Commit Graph

1478 Commits

Author SHA1 Message Date
Clint 5f765d9de6 Merge pull request #10624 from hashicorp/pr-9891
provider/aws: Add aws_snapshot_create_volume_permission resource (contd. #9891)
2016-12-09 08:43:18 -06:00
clint shryock c54dba65b0 document snapshot_create_volume_permissions 2016-12-09 08:36:40 -06:00
Clint 0766074289 Merge pull request #10583 from hashicorp/f-lightsail-key-pair
provider/aws: Add Lightsail Key Pair resource
2016-12-09 08:26:00 -06:00
clint shryock 97ac4bde16 implement name_prefix 2016-12-08 14:08:45 -06:00
clint shryock 1e8e83fa6a provider/aws: Encrypt aws_iam_access_key.secret with pgp
optionally encrypt the iam access key secret with a pgp key
2016-12-08 11:08:05 -06:00
Ninir 7f69f37318 provider/aws: Improvde the Cloudfront documentation when using s3 origins (#10087) 2016-12-08 12:01:18 +01:00
Ninir 29f8af16a1 provider/aws: Added S3 Bucket replication (#10552) 2016-12-08 11:59:13 +01:00
Timon Wong 80afc6759b provider/aws: Add "no_device" support to ephemeral block devices (#10547)
Fixes #8455, #5390

This add a new `no_device` attribute to `ephemeral_block_device` block,
which allows users omit ephemeral devices from AMI's predefined block
device mappings, which is useful for EBS-only instance types.
2016-12-08 11:03:51 +01:00
clint shryock 86bb969087 provider/aws: add aws_lightsail_key_pair 2016-12-07 11:13:47 -06:00
Paul Stack be44028945 docs/aws: Fix the discrepencies of the emr_cluster documentation (#10578)
Fixes #10296
2016-12-07 14:11:37 +01:00
Raphael Randschau 2b711f77c8 feat/aws: add iam_server_certificate data source (#10558)
useful if you have an automatic process creating certs for you, e.g. let's
lambda
2016-12-07 11:40:53 +01:00
Ninir c44071801a provider/aws: Improved the documentation for EMR Cluster (#10563) 2016-12-07 00:44:09 +01:00
Jan Schumann 9e293def6a provider/aws: Add opsworks rds db resource (#10294)
* add rds db for opsworks

* switched to stack in vpc

* implement update method

* add docs

* implement and document force new resource behavior

* implement retry for update and delete

* add test that forces new resource
2016-12-05 16:14:15 +00:00
Clint e477658832 Merge pull request #10473 from hashicorp/f-aws-lightsail-instance
provider/aws: Add Lightsail Instance
2016-12-05 08:39:17 -06:00
Evgeny Chuvpilo 8586e323dc
provider/aws: Add support for termination protection and autotermination to EMR. 2016-12-05 13:54:00 +00:00
Kit Ewbank 26d0525e82 Add new aws_vpc_endpoint_route_table_association resource (#10137)
* Add new aws_vpc_endpoint_route_table_association resource.

This commit adds a new resource which allows to a list of route tables to be
either added and/or removed from an existing VPC Endpoint. This resource would
also be complimentary to the existing `aws_vpc_endpoint` resource where the
route tables might not be specified (not a requirement for a VPC Endpoint to
be created successfully) during creation, especially where the workflow is
such where the route tables are not immediately known.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

Additions by Kit Ewbank <Kit_Ewbank@hotmail.com>:

* Add functionality
* Add documentation
* Add acceptance tests
* Set VPC endpoint route_table_ids attribute to "Computed"

* Changes after review - Set resource ID in create function.

* Changes after code review by @kwilczynski:
* Removed error types and simplified the error handling in 'resourceAwsVPCEndpointRouteTableAssociationRead'
* Simplified logging in 'resourceAwsVPCEndpointRouteTableAssociationDelete'
2016-12-05 12:55:37 +00:00
Ninir c250c10d4e Force the master username & password to be defined when not in a restore mode 2016-12-04 19:04:26 +01:00
clint shryock 44ffe71695 provider/aws: Add Lightsail Instance
Adds initial support for AWS Lightsail Instances
2016-12-02 16:35:57 -06:00
Paul Stack 8dec180793 docs/aws: Ensure completeness of aws_api_gateway_domain_name example (#10506)
Fixes #10493
2016-12-02 20:02:09 +02:00
Paul Stack 7ff079b338 docs/aws: Enhance the aws lambda function example to include environment (#10490) 2016-12-02 14:54:06 +02:00
Ninir 1d090eb1ab provider/aws: Added s3 bucket region attribute management (#10482) 2016-12-02 14:22:47 +02:00
Raymond Fallon 7b672d4656 Automatic Rollback of CodeDeploy deployments and CloudWatch Alarms for a Deployment Group (#9039)
* provider/aws: Add DeploymentRollback as a valid TriggerEvent type

