Commit Graph

2961 Commits

Author SHA1 Message Date
clint shryock 3580ae03be provider/aws: Randomize some IAM user names to avoid conflicts in tests 2016-08-31 09:33:56 -05:00
stack72 4d2b9cb167
provider/aws: `aws_spot_fleet_request` was leaving orphaned instances
running

Each nightly build was leaving multiple instances running. The issue is
that the IAM role we were using didn't have access to Terminate the EC2
instances

The role was missing the ec2 principle
2016-08-31 11:25:08 +01:00
Krzysztof Wilczynski 6a94f920e1 provider/aws: Handle missing EFS mount target in aws_efs_mount_target. (#8529)
* Handle missing EFS mount target in aws_efs_mount_target.

This commit resolves issue where the EFS mount target would be already
deleted (e.g. it was deleted outside of Terraform, etc.). Also, correct
how values are begin set in the ReadFunc to avoid nil pointer dereference.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* Add EFS mount target DNS helper function.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* Add EFS mount target response helper.

This commit adds a helper which can be used to check whether the response
contains a valid and non-empty list of EFS file system mount targets.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* Add acceptance test to check for non-empty plan.

This commit adds a test to verify the condition where the underlying EFS mount
target would be deleted and/or disappear resulting in a new resource to be
created to replace it.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-30 10:42:54 +01:00
Richard Bowden b673f4d972 adds resource retry to SpotInstanceRequestCreate (#8516)
so that the create process waits for IAM Instance profiles and roles to propagate before continuing, this has been taken from `resource_aws_instance`
2016-08-29 21:53:40 +01:00
stack72 7fe49999fb
Merge branch '7721-enable-disable-access-logs' of https://github.com/optimisticanshul/terraform into optimisticanshul-7721-enable-disable-access-logs 2016-08-29 21:00:46 +01:00
Radek Simko cc38378870 provider/aws: API Gateway Custom Authorizer (#8535)
* [WIP] AWS APIGateway Custom Authorizer

* provider/aws: api_gateway_method - Add missing fields to Read+Update

* provider/aws: Make API Gateway name in test more specific

* provider/aws: APIG - Use minimal configuration in create request
2016-08-29 20:51:59 +01:00
Radek Simko 8317fe73d4 provider/aws: Add AWS error message to retry APIGateway acc update on (#8533) 2016-08-29 20:02:15 +01:00
Radek Simko 58d5b88170
provider/aws: Cover more failure cases of CF creation/update/deletion
- Use ID instead of stack name per AWS' advice
 - Query failures/errors *after* the stack has reached target state
2016-08-29 11:53:09 +01:00
Radek Simko 302982c335 provider/aws: Remove unsafe ptr dereferencing [A-C]* (#8519) 2016-08-28 19:25:30 +01:00
Radek Simko 2223964ff1 provider/aws: Remove unsafe ptr dereferencing from ECS/ECR (#8514) 2016-08-28 17:15:45 +01:00
Radek Simko fe0e8da3dd
provider/aws: Handle deleted CloudFormation stack gracefully 2016-08-28 16:12:35 +01:00
Radek Simko ed39b8634f provider/aws: Remove unsafe ptr dereferencing from ami data source (#8513) 2016-08-28 15:39:40 +01:00
Carlos Sanchez bb5c83ca49 provider/aws: Increase route_table timeouts (#8465) 2016-08-27 21:32:55 +01:00
Martin Atkins 4f906dba7a Merge #8403: name_regex attribute on aws_ami data source 2016-08-27 13:11:45 -07:00
Alex Eftimie 3a97971e41 Refactor for code simplicity. 2016-08-27 12:54:42 -07:00
Alex Eftimie d44ae5028f S3Bucket and S3Key are always required 2016-08-27 12:54:41 -07:00
Alex Eftimie c9bd7d680f Add a test to check the unversioned lambda function update - copy and adapt genAWSLambdaFunctionConfig_s3 2016-08-27 12:54:41 -07:00
Alex Eftimie c5f788ec58 Attempt to fix #6794 - update only non empty fields on aws_lambda_function s3 2016-08-27 12:54:41 -07:00
Clint daac877c82 provider/aws: Get and export ASG ARN value (#8503) 2016-08-27 15:20:11 +01:00
Paul Stack 6ea53e5e3c provider/aws: Refresh `aws_route` from state if `aws_route_table` not (#8443)
found

Fixes #5288
Fixes #8388

```
TESTS TBC
```
2016-08-26 07:50:14 +01:00
Radek Simko 0dd17c646b provider/aws: Cleanup the Lambda ENI deletion process a bit (#8486) 2016-08-26 07:30:47 +01:00
Mitchell Hashimoto 6b124a4760 Merge pull request #8479 from dtolnay/detach
provider/aws: Propagate errors from DetachVolume
2016-08-25 22:21:46 -07:00
Glenn Poston 19426109da Lambda ENI cleanup added to security group delete (#8033) 2016-08-25 23:08:19 +01:00
Paul Stack 338aab9169 provider/aws: Stop `aws_instance` `source_dest_check` triggering an API call on each (#8450)
terraform run

