuration block.

Finally we clean up the tests and add in missing error checks, and clean
up the error handling logic in the Auth helper functions.
2016-09-03 12:54:30 -07:00
Ian Duffy 767914bbdc [GH-1275] Support for AWS access via IAMs AssumeRole functionality
This commit enables terraform to utilise the assume role functionality
of sts to execute commands with different privileges than the API
keys specified.

Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-09-02 10:22:57 -07:00
Jesse Mandel f168c90afa Update ami.html.markdown
typo `i368` to `i386`
2016-09-02 10:22:18 -07:00
Mitchell Hashimoto f4a7740beb Merge pull request #8629 from ProcessOut/scaleway-security_group_rule-port-documentation
provider/scaleway: Document ports in security group rules properly
2016-09-02 10:06:45 -07:00
Louis-Paul Dareau 7adcac2d6c
provider/scaleway: Fix a documentation typo 2016-09-02 12:16:42 -04:00
Louis-Paul Dareau ab36c4299f
provider/scaleway: Document ports in security group rules properly 2016-09-02 12:10:52 -04:00
James Nugent 93f31fce17 provider/aws: Add aws_s3_bucket_policy resource
This commit adds a new "attachment" style resource for setting the
policy of an AWS S3 bucket. This is desirable such that the ARN of the
bucket can be referenced in an IAM Policy Document.

In addition, we now suppress diffs on the (now-computed) policy in the
S3 bucket for structurally equivalent policies, which prevents flapping
because of whitespace and map ordering changes made by the S3 endpoint.
2016-09-02 09:07:54 -07:00
Joe Topjian 20b25043b6 Merge pull request #8625 from Fodoj/provider-openstack-lb2-better-docs
provider/openstack: Fix documentation of openstack LBaaS resources
2016-09-02 08:39:45 -06:00
liamjbennett e98e5fb017
provider/aws: add aws_ssm_association resource 2016-09-02 16:46:05 +03:00
Sander van Harmelen 47dd1ad153 Add wildcard (match all) support to ignore_changes (#8599) 2016-09-02 15:44:35 +02:00
Kirill Shirinkin b4ac5bcf17 provider/openstack: Fix the list of available LB methods for LB pool 2016-09-02 07:54:29 -05:00
Kirill Shirinkin 52f130cb64 provider/openstack: Fix documentaion for whole LBaaS v2 group 2016-09-02 07:51:44 -05:00
Kirill Shirinkin 3468b6d9f1 provider/openstack: Improve documentation of openstack lb v2 member 2016-09-02 07:35:14 -05:00
Paul Stack 827a899c9b Merge pull request #8619 from BabakMN/fix-iam-policy-document-documentation
Add missing json attribute to documentation for aws_iam_policy_document
2016-09-02 08:11:22 +01:00
Paul Stack 05994cef31 Merge pull request #7694 from jtopjian/provider-rabbitmq
RabbitMQ Provider
2016-09-02 08:08:18 +01:00
Babak Mahmoudy 28767a20df Add missing json attribute to documentation 2016-09-02 12:55:14 +10:00
Alfonso Cabrera 30ea22c252 Fix multiple typos (#8611) 2016-09-01 15:07:58 -05:00
Joe Topjian d1e6f5c3dc provider/rabbitmq: docs 2016-09-01 19:04:41 +00:00
Juan Carlos Alonso cab71c98cd Minor typos 2016-09-01 11:30:55 +01:00
Sander van Harmelen 1a85d06843 Fix the acceptance tests and some cosmetic tweaks (#8598) 2016-09-01 11:19:37 +02:00
Bart van der Schans 0835b64456 Add ability to manage cloudstack affinity groups (#8360)
Add documentation for cloudstack affinity group resource

Implement improvements from review by svanharmelen

Update to latest go-cloudstack v2.1.3
2016-09-01 10:48:49 +02:00
stack72 019a13eb7f
Merge branch 'elblivion-librato-alerts' 2016-08-31 21:46:15 +01:00
Paul Stack 5de8137eb3 Merge pull request #8582 from hashicorp/fix-aws-alb-docs
docs/aws: `aws_alb` name parameter is now documented as a Required field
2016-08-31 20:17:59 +01:00
stack72 a6c55ddea9
Merge branch 'librato-alerts' of https://github.com/elblivion/terraform into elblivion-librato-alerts 2016-08-31 20:14:52 +01:00
stack72 cea2ff6be0
docs/aws: `aws_alb` name parameter is now documented as a Required
field