* provider/aws: Add auto_rollback_configuration to aws_codedeploy_deployment_group

* provider/aws: Document auto_rollback_configuration

  - part of aws_codedeploy_deployment_group

* provider/aws: Support removing and disabling auto_rollback_configuration

  - part of aws_codedeploy_deployment_group resource
  - when removing configuration, ensure events are removed
  - when disabling configuration, preserve events in case configuration is re-enabled

* provider/aws: Add alarm_configuration to aws_codedeploy_deployment_group

* provider/aws: Document alarm_configuration

  - part of aws_codedeploy_deployment_group

* provider/aws: Support removing alarm_configuration

  - part of aws_codedeploy_deployment_group resource
  - disabling configuration doesn't appear to work...

* provider/aws: Refactor auto_rollback_configuration tests

  - Add create test
  - SKIP failing test for now
  - Add tests for build & map functions

* provider/aws: Refactor new aws_code_deploy_deployment_group tests

  - alarm_configuration and auto_rollback_configuration only
  - add assertions to deployment_group basic test
  - rename config funcs to be more easy to read
  - group public tests together

* provider/aws: A max of 10 alarms can be added to a deployment group.

  - aws_code_deploy_deployment_group.alarm_configuration.alarms
  - verified this causes test failure with expected exception

* provider/aws: Test disabling alarm_configuration and auto_rollback_configuration

  - the tests now pass after rebasing the latest master branch
2016-12-01 16:12:14 +02:00
Paul Stack 83abf5b16a provider/aws: Support import of aws_iam_instance_profile (#10436)
Fixes #10341

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSIAMInstanceProfile_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/30 14:32:59 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSIAMInstanceProfile_ -timeout 120m
=== RUN   TestAccAWSIAMInstanceProfile_importBasic
--- PASS: TestAccAWSIAMInstanceProfile_importBasic (20.22s)
=== RUN   TestAccAWSIAMInstanceProfile_basic
--- PASS: TestAccAWSIAMInstanceProfile_basic (18.71s)
=== RUN   TestAccAWSIAMInstanceProfile_namePrefix
--- PASS: TestAccAWSIAMInstanceProfile_namePrefix (18.58s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws57.535s
```
2016-12-01 09:01:15 +02:00
Anshul Sharma a886b630a0 IPv6 Support To Cloudfront (#10332)
* Added IPv6 Support To Cloudfront

* Added IPv6 docs to cloudfront
2016-11-30 14:13:30 +02:00
Ninir 5481e9ecb3 provider/aws: Enforced kms_key_* attributes to be ARNs (#10356)
* Added kms_key_* validation to force ARNs

* Added Redshift Cluster KMS key test

* Added cloudtrail kms key test

* Added EBS volume kms key

* Added Elastic Transcoder Pipeline kms key arn test
2016-11-30 13:50:26 +02:00
vincentkwok e634ffdf72 Fix doc typo (#10430) 2016-11-30 11:55:11 +02:00
ketzacoatl e13a4461e5 Correct parent zone reference in route53_zone docs (#10402) 2016-11-28 22:09:11 +00:00
Mathieu Herbert aec4e56f68
provider/aws: data source for AWS Route Table 2016-11-28 18:07:38 +00:00
Kit Ewbank acce95fa72 Fix typo 'availablity' => 'availability'. 2016-11-23 17:10:18 -05:00
Mark Cheshier efa265a764 Update opsworks_application.html.markdown (#10304)
'Secret' is incorrect in the environment argument documentation. It is used correctly in the example at the top as 'secure'.
2016-11-23 10:56:42 +02:00
Mike Fiedler afe9388457 Update elb_service_account docs (#10299)
The current example using the ELB's account ID will trigger an update for a resource that uses the `.id` instead if the `.arn` syntax.

Once updated to the `.arn`, no changes are detected.

[ci skip]
2016-11-23 10:55:47 +02:00
Ninir ab9059564c provider/aws: Added Lambda Environment configuration 2016-11-21 22:23:39 +01:00
Paul Stack b3fad6a68c provider/aws: Addition of suspended_processes to aws_autoscaling_group (#10096)
Fixes #8954

Addition of the support of autoScaling group suspended_processes
2016-11-21 17:02:20 +02:00
Paul Stack 7fde952d02 provider/aws: New Resource aws_ebs_snapshot (#10017)
* provider/aws: Add ability to create aws_ebs_snapshot

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEBSSnapshot_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 14:18:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEBSSnapshot_
-timeout 120m
=== RUN   TestAccAWSEBSSnapshot_basic
--- PASS: TestAccAWSEBSSnapshot_basic (31.56s)
=== RUN   TestAccAWSEBSSnapshot_withDescription
--- PASS: TestAccAWSEBSSnapshot_withDescription (189.35s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws220.928s
```