Fixes #3550

The simple fix here was to check if the Resource was new (to set the
value the first time) then check it has changed each time

I was able to see from the TF log the following:

```
Config

resource "aws_vpc" "foo" {
	cidr_block = "10.10.0.0/16"
}

resource "aws_subnet" "foo" {
	cidr_block = "10.10.1.0/24"
	vpc_id = "${aws_vpc.foo.id}"
}

resource "aws_instance" "foo" {
	ami = "ami-4fccb37f"
	instance_type = "m1.small"
	subnet_id = "${aws_subnet.foo.id}"
	source_dest_check = false
        disable_api_termination = true
}
```

No longer caused any Modifying source_dest_check entries in the LOG
2016-08-25 22:11:01 +01:00
Clint 49ecfe8921 provider/aws: Add aws_default_route_table resource (#8323)
* provider/aws: Add docs for Default Route Table

* add new default_route_table_id attribute, test to VPC

* stub

* add warning to docs

* rough implementation

* first test

* update test, add swap test

* fix typo
2016-08-25 16:02:44 -05:00
David Tolnay b09e042bf5 provider/aws: Propagate errors from DetachVolume 2016-08-25 14:46:46 -04:00
stack72 0087068a0e
provider/aws: `aws_ecs_container_definition` datasource parameter
changes to memory_reservation
2016-08-25 18:10:08 +01:00
stack72 7a852dacf2
Merge branch 'aws_ecs_container_definition_memory_reservation' of https://github.com/optimisticanshul/terraform into optimisticanshul-aws_ecs_container_definition_memory_reservation 2016-08-25 17:51:38 +01:00
Paul Stack 7949a30a07 provider/aws: Randomize the key_pair used in the (#8472)
`aws_spot_fleet_request` acceptance tests
2016-08-25 14:40:57 +01:00
Paul Stack 0adc1fc4b2 provider/aws: Allow `aws_rds_instance` to upgrade the major version (#8471)
Fixes #8468

If a user wished to bump the `engine_version` of an RDS instance,
Terraform was not sending `allow_major_version_upgrade` to the API
*unless* that value also changed at the same time. This caused the
following error from RDS API:

```
* aws_db_instance.bar: Error modifying DB Instance
* tf-20160825101420910562798obb: InvalidParameterCombination: The
* AllowMajorVersionUpgrade flag must be present when upgrading to a new
* major version.
    status code: 400, request id: 20e36364-6ab0-11e6-b794-51f12f4135f1
```

This change will always send the `allow_major_version_upgrade` flag to
the API when the `engine_version` changes.

This still relies on the user setting the correct value i.e. if they are
upgrading from postgres 0.4.7 -> 9.5.2 then the config will need to set
the `allow_major_version_upgrade` flag to be `true`
2016-08-25 13:54:40 +01:00
Richard Clamp 9be1ff5d53 Fix segmentation fault in "aws_api_gateway_base_path_mapping" resource (#8466)
It is possible for the `mapping.BasePath`, `mapping.RestApiId`, and
`mapping.Stage` to be nil when they have not been set for the
mapping.[1]  When this occurs a nil pointer is dereferenced and terraform
segmentation faults.

Here we remove the blind derefrences and trust in the behaviour of
(*ResourceData).Set() to handle the nil pointer safely.

[1] https://github.com/hashicorp/terraform/blob/master/vendor/github.com/aws/aws-sdk-go/service/apigateway/api.go#L4892-L4904
2016-08-25 11:03:42 +01:00
Paul Stack 64510d9cfb provider/aws: Adding `aws_ssm_document` resource (#8460)
* provider/aws: add `aws_ssm_document` resource

* provider/aws: Changes to `aws_ssm_document` post code review

The changes are things like using d.Id rather than d.Get("name").(string)

and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 09:47:24 +01:00
Paul Stack 3901827b40 provider/aws: Validate `aws_iam_policy_attachment` Name parameter to stop being empty (#8441)
* provider/aws: Validate `aws_iam_policy_attachment` Name parameter to
stop being empty