The validation rules are also included in the documentation

Fixes #8561
2016-08-31 20:06:04 +01:00
Anthony Stanton 83d4a71423
fixup! Support for Librato Alerts and Services 2016-08-31 17:20:20 +02:00
zhuk-intetics 3308b974e2 Update interpolation.html.md 2016-08-31 10:19:17 +03:00
Sean Knight 76ea6c59cd website: fix error in the Kinesis Firehose ElasticSearch example
"destination" was set to "redshift" by mistake.
2016-08-29 17:00:38 -07:00
stack72 d330ac4d26
docs/aws: AWS ELB access_logs now support whether to enable or disable logging 2016-08-29 21:15:10 +01:00
Radek Simko cc38378870 provider/aws: API Gateway Custom Authorizer (#8535)
* [WIP] AWS APIGateway Custom Authorizer

* provider/aws: api_gateway_method - Add missing fields to Read+Update

* provider/aws: Make API Gateway name in test more specific

* provider/aws: APIG - Use minimal configuration in create request
2016-08-29 20:51:59 +01:00
Krzysztof Wilczynski 52eeaa0b72 Fix example. Do not use deprecated attribute. (#8531)
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-29 15:39:29 +01:00
Paul Stack 53ac54ac06 docs/aws: Add `primary_endpoint_address` to the docs for (#8528)
`aws_elasticache_replication_group`
2016-08-29 14:39:15 +01:00
stack72 b158cbc2dd
docs/statuscake: Adding the parameter to the docs 2016-08-29 00:00:27 +01:00
Martin Atkins 5412ad54f7 Merge #8507: Installation guide to reflect the single-binary model from 0.7 2016-08-27 13:18:04 -07:00
Martin Atkins 4f906dba7a Merge #8403: name_regex attribute on aws_ami data source 2016-08-27 13:11:45 -07:00
Martin Atkins 39d68025a5 Merge #8505: correct mistake in example for aws_ip_ranges data source 2016-08-27 07:28:58 -07:00
Clint daac877c82 provider/aws: Get and export ASG ARN value (#8503) 2016-08-27 15:20:11 +01:00
Neil Calabroso f425472862 Update installation guide
Mention that there's only a single binary file in package as of 0.7.2
2016-08-27 16:14:36 +08:00
knakayama 0b67962338 Fix doc for provider/aws_ip_ranges 2016-08-27 09:41:34 +09:00
Clint 3cfce54910 Update alb_listener_rule.html.markdown
fix typo
2016-08-26 09:40:36 -05:00
sethp-jive 36d0e6690d aws_iam_instance_profile: Restrict example perms
In this example, principal "AWS": "*" tells IAM that any user in the world can assume that role as long as they know the account ID + role name. 

In my testing, "Service": "ec2.amazonaws.com" is sufficiently permissive to allow the instance_profile to work without allowing global accesses.
2016-08-25 15:28:39 -07:00
Clint 49ecfe8921 provider/aws: Add aws_default_route_table resource (#8323)
* provider/aws: Add docs for Default Route Table

* add new default_route_table_id attribute, test to VPC

* stub

* add warning to docs

* rough implementation

* first test

* update test, add swap test

* fix typo
2016-08-25 16:02:44 -05:00
stack72 0087068a0e
provider/aws: `aws_ecs_container_definition` datasource parameter
changes to memory_reservation
2016-08-25 18:10:08 +01:00
Radek Simko 1494f493a2 aws/docs: Add missing ssm link to the sidebar (#8476) 2016-08-25 17:46:52 +01:00
stack72 0985f39e99
v0.7.2 2016-08-25 14:29:18 +00:00
Paul Stack 0adc1fc4b2 provider/aws: Allow `aws_rds_instance` to upgrade the major version (#8471)
Fixes #8468

If a user wished to bump the `engine_version` of an RDS instance,
Terraform was not sending `allow_major_version_upgrade` to the API
*unless* that value also changed at the same time. This caused the
following error from RDS API:

```
* aws_db_instance.bar: Error modifying DB Instance
* tf-20160825101420910562798obb: InvalidParameterCombination: The
* AllowMajorVersionUpgrade flag must be present when upgrading to a new
* major version.
    status code: 400, request id: 20e36364-6ab0-11e6-b794-51f12f4135f1
```

This change will always send the `allow_major_version_upgrade` flag to
the API when the `engine_version` changes.

This still relies on the user setting the correct value i.e. if they are
upgrading from postgres 0.4.7 -> 9.5.2 then the config will need to set
the `allow_major_version_upgrade` flag to be `true`
2016-08-25 13:54:40 +01:00
Paul Stack 64510d9cfb provider/aws: Adding `aws_ssm_document` resource (#8460)
* provider/aws: add `aws_ssm_document` resource

* provider/aws: Changes to `aws_ssm_document` post code review

The changes are things like using d.Id rather than d.Get("name").(string)

and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 09:47:24 +01:00