* docs/aws: Addition of the docs for aws_ebs_snapshot resource

* provider/aws: Creation of shared schema funcs for common AWS data source
patterns

* provider/aws: Create aws_ebs_snapshot datasource

Fixes #8828

This data source will use a number of filters, owner_ids, snapshot_ids
and restorable_by_user_ids in order to find the correct snapshot. The
data source has no real use case for most_recent and will error on no
snapshots found or greater than 1 snapshot found

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEbsSnapshotDataSource_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 14:34:33 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEbsSnapshotDataSource_ -timeout 120m
=== RUN   TestAccAWSEbsSnapshotDataSource_basic
--- PASS: TestAccAWSEbsSnapshotDataSource_basic (192.66s)
=== RUN   TestAccAWSEbsSnapshotDataSource_multipleFilters
--- PASS: TestAccAWSEbsSnapshotDataSource_multipleFilters (33.84s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws226.522s
```

* docs/aws: Addition of docs for the aws_ebs_snapshot data source

Adds the new resource `aws_ebs_snapshot`
2016-11-21 12:40:22 +02:00
Kit Ewbank 7330d65678 provider/aws Return service CIDR blocks from aws_vpc_endpoint resource. (#10254) 2016-11-21 10:43:56 +02:00
Chris Marchesi 4845f8de39 provider/aws: Add aws_alb data source (#10196)
* provider/aws: Add aws_alb data source

This adds the aws_alb data source for getting information on an AWS
Application Load Balancer.

The schema is nearly the same as the resource of the same name, with
most of the resource population logic de-coupled into its own function
so that they can be shared between the resource and data source.

* provider/aws: aws_alb data source language revisions

 * Multiple/zero result error slightly updated to be a bit more
   specific.
 * Fixed relic of the copy of the resource docs (resource -> data
   source)
2016-11-21 10:27:44 +02:00
Richard Henning 2a5e1d400d provider/aws: Remove IAM user's MFA devices with `force_destroy` #5908 (#10262)
When `force_destroy` was specifed on an `aws_iam_user` resource, only IAM
access keys and the login profile were destroyed. If a multi-factor auth
device had been activated for that user, deletion would fail as follows:

```
* aws_iam_user.testuser1: Error deleting IAM User testuser1: DeleteConflict: Cannot delete entity, must delete MFA device first.
    status code: 409, request id: aa41b1b7-ac4d-11e6-bb3f-3b4c7a310c65
```

This commit iterates over any of the user's MFA devices and deactivates
them before deleting the user. It follows a pattern similar to that used
to remove users' IAM access keys before deletion.

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUser_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/20 17:09:00 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUser_ -timeout 120m
=== RUN   TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (5.70s)
=== RUN   TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (11.12s)
PASS
ok  	github.com/rhenning/terraform/builtin/providers/aws	20.840s
```
2016-11-21 10:17:27 +02:00
James Gregory ea658635fe Point to CreateDBInstance docs for more info
The docs for the CreateDBInstance API call include quite a bit more information about each individual option, (for example `Engine` has each of the possible options listed, whilst the cli reference doesn't).
2016-11-21 10:01:17 +11:00
Kit Ewbank fd8d41f6a5 Add note to aws_security_group data source describing the default security group for a VPC. (#10247)
Add a corresponding acceptance test.
2016-11-20 16:28:11 +02:00
Kit Ewbank 3255921b6e aws_prefix_list data source - Add ability to select PL by name. (#10248) 2016-11-20 16:21:55 +02:00
Ryan Eschinger 7619d66002 fix aws_availability_zone data source doc example (#10249)
existing example returns an error like the following should you try to
run `terraform plan` against it:

Error reading config for aws_subnet[example]: data.aws_availability_zone.name_suffix: data variables must be four parts: data.TYPE.NAME.ATTR in:

${cidrsubnet(aws_vpc.example.cidr_block, 4, var.az_number[data.aws_availability_zone.name_suffix])}
2016-11-20 16:10:59 +02:00
Kit Ewbank 9aba1b4238 Better explanation of the description attribute (#10221) 2016-11-18 17:20:45 +02:00
Kit Ewbank 2b39f5afdd Correct the name of the notes section mentioned 2016-11-18 09:55:37 -05:00
Chris Marchesi 3ac05a539b provider/aws: Add aws_alb_listener data source (#10181)
* provider/aws: Add aws_alb_listener data source

This adds the aws_alb_listener data source to get information on an AWS
Application Load Balancer listener.

The schema is slightly modified (only option-wise, attributes are the
same) and we use the aws_alb_listener resource read function to get the
data.

Note that the HTTPS test here may fail due until
hashicorp/terraform#10180 is merged.

* provider/aws: Add aws_alb_listener data source docs

Now documented.
2016-11-18 13:01:21 +02:00
Andrew Garrett 3822c69995 Add name_prefix to aws_iam_policy (#10178)
This is intended to behave the same way as name_prefix does in
aws_iam_role.

Fixes #10176
2016-11-17 14:03:03 +02:00
James Turnbull 86b7333a1f Fixed some typos and formatting in AWS index docs (#10189)
* Fixed whitespace

* Fixed some typos and formatting in AWS index docs
2016-11-17 13:52:06 +02:00
clint shryock 5ec5d65c77 provider/aws: Update Elasticache docs for corrections, clarity 2016-11-16 14:43:56 -06:00
Justin Nauman 75257e13ab Doc Update for ELB defaults
- Doc update to explicitly call out ELB defaults (so I don't have to look
at the source again :)
2016-11-15 15:00:13 -06:00
Ninir 3d56d20d82 Added retry_option for aws_kinesis_firehose_stream redshift_configuration 2016-11-15 10:55:02 -06:00
Chris Marchesi 051a4227d0 docs/aws: Document initial_lifecycle_hook in aws_autoscaling_group
This is a useful feature that seems to have been added in September,
with 7dd7078, but has not yet been documented.
2016-11-14 12:06:00 -08:00
Paul Stack ecb2b74c37 Merge pull request #9534 from Ninir/aws_apigw_deployment_date
provider/aws: 	Exposed aws_api_gateway_deployment.created_date attribute
2016-11-14 12:11:59 +00:00
Paul Stack 24231333d3 Exposed AWS API GW REST Api created_date attribute (#9532) 2016-11-14 12:09:28 +00:00
Ninir a88b25cfcf Exposed AWS API GW REST Api created_date attribute 2016-11-14 11:56:41 +01:00
Ninir 6fb63f2854 Exposed aws_api_gateway_deployment.created_date attribute 2016-11-14 11:21:36 +01:00
Ninir 932c92e4c6 Exposed aws_api_gateway_api_key created_date & last_updated_date (#9530) 2016-11-14 12:03:56 +02:00
Ninir d8e846c895 Fixed ##10079 exposing aws_iam_role create_date attribute (#10091) 2016-11-14 11:33:53 +02:00
Dusty Burwell ed3877d672 Add import documentation for DynamoDB Table (#10025) 2016-11-11 11:54:56 +02:00
dnABic 3024f2bb16 Adding launch configuration documentation update (#10015) 2016-11-10 12:02:01 +00:00
Paul Stack 73e191442d docs/aws: Rename zone_id to hosted_zone_id for aws_db_instance (#10010) 2016-11-10 06:50:02 +00:00
Michel Rasschaert 9774fcdbb0 documentation for db_instance.zone_id. 2016-11-09 20:40:40 +01:00
Nick Santamaria 8949419bef provider/aws: Add key_name_prefix argument to aws_key_pair resource (#9993)
* Added key_name_prefix to aws_key_pair resource schema.