Fixes #8368

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSPolicyAttachment_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 11:46:01 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSPolicyAttachment_ -timeout 120m
=== RUN   TestAccAWSPolicyAttachment_basic
--- PASS: TestAccAWSPolicyAttachment_basic (44.67s)
=== RUN   TestAccAWSPolicyAttachment_paginatedEntities
--- PASS: TestAccAWSPolicyAttachment_paginatedEntities (161.68s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    206.379s
```

* Update resource_aws_iam_policy_attachment.go
2016-08-24 21:28:41 +01:00
stack72 01fca172cb
provider/aws: Removing the merge conflict from the redshift_cluster resource 2016-08-24 20:50:06 +01:00
Clint 341c7bf766 provider/aws: Update VPC Peering connect accept/request attributes (supersedes #8338) (#8432)
* Fix crash when reading VPC Peering Connection options.

This resolves the issue introduced in #8310.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* Do not de-reference values when using Set().

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* provider/aws: Update VPC Peering connect accept/request attributes

* change from type list to type set

* provider/aws: Update VPC Peering accept/requst options, tests

* errwrap some things
2016-08-24 13:24:42 -05:00
Maxime Bury 39bc60c3dc Retry on gateway not found 2016-08-24 13:17:45 -04:00
Paul Stack 50556c58b8 provider/aws: Refresh `aws_cloudwatch_event_target` from state on `ResourceNotFoundException` (#8442)
* provider/aws: Refresh `aws_cloudwatch_event_target` from state on
`ResourceNotFoundException`

Fixes #6928

@radeksimko FYI :)

* Update resource_aws_cloudwatch_event_target.go
2016-08-24 13:02:48 +01:00
Paul Stack e524603d3f provider/aws: AWS SpotFleet Requests now works with Subnets and AZs (#8320)
* provider/aws: Change Spot Fleet Request to allow a combination of
subnet_id and availability_zone

Also added a complete set of tests that reflect all of the use cases
that Amazon document
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-examples.html

It is important to note there that Terraform will be suggesting that
users create multiple launch configurations rather than AWS's version of
combing values into CSV based parameters. This will ensure that we are
able to enforce the correct state

Also note that `associate_public_ip_address` now defaults to `false` - a migration has been
included in this PR to migration users of this functionality. This needs
to be noted in the changelog. The last part of changing functionality
here is waiting for the state of the request to become `active`. Before
we get to this state, we cannot guarantee that Amazon have accepted the
request or it could have failed validation.

```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSSpotFleetRequest_'
% 2 ↵
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 15:44:21 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSpotFleetRequest_ -timeout 120m
=== RUN   TestAccAWSSpotFleetRequest_changePriceForcesNewRequest
--- PASS: TestAccAWSSpotFleetRequest_changePriceForcesNewRequest (133.90s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceAzOrSubnetInRegion
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceAzOrSubnetInRegion (76.67s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceAzInGivenList
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceAzInGivenList (75.22s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceSubnetInGivenList
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceSubnetInGivenList (96.95s)
=== RUN   TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameAz
--- PASS: TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameAz (74.44s)
=== RUN   TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameSubnet
--- PASS: TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameSubnet (97.82s)
=== RUN   TestAccAWSSpotFleetRequest_overriddingSpotPrice
--- PASS: TestAccAWSSpotFleetRequest_overriddingSpotPrice (76.22s)
=== RUN   TestAccAWSSpotFleetRequest_diversifiedAllocation
--- PASS: TestAccAWSSpotFleetRequest_diversifiedAllocation (79.81s)
=== RUN   TestAccAWSSpotFleetRequest_withWeightedCapacity
--- PASS: TestAccAWSSpotFleetRequest_withWeightedCapacity (77.15s)
=== RUN   TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName
--- PASS: TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName (0.00s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    788.184s
```

* Update resource_aws_spot_fleet_request.go
2016-08-24 11:08:46 +01:00
Paul Stack 272f8ddee1 provider/aws: Refresh `aws_autoscaling_policy` from state on 404 (#8430)
* provider/aws: Refresh `aws_autoscaling_policy` from state on 404

Fixes #8386

When an Autoscaling Group Or an Autoscaling Group Policy has been
deleted manually, terraform was throwing an error as follows:

```
* aws_autoscaling_policy.increase: Error retrieving scaling policies: ValidationError: Group sandbox-logs-logstash-wxhsckky3ndpzd7b3kmyontngy not found
        status code: 400, request id: 56a89814-6884-11e6-b3a8-d364cf04223b
```

We now refresh from state on a ValidationError - this is a common 4xx error according to AWS documentation http://docs.aws.amazon.com/AutoScaling/latest/APIReference/CommonErrors.html

```
%make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAutoscalingPolicy_disappears'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAutoscalingPolicy_disappears -timeout 120m
=== RUN   TestAccAWSAutoscalingPolicy_disappears
--- PASS: TestAccAWSAutoscalingPolicy_disappears (203.61s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	203.633s
```

* Update resource_aws_autoscaling_policy.go
2016-08-24 11:06:01 +01:00
Paul Stack 3a2d73a2b1 provider/aws: Add support to `aws_redshift_cluster` for restoring from (#8414)
snapshot

Fixes #6406

Adds 2 new parameters:

* `snapshot_identifier`
* `snapshot_cluster_identifier`

These will be used to allow the Redshift cluster to be restored from a
pre-existing snapshot. Also makes the redshift username and password
fields optional as these are not required for the snapshot

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRedshiftCluster_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 12:04:53 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftCluster_ -timeout 120m
=== RUN   TestAccAWSRedshiftCluster_importBasic
--- PASS: TestAccAWSRedshiftCluster_importBasic (741.03s)
=== RUN   TestAccAWSRedshiftCluster_basic
--- PASS: TestAccAWSRedshiftCluster_basic (656.33s)
=== RUN   TestAccAWSRedshiftCluster_loggingEnabled
--- PASS: TestAccAWSRedshiftCluster_loggingEnabled (718.65s)
=== RUN   TestAccAWSRedshiftCluster_iamRoles
--- PASS: TestAccAWSRedshiftCluster_iamRoles (818.10s)
=== RUN   TestAccAWSRedshiftCluster_publiclyAccessible
--- PASS: TestAccAWSRedshiftCluster_publiclyAccessible (853.30s)
=== RUN   TestAccAWSRedshiftCluster_updateNodeCount
--- PASS: TestAccAWSRedshiftCluster_updateNodeCount (2083.37s)
=== RUN   TestAccAWSRedshiftCluster_tags
--- PASS: TestAccAWSRedshiftCluster_tags (621.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws
6491.963s
```

