Commit Graph

7381 Commits

Author SHA1 Message Date
Paul Forman 484887c0c5 Change default for logging in CloudTrail to true
The default for `enable_logging`, which defines whether CloudTrail
actually logs events was originally written as defaulting to `false`,
since that's how AWS creates trails.

`true` is likely a better default for Terraform users.

Changed the default and updated the docs.
Changed the acceptance tests to verify new default behavior.
2015-11-22 10:47:23 -07:00
James Nugent 774ed1ded8 Merge pull request #4012 from rakutentech/rename-function
provider/vsphere: Rename create* functions
2015-11-22 11:34:42 +02:00
Paul Forman c9eeb161e0 Add a comment in tests
The purpose of the first test of enable_logging wasn't quite clear.

It's future-proofing against the assumptions made about AWS behavior.
2015-11-21 14:55:08 -07:00
Paul Forman f98dbbb580 Tests and docs for AWS CloudTrail "enable_logging"
Add acceptance tests for creation, enable, and disable logging.

Add option to docs and example.
2015-11-21 00:18:38 -07:00
Paul Forman 52db098292 Add enable_logging to AWS CloudTrail
The AWS CloudTrail resource is capable of creating CloudTrail resources,
but AWS defaults the actual logging of the trails to `false`, and
Terraform has no method to enable or monitor the status of logging.

CloudTrail trails that are inactive aren't very useful, and it's a
surprise to discover they aren't logging on creation.

Added an `enable_logging` parameter to resource_aws_cloudtrail to enable
logging.  This requires some extra API calls, which are wrapped in new
internal functions.

For compatibility with AWS, the default of `enable_logging` is set to
`false`.
2015-11-21 00:18:38 -07:00
clint shryock 233aab6e0a provider/aws: Fix issue deleting users who are attached to a group
If you want to delete an IAM user, that user must not belong to any groups
2015-11-20 16:54:26 -06:00
Clint cf87ede5dd Update CHANGELOG.md 2015-11-20 14:50:41 -06:00
Clint cc70d25dc5 Merge pull request #3898 from hashicorp/b-aws-elb-iam-cert-delete
providers/aws: Retry deleting IAM Server Cert on dependency violation
2015-11-20 14:50:18 -06:00
Clint f26be08091 Update CHANGELOG.md 2015-11-20 14:49:24 -06:00
Clint 9edbf6a7fc Merge pull request #3908 from hashicorp/b-elb-cookie-fix
provider/aws: Fix issue with LB Cookie Stickiness and empty expiration period
2015-11-20 14:49:00 -06:00
Paul Hinze c7dc1c10a3 helper/schema: skip StateFunc when value is nil
This takes the nil checking burden off of StateFunc.

fixes #3586, see that issue for further discussion
2015-11-20 14:07:18 -06:00
Paul Hinze 5ec446718a Merge pull request #4000 from hashicorp/phinze/keys-for-schema-test-cases
helper/schema: name test cases w/ strings
2015-11-20 14:06:37 -06:00
Paul Hinze 938281024f helper/schema: name test cases w/ strings
I promised myself that next time I jumped in this file I'd fix this up.
Now we don't have to manually index the file with comments, we can just
add descriptive names to the test cases!
2015-11-20 13:51:34 -06:00
Clint ed3399593a Merge pull request #3996 from hashicorp/b-aws-test-fixes
Adjustments for AWS Acceptance tests
2015-11-20 13:28:25 -06:00
clint shryock 9eb46c28b2 use a log group resourcE 2015-11-20 13:15:20 -06:00
clint shryock cf5b32617b fix vpn gateway refresh/reattach issue 2015-11-20 11:47:10 -06:00
stack72 74c93d3a46 Reording the code for the creation of a Floating IP for a droplet. The call to the DO api takes a few seconds to propagate so I had to sacriface some kittens and added a short 10 second sleep 2015-11-20 19:12:31 +02:00
stack72 7bda855590 Adding the work to assign a Floating IP to a Droplet 2015-11-20 19:12:31 +02:00
stack72 9cf1c2943c Adding the first pass of the work to get a floatingip assigned to a region 2015-11-20 19:12:30 +02:00
Paul Hinze 24d15820c1 provider/heroku: fix acc test
depends_on requires a list of strings. the old parser would silently
ignore this field, but the new one returned a syntax error.
2015-11-20 10:51:34 -06:00
Paul Hinze c637ca039c Merge pull request #3987 from hashicorp/b-aws-test-fixes
AWS Test fixtures updates
2015-11-20 10:36:38 -06:00
Paul Hinze 2f25d57e7c Merge pull request #3993 from lwander/b-gcp-test-ssl-cert
provider/google: self-signed ssl certs for testing
2015-11-20 10:36:27 -06:00
Lars Wander 93ff7edb13 provider/google: self-signed ssl certs for testing 2015-11-20 11:32:25 -05:00
Paul Hinze e67551a641 provider/docker: fix image test
there's a new latest in town
2015-11-20 09:58:03 -06:00
Paul Hinze e9a18a8f9f provider/google: fix sql database test
Was missing a required parameter

/cc @lwander @sparkprime
2015-11-20 09:52:23 -06:00
clint shryock 73475edceb update TestAccAWSFlowLog_subnet to use new cloudwatch resource, not needing env var anymore 2015-11-20 09:39:43 -06:00
clint shryock fe204bb291 error test when env var is not supplied 2015-11-20 09:39:17 -06:00
clint shryock 4d0699b9dd mark snapshots as computed for ElastiCache clusters 2015-11-20 09:39:17 -06:00
Takaaki Furukawa cb84b98ce4 provider/vsphere: Rename functions 2015-11-20 21:01:02 +09:00
Paul Hinze 887839ce23 provider/digitalocean: remove relative CNAME test
Heard back from DO support:

> we require it to be a FQDN for a CNAME record in our DNS system.