* Added logic to prefix the aws_key_pair name on create.

* Added aws_key_pair test config for key_name_prefix case.

* Copied test cases from testAccAWSSecurityGroup namespace.

* Modified copied test case to suit aws_key_pair resource.

* Changed required flag to optional on key_name argument for aws_key_pair resource.

* Added documentation for key_name_prefix argument.

* Code style fix.

* Fixed undefined variable error in test.
2016-11-09 15:35:51 +00:00
ddcprg 27527ef3cb EMR Cluster - core_instance_count doesn't actually refer to core instances 2016-11-09 08:47:23 -06:00
Nick Santamaria d6d3e51906 Changed required flag to optional on key_name argument for aws_key_pair resource. (#9992) 2016-11-09 12:54:12 +00:00
Paddy 78f8fea1fa Merge pull request #9950 from optimisticanshul/9928-aws-redshift-enhanced-vpc-routing
Added AWS Redshift Enhanced VPC Routing
2016-11-08 11:02:37 -08:00
Clint 81e599e53f Merge pull request #9600 from HotelsDotCom/master
AWS EMR resource - Support for Service Access Security Group
2016-11-08 11:36:03 -06:00
Anshul Sharma e9821eaced Updated Redshift Documentation and Added Test Cases for Redshift Enchaned VPC routing 2016-11-08 18:13:10 +05:30
Ben Jordan 5902922c7c Update documentation for aws_spot_datafeed_subscription. 2016-11-07 15:48:11 -07:00
Paul Stack 3f032ff611 provider/aws: Setting static_routes_only on import of vpn_connection (#9802)
fixes #9110

An error was found where, static_routes_only was not set on a vpn
connection import. This commit introduces setting the static_routes_only
to false when no Options are found. This follows the AWS convention as follows:

```
- options (structure)

Indicates whether the VPN connection requires static routes. If you are creating a VPN connection for a device that does not support BGP, you must specify true .
Default: false