When deploying this, I was able to use config as follows:

```
resource "aws_redshift_cluster" "restore" {
  cluster_identifier = "my-test-restored-cluster"
  snapshot_identifier = "sample-snapshot-for-restore"
  node_type = "dc1.large"
}
```

And it resulted in:

```
terraform apply
[WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider.
  If you did not expect to see this message you will need to remove the old plugin.
  See https://www.terraform.io/docs/internals/internal-plugins.html
aws_redshift_cluster.restore: Creating...
  allow_version_upgrade:               "" => "true"
  automated_snapshot_retention_period: "" => "1"
  availability_zone:                   "" => "<computed>"
  bucket_name:                         "" => "<computed>"
  cluster_identifier:                  "" => "my-test-restored-cluster"
  cluster_parameter_group_name:        "" => "<computed>"
  cluster_public_key:                  "" => "<computed>"
  cluster_revision_number:             "" => "<computed>"
  cluster_security_groups.#:           "" => "<computed>"
  cluster_subnet_group_name:           "" => "<computed>"
  cluster_type:                        "" => "<computed>"
  cluster_version:                     "" => "1.0"
  database_name:                       "" => "<computed>"
  enable_logging:                      "" => "false"
  encrypted:                           "" => "<computed>"
  endpoint:                            "" => "<computed>"
  iam_roles.#:                         "" => "<computed>"
  kms_key_id:                          "" => "<computed>"
  node_type:                           "" => "dc1.large"
  number_of_nodes:                     "" => "1"
  port:                                "" => "5439"
  preferred_maintenance_window:        "" => "<computed>"
  publicly_accessible:                 "" => "true"
  s3_key_prefix:                       "" => "<computed>"
  skip_final_snapshot:                 "" => "true"
  snapshot_identifier:                 "" => "sample-snapshot-for-restore"
  vpc_security_group_ids.#:            "" => "<computed>"
..........
aws_redshift_cluster.restore: Still creating... (5m20s elapsed)
aws_redshift_cluster.restore: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
```
2016-08-24 10:58:05 +01:00
Paul Stack eec7b342c8 provider/aws: Support `snapshot_name` for ElastiCache Cluster and (#8419)
Replication Groups

In order to be able to restore a named snapshot as ElastiCache Cluster
or a Replication Group, the `snapshot_name` parameter was needed to be
passed. Changing the `snapshot_name` will force a new resource to be
created

```

```
2016-08-24 10:55:20 +01:00
Paul Stack 0d8709bdf3 provider/aws: Support Tags for `aws_alb` and `aws_alb_target_group` (#8422)
resources

Fixes #8420

Adds the ability to update tags on the ALB resource as well as
supporting tags on `aws_alb_target_group`

```
ALB Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'                                                                                                                         2 ↵ ✹
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 19:30:16 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout 120m
=== RUN   TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (67.18s)
=== RUN   TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (99.88s)
=== RUN   TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (62.49s)
=== RUN   TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (126.25s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	355.835s
```

```
ALB Target Group Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 19:37:37 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (47.26s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (81.01s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (78.74s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	207.025s
```
2016-08-24 10:54:43 +01:00
Anshul Sharma f034638026 Enable/Disbale Option For ELB Access logs 2016-08-24 14:37:47 +05:30
Anshul Sharma c94cfd941d Add MemoryReservation To ECS Container Definition 2016-08-24 13:01:12 +05:30
Mike Brannigan 1871363e58 Remove debug statements 2016-08-23 18:19:59 -05:00
Mike Brannigan e281ad6481 Fix error message for master password being too short 2016-08-23 17:40:05 -05:00
Mike Brannigan aad01a665c Add password validation rules for redshift passwords 2016-08-23 17:30:57 -05:00
Clint a86f0a8425 providers/aws: Check error from resourceAwsRoute53RecordBuildSet and return err if set (#8399)
* providers/aws: Check error from resourceAwsRoute53RecordBuildSet and return if set