/cc @paystee, the original author here
2015-11-19 18:36:58 -06:00
Paul Hinze 3d089143c6 provider/azure: fix hosted service acctest
Just some basic bitrot stuff.
2015-11-19 16:28:24 -06:00
clint shryock 325fd751eb update TestAccAWSFlowLog_subnet to use new cloudwatch resource, not needing env var anymore 2015-11-19 16:27:56 -06:00
clint shryock e91381c4e2 error test when env var is not supplied 2015-11-19 16:24:17 -06:00
clint shryock 0aedb7eae6 mark snapshots as computed for ElastiCache clusters 2015-11-19 16:19:53 -06:00
Paul Hinze 75d056c878 provider/digitalocean: comment out test for relative DNS records
Until we hear back from DigitalOcean on whether this behavior is
supposed to be supported or not.
2015-11-19 16:11:42 -06:00
clint shryock bcfbf11120 Merge branch 'master' of github.com:hashicorp/terraform
* 'master' of github.com:hashicorp/terraform:
  config: test covering escaped quotes syntax error
  Add failing tests for JSON configuration parsing
  scripts: check for the correct env vars in dist.sh
2015-11-19 15:50:06 -06:00
clint shryock 01b9af40d1 fix resource name in test 2015-11-19 15:44:40 -06:00
clint shryock 0874347478 update ami id for test 2015-11-19 15:37:05 -06:00
Paul Hinze afb5136ac2 Merge pull request #3986 from hashicorp/phinze/hcl-escaped-quotes
config: test covering escaped quotes syntax error
2015-11-19 12:32:30 -06:00
Paul Hinze 15e7927009 config: test covering escaped quotes syntax error
This was never intended to be valid syntax, but it worked in the old HCL
parser, and we've found a decent number of examples of it in the wild.

Fixed in https://github.com/hashicorp/hcl/pull/62 and we'll keep this
test in Terraform to cover the behavior.
2015-11-19 12:11:42 -06:00
Paul Hinze bd8863c994 Merge pull request #3973 from hashicorp/phinze/tweak-dist
scripts: check for the correct env vars in dist.sh
2015-11-19 11:03:38 -06:00
James Nugent 15522e80a5 Merge pull request #3984 from hashicorp/b-json-hcl
Add tests for JSON configuration parsing
2015-11-19 19:02:26 +02:00
James Nugent 6ae3218f8a Add failing tests for JSON configuration parsing
Reproduces the issue reported by @svanharmelen in #3964.
2015-11-19 16:06:30 +02:00
Paul Hinze 203a565161 scripts: check for the correct env vars in dist.sh
we need AWS keys now, not bintray keys
2015-11-18 17:16:03 -06:00
clint shryock fd251e8b45 rename TestAccAWSRoute53Record_weighted to TestAccAWSRoute53Record_weighted_basic to test in isolation 2015-11-18 16:08:23 -06:00
Clint 99c4da7851 Update CHANGELOG.md 2015-11-18 13:57:35 -06:00
Clint 5024d66f3c Merge pull request #3970 from hashicorp/b-aws-iam-policy-attachfix
providers/aws: Fix typo in error checking for IAM Policy Attachments
2015-11-18 13:57:03 -06:00
clint shryock 5482e98927 Fix typo in error checking for IAM Policy Attachments 2015-11-18 13:48:46 -06:00
Paul Hinze a211fc3469 Merge pull request #3965 from hashicorp/b-aws-sg-rules-v2-race
provider/aws: serialize SG rule access to fix race condition
2015-11-18 12:47:55 -06:00
Paul Hinze 6b6b5a43c3 provider/aws: serialize SG rule access to fix race condition
Because `aws_security_group_rule` resources are an abstraction on top of
Security Groups, they must interact with the AWS Security Group APIs in
a pattern that often results in lots of parallel requests interacting
with the same security group.

We've found that this pattern can trigger race conditions resulting in
inconsistent behavior, including:

 * Rules that report as created but don't actually exist on AWS's side
 * Rules that show up in AWS but don't register as being created
   locally, resulting in follow up attempts to authorize the rule
   failing w/ Duplicate errors

Here, we introduce a per-SG mutex that must be held by any security
group before it is allowed to interact with AWS APIs. This protects the
space between `DescribeSecurityGroup` and `Authorize*` / `Revoke*`
calls, ensuring that no other rules interact with the SG during that
span.

The included test exposes the race by applying a security group with
lots of rules, which based on the dependency graph can all be handled in
parallel. This fails most of the time without the new locking behavior.

I've omitted the mutex from `Read`, since it is only called during the
Refresh walk when no changes are being made, meaning a bunch of parallel
`DescribeSecurityGroup` API calls should be consistent in that case.
2015-11-18 12:39:59 -06:00