```

So we take it that `static_options_only` is false by default

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpnConnection_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 10:38:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpnConnection_ -timeout 120m
=== RUN   TestAccAWSVpnConnection_importBasic
--- PASS: TestAccAWSVpnConnection_importBasic (178.29s)
=== RUN   TestAccAWSVpnConnection_basic
--- PASS: TestAccAWSVpnConnection_basic (336.81s)
=== RUN   TestAccAWSVpnConnection_withoutStaticRoutes
--- PASS: TestAccAWSVpnConnection_withoutStaticRoutes (195.45s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	710.572s
```
2016-11-07 16:12:41 +00:00
James Nugent 4c99807448 Merge pull request #9842 from AndHei/patch-2
"aws_sns_topic_subscription" add further clarification for cross acco…
2016-11-06 10:21:39 -06:00
Andreas Heidoetting dd000d5943 aws_vpc_peering_connection ambiguous language
The documentation mentions ownership of both VPCs for aws_vpc_peering_connection auto_accept to work but if both VPC are in separate accounts it does not matter if both account are owned or not.

In #6843 its stated that aws_vpc_peering_connection only works if both VPC are in the same AWS account.

The documentation fails to mention that peeing of two VPCs in two different regions is not supported by AWS.
2016-11-05 19:38:07 +01:00
Kit Ewbank 4b506eb811 Correct 'VPN Endpoints' to 'VPC Endpoints' (#9887) 2016-11-04 19:47:52 +00:00
James Nugent c75369d65d Merge pull request #8359 from hashicorp/f-aws-acm-datasource
provider/aws: New Data Source: aws_acm_certificate
2016-11-04 07:49:58 -04:00
James Nugent 3361047e38 provider/aws: Address acm_certificate review items 2016-11-03 20:01:46 -04:00
Paul Hinze ccd745c96f provider/aws: New Data Source: aws_acm_certificate
Use this data source to get the ARN of a certificate in AWS Certificate
Manager (ACM). The process of requesting and verifying a certificate in ACM
requires some manual steps, which means that Terraform cannot automate the
creation of ACM certificates. But using this data source, you can reference
them by domain without having to hard code the ARNs as input.

The acceptance test included requires an ACM certificate be pre-created
in and information about it passed in via environment variables. It's a
bit sad but there's really no other way to do it.
2016-11-03 19:34:19 -04:00
clint shryock 6244463ffb Merge branch 'master' of github.com:hashicorp/terraform
* 'master' of github.com:hashicorp/terraform:
  Docs typo - s/instaces/instances
  Update CHANGELOG.md
  terraform: shadow graph uses GraphWalkerPanicwrap to catch errors
  terraform: GraphWalkerPanicwrap catches panics during graph walks
2016-11-03 16:14:33 -05:00
clint shryock 92eb13e9ef provider/aws: update AWS documentation on -1 protocol for Security Groups 2016-11-03 16:14:28 -05:00
Cameron Stokes 2478d0291e Docs typo - s/instaces/instances 2016-11-03 14:07:59 -07:00
Andreas Heidoetting 17fc8de9a1 "aws_sns_topic_subscription" add further clarification for cross account SNS topic to SQS queue subscription
based on additional comments in #6909 further clarification was in order
2016-11-03 11:58:24 -04:00
Andreas Heidoetting 1929fe76ff "aws_sns_topic_subscription" add notes and examples for cross account / region SNS topic to SQS queue subscription (#9838)
Based on https://github.com/hashicorp/terraform/issues/6909 I suggest adding information to the documentation about cross account / region SNS topic to SQS queue subscription.
2016-11-03 15:06:16 +00:00
Clint 751e7024de Merge pull request #9839 from hashicorp/b-aws-default-net-acl-docs
provider/aws: Fix documenation regarding default resources
2016-11-03 09:54:24 -05:00
Ninir d96a439029 Added missing argument for redshift cluster (#9831) 2016-11-03 14:47:19 +00:00
clint shryock 230a389b1a provider/aws: Fix documenation regarding default resources 2016-11-03 09:38:12 -05:00
Justin Nauman 9e11b59814 provider/aws: aws_autoscaling_attachment resource (#9146)
* GH-8755 - Adding in support to attach ASG to ELB as independent action

* GH-8755 - Adding in docs

* GH-8755 - Adjusting attribute name and responding to other PR feedback
2016-11-03 13:08:49 +00:00
James Nugent 549993147f Merge pull request #9822 from hashicorp/paddy_8502_sni
provider/aws: Add the enable_sni attribute for Route53 health checks.
2016-11-02 23:38:01 -04:00
Paddy 5fcd5404ce Document the enable_sni attribute on the website.
Now that we've added an `enable_sni` attribute to the Route53
health checks, add it to the health check documentation page so
users know about it.
2016-11-02 16:32:27 -07:00
Ninir ad041ae0e7 Updated the documentation to reflect that subnets_ids is required (#9817) 2016-11-02 21:43:26 +00:00
Paul Stack 6649b938da provider/aws: Provide the option to skip_destroy on aws_volume_attachment (#9792)
* provider/aws: Provide the option to skip_destroy on
aws_volume_attachment

When you want to attach and detach pre-existing EBS volumes to an
instance, we would do that as follows:

```
resource "aws_instance" "web" {
	ami = "ami-21f78e11"
  availability_zone = "us-west-2a"
	instance_type = "t1.micro"
	tags {
		Name = "HelloWorld"
	}
}

data "aws_ebs_volume" "ebs_volume" {
  filter {
  	name = "size"
  	values = ["${aws_ebs_volume.example.size}"]
  }
  filter {
  	name = "availability-zone"
  	values = ["${aws_ebs_volume.example.availability_zone}"]
  }
  filter {
  	name = "tag:Name"
  	values = ["TestVolume"]
  }
}

resource "aws_volume_attachment" "ebs_att" {
  device_name = "/dev/sdh"
	volume_id = "${data.aws_ebs_volume.ebs_volume.id}"
	instance_id = "${aws_instance.web.id}"
	skip_destroy = true
}
```

The issue here is that when we run a terraform destroy command, the volume tries to get detached from a running instance and goes into a non-responsive state. We would have to force_destroy the volume at that point and risk losing any data on it.

This PR introduces the idea of `skip_destroy` on a volume attachment. tl;dr:

We want the volume to be detached from the instane when the instance itself has been destroyed. This way the normal shut procedures will happen and protect the disk for attachment to another instance

Volume Attachment Tests:

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVolumeAttachment_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 00:47:27 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVolumeAttachment_ -timeout 120m
=== RUN   TestAccAWSVolumeAttachment_basic
--- PASS: TestAccAWSVolumeAttachment_basic (133.49s)
=== RUN   TestAccAWSVolumeAttachment_skipDestroy
--- PASS: TestAccAWSVolumeAttachment_skipDestroy (119.64s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	253.158s
```