* explain the error and wrap in errwrap
2016-08-23 12:25:09 -05:00
Radek Simko 070942df0f provider/aws: Add support for ECS svc - LB target group (#8190) 2016-08-23 11:19:43 -05:00
Shawn Silva bf68590f02 provider/aws: rename local_name_filter attribute to name_regex
Renamed the local_name_filter attribute to name_regex and made it clear in the
docs that this runs locally and could have a performance impact on a large set
of AMIs returned from AWS.
2016-08-23 08:44:07 -04:00
Paul Stack 2f936eaad4 provider/aws: Add support for `network_mode` to `aws_ecs_task_definition` (#8391)
* provider/aws: Add support for `network_mode` to
`aws_ecs_task_definition`

Fixes #8281

```

```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEcsTaskDefinition_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 18:12:20 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEcsTaskDefinition_ -timeout 120m
=== RUN   TestAccAWSEcsTaskDefinition_basic
--- PASS: TestAccAWSEcsTaskDefinition_basic (29.02s)
=== RUN   TestAccAWSEcsTaskDefinition_withScratchVolume
--- PASS: TestAccAWSEcsTaskDefinition_withScratchVolume (16.75s)
=== RUN   TestAccAWSEcsTaskDefinition_withEcsService
--- PASS: TestAccAWSEcsTaskDefinition_withEcsService (147.77s)
=== RUN   TestAccAWSEcsTaskDefinition_withTaskRoleArn
--- PASS: TestAccAWSEcsTaskDefinition_withTaskRoleArn (19.49s)
=== RUN   TestAccAWSEcsTaskDefinition_withNetworkMode
--- PASS: TestAccAWSEcsTaskDefinition_withNetworkMode (19.52s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	232.588

* Update resource_aws_ecs_task_definition.go

* Update ecs_task_definition.html.markdown
2016-08-23 11:27:45 +01:00
Paul Stack 83dc4d0535 provider/aws: Add Primary Endpoint Address output for (#8385)
`aws_elasticache_replication_group`

Fixes #8377

Now we can output the endpoint of the primary

```
resource "aws_elasticache_replication_group" "bar" {
    replication_group_id = "tf-11111"
    replication_group_description = "test description"
    node_type = "cache.m1.small"
    number_cache_clusters = 2
    port = 6379
    parameter_group_name = "default.redis2.8"
    apply_immediately = true
}

output "primary_endpoint_address" {
  value = "${aws_elasticache_replication_group.bar.primary_endpoint_address}"
}
```

This gives us:

```
% terraform apply
...................
aws_elasticache_replication_group.bar: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

primary_endpoint_address = tf-11111.d5jx4z.ng.0001.use1.cache.amazonaws.com
```

This was the addition of a computed field only so the basic test still works as expected:

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_basic'                        ✹
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 17:11:13 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSElasticacheReplicationGroup_basic -timeout 120m
=== RUN   TestAccAWSElasticacheReplicationGroup_basic
--- PASS: TestAccAWSElasticacheReplicationGroup_basic (741.71s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	741.735s
```
2016-08-23 11:13:26 +01:00
Paul Stack 780ef8b27e provider/aws: `aws_elasticache_replication_group_id` validation change (#8381)
The AWS documentation tells us the following:

```
--replication-group-id (string)

The replication group identifier. This parameter is stored as a
lowercase string.
Constraints:
A name must contain from *1 to 20* alphanumeric characters or hyphens.
The first character must be a letter.
A name cannot end with a hyphen or contain two consecutive hyphens.
```

This is not correct and is causing users errors:

```
* aws_elasticache_replication_group.bar: Error creating Elasticache
* Replication Group: InvalidParameterValue: Replication group id should
* be no more than 16 characters.
    status code: 400, request id:
```

Tuning the Validation from 20 to 16 characters to avoid user issues
2016-08-23 11:05:54 +01:00
Shawn Silva 6977fff406 provider/aws: add local name filter to aws_ami datasource
In cases where the filters provided by AWS against the name of an AMI are not
sufficient, allow adding a "local_name_filter" which is a regex that is used
to filter the AMIs returned by amazon.
2016-08-22 19:32:32 -04:00
Kazunori Kojima ed05161fd0
provider/aws: Support import `aws_s3_bucket_notification` 2016-08-23 08:19:06 +09:00
Martin Atkins 38289ddbd5 Merge #8353: New resources for custom domains on AWS API Gateway 2016-08-22 15:44:52 -07:00
Ryan Roberts 848f612169 provider/aws: aws_api_gateway_base_path_mapping resource implementation
API Gateway allows users to "claim" a domain name for use as a custom
hostname for deployed API endpoints, and then use this base path mapping
resource to expose a particular API deployment at a path on such a domain.

The acceptance tests use certificates from the aws_api_gateway_domain_name
tests which expire in 2026; we'll need to generate some more certificates
before we get there.
2016-08-22 15:36:20 -07:00
clint shryock 03bdf1375e provider/aws: Clear up test failure for TestAccAWSVpnGateway_disappears 2016-08-22 14:56:07 -05:00
Jarrod Jackson 7010973c5a provider/aws: aws_api_gateway_domain_name resource implementation
API Gateway allows users to "claim" a domain name for use as a custom
hostname for deployed API endpoints. The domain name resource just claims
the domain name; a user would then use a "base path mapping" resource
(to be implemented in a later commit) to map a particular API to a
particular path prefix on that domain.

The acceptance tests contain some TLS certificates that expire in 2026;
we'll need to generate some more certificates before we get there.
2016-08-22 11:40:33 -07:00
Paul Stack 9d1ef78fc1 provider/aws: Refresh `aws_lambda_event_source_mapping` from state when (#8378)
NotFound

Fixes #8375

When a Lambda or an associated Event Source Mapping has been removed via
the AWS Console, Terraform throws an error similar to the following:

```
Error refreshing state: 1 error(s) occurred:

* aws_lambda_event_source_mapping.dmp_enrichment_event_source_mapping:
* ResourceNotFoundException: The resource you requested does not exist.
    status code: 404, request id: a17c641d-6868-11e6-accf-3d0ea71934fa

```

the resource should be refreshed from the state when this happens so
that subsequent plans show it needs to be recreated

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLambdaEventSourceMapping_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 16:15:54 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSLambdaEventSourceMapping_ -timeout 120m
=== RUN   TestAccAWSLambdaEventSourceMapping_basic
--- PASS: TestAccAWSLambdaEventSourceMapping_basic (120.81s)
=== RUN   TestAccAWSLambdaEventSourceMapping_disappears
--- PASS: TestAccAWSLambdaEventSourceMapping_disappears (104.08s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    224.914s
```
2016-08-22 17:05:48 +01:00
Clint 771155cea5 provider/aws: Add support for TargetGroups to AutoScaling Groups (#8327)
* start of ALB support. Waiting for ALB top level to move forward

* initial test

* cleanup

* small docs

* beef up test
2016-08-19 14:07:53 -05:00
James Nugent e4ce708bf9 provider/aws: Add aws_alb_target_group_attachment 2016-08-19 16:12:19 +01:00
James Nugent b5e0f2e347 Merge pull request #8318 from hashicorp/f-aws-application-lb-rules
provider/aws: Add aws_alb_listener_rule resource
2016-08-19 13:24:02 +01:00
James Nugent e2445497ab Merge pull request #8319 from hashicorp/aws-route53-cloudwatch-metric
provider/aws: Implement support for CloudWatch Metric in `aws_route53_health_check`
2016-08-19 13:09:33 +01:00
James Nugent 417b98bafb provider/aws: Add aws_alb_listener_rule resource
This commit adds the aws_alb_listener_rule resource along with
acceptance tests and documentation.
2016-08-19 13:07:20 +01:00
stack72 da5abccfd9
provider/aws: Implement support for CloudWatch Metric in
`aws_route53_health_check`

fixes #7830

```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSRoute53HealthCheck_'           ✚
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/19 12:58:00 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRoute53HealthCheck_ -timeout 120m
=== RUN   TestAccAWSRoute53HealthCheck_importBasic
--- PASS: TestAccAWSRoute53HealthCheck_importBasic (20.03s)
=== RUN   TestAccAWSRoute53HealthCheck_basic
--- PASS: TestAccAWSRoute53HealthCheck_basic (31.42s)
=== RUN   TestAccAWSRoute53HealthCheck_withChildHealthChecks
--- PASS: TestAccAWSRoute53HealthCheck_withChildHealthChecks (26.88s)
=== RUN   TestAccAWSRoute53HealthCheck_IpConfig
--- PASS: TestAccAWSRoute53HealthCheck_IpConfig (30.27s)
=== RUN   TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck
--- PASS: TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck (26.08s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    134.692s

```
2016-08-19 13:00:45 +01:00
Krzysztof Wilczynski 5df0b08e86 Add ability to set peering options in aws_vpc_peering_connection. (#8310)
This commit adds two optional blocks called "accepter" and "requester" to the
resource allowing for setting desired VPC Peering Connection options for VPCs
that participate in the VPC peering.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-19 11:19:49 +01:00
Mitchell Hashimoto 13cf04b2b7
providers/aws: fix error on bad session 2016-08-18 22:35:48 -04:00
James Nugent 56907d9931 Merge pull request #8268 from hashicorp/f-aws-application-lb-listener
provider/aws: Add aws_alb_listener resource
2016-08-18 21:18:35 +01:00
Paul Stack 09de4f82ce provider/aws: `aws_elasticache_replication_groups` only support Redis (#8297)
* provider/aws: `aws_elasticache_replication_groups` only support Redis

therefore, making our users add `engine = redis` to the configuration
felt wasted