EBS Volume Tests:

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEBSVolume_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 01:00:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEBSVolume_ -timeout 120m
=== RUN   TestAccAWSEBSVolume_importBasic
--- PASS: TestAccAWSEBSVolume_importBasic (26.38s)
=== RUN   TestAccAWSEBSVolume_basic
--- PASS: TestAccAWSEBSVolume_basic (26.86s)
=== RUN   TestAccAWSEBSVolume_NoIops
--- PASS: TestAccAWSEBSVolume_NoIops (27.89s)
=== RUN   TestAccAWSEBSVolume_withTags
--- PASS: TestAccAWSEBSVolume_withTags (26.88s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	108.032s
```

* Update volume_attachment.html.markdown
2016-11-02 15:29:37 +00:00
Daisuke Fujita bfeccfe669 Document about ElastiCache Replication Group port (#9800) 2016-11-02 10:09:15 +00:00
stack72 4d033aa189
docs/aws: Fixing the AWS WAF Documentation 2016-11-01 19:42:56 +00:00
Paul Stack aaece37ec9 provider/aws: Adding a datasource for aws_ebs_volume (#9753)
This will allows us to filter a specific ebs_volume for attachment to an
aws_instance

```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEbsVolumeDataSource_'✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/01 12:39:19 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEbsVolumeDataSource_ -timeout 120m
=== RUN   TestAccAWSEbsVolumeDataSource_basic
--- PASS: TestAccAWSEbsVolumeDataSource_basic (28.74s)
=== RUN   TestAccAWSEbsVolumeDataSource_multipleFilters
--- PASS: TestAccAWSEbsVolumeDataSource_multipleFilters (28.37s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws57.145s
```
2016-11-01 14:15:31 +00:00
Arthur Burkart 03a44b5687 Tiny typo (#9755)
Just a teeny tiny typo fix

"delgation" => "delegation"
2016-10-31 20:46:13 +00:00
Anshul Sharma 6432bb546c Added AWS Resource WAF SqlInjectionMatchSet (#9709) 2016-10-31 17:51:47 +00:00
Paul Stack fdabf59380 provider/aws: Expose ARN suffix on ALB Target Group (#9734)
When creating a CloudWatch Metric for an Application Load Balancer Target Group  it is
neccessary to use the suffix of the ARN as the reference to the load
balancer TG . This commit exposes that as an attribute on the `aws_alb_target_group`
resource to prevent the need to use regular expression substitution to
make the reference.
2016-10-31 17:05:06 +00:00
Paul Stack ed49da8bb1 provider/aws: Add support for reference_name to aws_route53_health_check (#9737)
Fixes #8679

The CallerReference attribute we passed to AWS in route53_health_checks
was `time.Now().Format(time.RFC3339Nano)`

When creating multiple resources with the Count meta-parameter, this was
causing issues as follows:

```
* aws_route53_health_check.healthstate.0: HealthCheckAlreadyExists: A different health check has already been created with the specified caller reference.
```

We have now exposed a new attribute called `reference_name` that can be set to pass multiple resources to the request