* Update resource_aws_elasticache_replication_group.go

* Update resource_aws_elasticache_replication_group.go

* Update resource_aws_elasticache_replication_group.go

* Update resource_aws_elasticache_replication_group_test.go

* Update resource_aws_elasticache_replication_group_test.go

* Update resource_aws_elasticache_replication_group.go
2016-08-18 20:30:12 +01:00
Paul Stack 51f216306f provider/aws: Implement the `aws_elasticache_replication_group` resource (#8275) 2016-08-18 19:42:29 +01:00
James Nugent e38d41b7a7 provider/aws: Add `arn` fields to ALB resources
This commit adds an `arn` field to `aws_alb` and `aws_alb_target_group`
resources, in order to present a more coherant user experience to people
using resource variables in fields suffixed "arn".
2016-08-18 18:54:39 +01:00
James Nugent 59f66eca02 provider/aws: Add aws_alb_listener resource
This commit adds the `aws_alb_listener` resource and associated
acceptance tests and documentation.
2016-08-18 18:49:44 +01:00
James Nugent d7e9a2ecf2 provider/aws: Set aws_alb security_groups computed (#8269)
This commit fixes #8264 by making the security_groups attribute on
aws_alb resources computed, allowing the default security group assigned
by AWS to not generate perpetual plans forcing new resources.
2016-08-18 16:52:29 +01:00
Radek Simko b2a3104118 provider/aws: Explain better why we retry IAM role creation (#8286) 2016-08-18 16:43:40 +01:00
David Tolnay 46c858bcbe provider/aws: Increase timeout for creating IAM role (#7733) 2016-08-18 16:27:17 +01:00
KOJIMA Kazunori 23d2ae3740 provider/aws: Support import of `aws_s3_bucket` (#8262) 2016-08-18 16:01:20 +01:00
Dennis Webb 8c10720a22 adding final-snapshot status to resourceAwsRedshiftClusterDelete (#8270) 2016-08-18 15:23:47 +01:00
James Nugent f5f31542bb Merge pull request #8254 from hashicorp/f-aws-application-lb
provider/aws: Initial support for Application Load Balancers
2016-08-17 16:05:51 +01:00
James Nugent 531a976306 provider/aws: Add aws_alb_target_group resource
This commit adds a resource, acceptance tests and documentation for the
Target Groups for Application Load Balancers.

This is the second in a series of commits to fully support the new
resources necessary for Application Load Balancers.
2016-08-17 15:48:16 +01:00
James Nugent 0b421b6998 provider/aws: Add `aws_alb` resource
This commit adds a resource, acceptance tests and documentation for the
new Application Load Balancer (aws_alb). We choose to use the name alb
over the package name, elbv2, in order to avoid confusion.

This is the first in a series of commits to fully support the new
resources necessary for Application Load Balancers.
2016-08-17 15:48:06 +01:00
Radek Simko cba09ae804 provider/aws: Update expected hash of Lambda ZIP files (#8258) 2016-08-17 15:45:35 +01:00
James Nugent ebdfe76530 provider/aws: Add ELBv2 to AWS config 2016-08-17 13:55:18 +01:00
Radek Simko 523627ba24 Merge pull request #8239 from TimeIncOSS/f-aws-r53-zone-force-destroy
provider/aws: Add force_destroy option to aws_route53_zone
2016-08-17 07:10:00 +01:00
Radek Simko 7433be5b4c aws: Make EFS MT creation fail for 2+ targets per AZ (#8205) 2016-08-17 07:07:54 +01:00
Mitchell Hashimoto e6d1e77a9a
Fix vet errors found with Go 1.7 2016-08-16 18:03:22 -07:00
Radek Simko 73791b47b3
aws: Implement naming changes for aws_elb_service_account 2016-08-16 21:05:27 +01:00
Paul Stack 9cb1dffb4d provider/aws: Allow `source_ids` in `aws_db_event_subscription` to be Updatable (#7892)
* provider/aws: Allow `source_ids` in `aws_db_event_subscription` to be
Updatable

Fixes #7809

This commit adds support for `source_ids` to be updated rather than
forcing new each time. Unfortunately, it must range over the difference
in the source_ids and add and remove them 1 at a time. AWS does not
support batch updating source_ids

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBEventSubscription_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDBEventSubscription_ -timeout 120m
=== RUN   TestAccAWSDBEventSubscription_basicUpdate
--- PASS: TestAccAWSDBEventSubscription_basicUpdate (1277.87s)
=== RUN   TestAccAWSDBEventSubscription_withSourceIds
--- PASS: TestAccAWSDBEventSubscription_withSourceIds (1012.96s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws
2290.844s
```

* Update resource_aws_db_event_subscription.go
2016-08-16 20:51:38 +01:00
Paul Stack 4de4590147 provider/aws: Adds acceptance tests for `aws_gateway_*` manual deletions causing non-empty plans (#7879)
* provider/aws: Adds an acceptance test that makes sure that  manual deletions mean a non-empty plan

* provider/aws: Adds an acceptance test to prove that  manual deletion causes a non-empty plan
2016-08-16 20:42:06 +01:00
Clint 72a81ff3ae provider/aws: Update ElasticTranscoder to allow empty notifications, removing notifications, etc (#8207)
* provider/aws: Add failing ETC + notifications test

* tidy up the docs some

* provider/aws: Update ElasticTranscoder to allow empty notifications, removing notifications, etc
2016-08-16 13:41:12 -05:00
Radek Simko 079e0c5b86
provider/aws: Allow force_destroying records in R53 hosted zone 2016-08-16 19:34:58 +01:00
Radek Simko cc239439fc
aws/r53: Refactoring - decouple waiters into functions 2016-08-16 19:34:45 +01:00
Paul Stack 65aa02b6df provider/aws: DataSource for RedShift Account ID (#8224)
When you need to enable monitoring for Redshift, you need to create the
correct policy in the bucket for logging. This needs to have the
Redshift Account ID for a given region. This data source provides a
handy lookup for this

http://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html#db-auditing-enable-logging

% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSRedshiftAccountId_basic'         2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/16 14:39:35 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftAccountId_basic -timeout 120m
=== RUN   TestAccAWSRedshiftAccountId_basic
--- PASS: TestAccAWSRedshiftAccountId_basic (19.47s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    19.483s
2016-08-16 17:58:46 +01:00
Paul Stack 6d2e81dfbe provider/aws: `aws_spot_fleet_request` throws panic on missing subnet_id (#8217)
or availability_zone

Fixes #8000

There was a hard coded panic in the code!!!

```
panic(
				fmt.Sprintf(
					"Must set one of:\navailability_zone %#v\nsubnet_id: %#v",
					m["availability_zone"],
					m["subnet_id"])
			)
```

This was causing issues when we set neither an availability zone or a subnet id.
This has been removed and is now handled with an error rather than a panic.

This was what happened with the new test before the fix:

```
=== RUN   TestAccAWSSpotFleetRequest_brokenLaunchSpecification
panic: Must set one of:
availability_zone ""
subnet_id: ""
goroutine 129 [running]:
panic(0x11377a0, 0xc8202abfc0)
	/opt/boxen/homebrew/Cellar/go/1.6.2/libexec/src/runtime/panic.go:481 +0x3e6
github.com/hashicorp/terraform/builtin/providers/aws.hashLaunchSpecification(0x11361a0, 0xc8202e07e0, 0xc800000001)
	/Users/stacko/Code/go/src/github.com/hashicorp/terraform/builtin/providers/aws/resource_aws_spot_fleet_request.go:953 +0x685
github.com/hashicorp/terraform/helper/schema.(*Set).hash(0xc82005ae00, 0x11361a0, 0xc8202e07e0, 0x0, 0x0)
	/Users/stacko/Code/go/src/github.com/hashicorp/terraform/helper/schema/set.go:180 +0x40
github.com/hashicorp/terraform/helper/schema.(*Set).add(0xc82005ae00, 0x11361a0, 0xc8202e07e0, 0xc820276900, 0x0, 0x0)
```

The test then ran fine after the fix:

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSpotFleetRequest_brokenLaunchSpecification'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/16 08:03:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSpotFleetRequest_brokenLaunchSpecification -timeout 120m
=== RUN   TestAccAWSSpotFleetRequest_brokenLaunchSpecification
--- PASS: TestAccAWSSpotFleetRequest_brokenLaunchSpecification (32.37s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	32.384s
```

Full test run looks as follows:

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSpotFleetRequest_'                     ✹
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/16 08:04:34 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSpotFleetRequest_ -timeout 120m
=== RUN   TestAccAWSSpotFleetRequest_basic
--- PASS: TestAccAWSSpotFleetRequest_basic (33.78s)
=== RUN   TestAccAWSSpotFleetRequest_brokenLaunchSpecification
--- PASS: TestAccAWSSpotFleetRequest_brokenLaunchSpecification (33.59s)
=== RUN   TestAccAWSSpotFleetRequest_launchConfiguration
--- PASS: TestAccAWSSpotFleetRequest_launchConfiguration (35.26s)
=== RUN   TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName
--- PASS: TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName (0.00s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	102.648s
```
2016-08-16 17:55:06 +01:00
Radek Simko e356f27db6
aws: Add elb_account_id data source 2016-08-16 11:36:58 +01:00
James Nugent 90bdaef197 Merge pull request #8206 from hashicorp/f-aws-account-id
provider/aws: Add aws_account_id data source
2016-08-16 05:33:32 -05:00
James Nugent 3e14f56a96 provider/aws: Add aws_caller_identity data source
This data source provides access during configuration to the ID of the
AWS account for the connection to AWS. It is primarily useful for
interpolating into policy documents, for example when creating the
policy for an ELB or ALB access log bucket.

This will need revisiting and further testing once the work for
AssumeRole is integrated.
2016-08-16 11:24:26 +01:00
stack72 f9e86a52cf
provider/aws: Change paginated test to use the correct configuration block 2016-08-16 08:40:14 +01:00
stack72 2e454181fc
Merge branch 'paginate_roles' of https://github.com/stripe/terraform into stripe-paginate_roles 2016-08-16 07:51:44 +01:00
raylu f1fdffc552
provider/aws: Test for policy attachment pagination 2016-08-15 13:48:42 -07:00