```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRoute53HealthCheck_'                              130 ↵ ✹
==> Cecking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/31 10:41:07 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRoute53HealthCheck_ -timeout 120m
=== RUN   TestAccAWSRoute53HealthCheck_importBasic
--- PASS: TestAccAWSRoute53HealthCheck_importBasic (17.08s)
=== RUN   TestAccAWSRoute53HealthCheck_basic
--- PASS: TestAccAWSRoute53HealthCheck_basic (28.17s)
=== RUN   TestAccAWSRoute53HealthCheck_withSearchString
--- PASS: TestAccAWSRoute53HealthCheck_withSearchString (28.07s)
=== RUN   TestAccAWSRoute53HealthCheck_withChildHealthChecks
--- PASS: TestAccAWSRoute53HealthCheck_withChildHealthChecks (20.71s)
=== RUN   TestAccAWSRoute53HealthCheck_IpConfig
--- PASS: TestAccAWSRoute53HealthCheck_IpConfig (16.09s)
=== RUN   TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck
--- PASS: TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck (22.42s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	132.568s
```
2016-10-31 16:00:40 +00:00
Anshul Sharma 625e747359 Added AWS Resource WAF XssMatchSet (#9710) 2016-10-31 08:51:08 +00:00
Masayuki Morita eb1a58d966 Update doc: aws_iam_user with force_destroy deletes IAM User Login Profile (#9716)
refs: https://github.com/hashicorp/terraform/pull/9583
2016-10-29 16:20:18 +01:00
Anshul Sharma cc8f11138f Added AWS Resource WAF SizeConstraintSet (#9689) 2016-10-29 00:58:37 +02:00
Andras Ferencz-Szabo 46cb7b4710 Allow underscores in IAM user and group names (#9684)
* Allow underscores in IAM user and group names

* Add notes to iam_user and iam_group docs that names are not distinguished by case
2016-10-28 14:40:04 +02:00
Anshul Sharma afc603c0f8 Added AWS Resource WAF ByteMatchSet (#9681) 2016-10-28 14:36:16 +02:00
Liam Bennett 8fee7642a9 New AWS resource `ssm_activation` (#9111)
Adding a new resource to support activation of managed instances for
on-premise virtual-machines.
2016-10-28 11:59:12 +02:00
Krzysztof Wilczynski a078b893d6 Add support for `AutoMinorVersionUpgrade` to aws_elasticache_replication_group resource. (#9657)
This commit adds an ability to modify the `AutoMinorVersionUpgrade` property of the
Replication Group (which is enabled by default) accordingly.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-28 00:08:14 +01:00
Mathieu Herbert 7f9baf7009 provider/aws: data source for AWS Security Group (#9604)
* provider/aws: data source for AWS Security Group

* provider/aws: add documentation  for data source for AWS Security Group

* provider/aws: data source for AWS Security Group (improve if condition and syntax)

* fix fmt
2016-10-27 18:17:58 +01:00
Kit Ewbank 3818720fd4 provider/aws: Data source to provides details about a specific AWS prefix list (#9566)
* Add AWS Prefix List data source.

AWS Prefix List data source acceptance test.

AWS Prefix List data source documentation.

* Improve error message when PL not matched.
2016-10-27 14:58:24 +01:00
Anshul Sharma bc42229b3d Added WAF ACL Resource (#8852) 2016-10-27 12:54:36 +01:00
stack72 54cca9b4fb
Merge branch 'master' of https://github.com/jvasallo/terraform into jvasallo-master 2016-10-27 11:00:48 +01:00
James Nugent eb17741d26 Merge pull request #9605 from hashicorp/keybase-aws-login-profile
provider/aws: aws_iam_user_login_profile resource
2016-10-25 20:09:42 -05:00
dario-simonetti dbdaf20a19 provider/aws: fix aws_elasticache_replication_group for Redis in cluster mode (#9601)
This is a fix for issue https://github.com/hashicorp/terraform/issues/9596.

Changes:
 - Adds new output attribute `configuration_endpoint_address`. Only
   used in Redis when in cluster mode.
 - Read the `snapshot_window` and `snapshot_retention_limit` from
   the
   replication group description instead of the cache cluster
   description.
 - Adds acceptance test and modifies an existing acceptance test to
   make sure that everything is still good in non-cluster mode
 - Updates docs to describe new output attribute
2016-10-25 23:59:54 +01:00
James Nugent 45e00490f7 provider/aws: Docs for aws_iam_user_login_profile 2016-10-25 12:08:51 -05:00
ddcprg 47e079b77b Support for Service Access Security Group 2016-10-25 16:55:09 +01:00
Ninir ef5ceb9681 Exposed aws_api_gw_domain_name.certificate_upload_date attribute (#9533) 2016-10-25 16:07:08 +01:00
Paul Stack c7935a0fd2 Merge pull request #9584 from hashicorp/aws-iam-group-name-validation
provider/aws: Add validation to IAM User and Group Name
2016-10-25 14:23:17 +01:00
stack72 79557bca80
provider/aws: Add validation to IAM User and Group Name
This will allow us to catch errors at plan time rather than waiting for
the API to tell us...

Documentation for IAM User NAme Validation -
http://docs.aws.amazon.com/cli/latest/reference/iam/create-user.html

Documentation for IAM Group Name validation -
http://docs.aws.amazon.com/cli/latest/reference/iam/create-group.html

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSIAMGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/25 13:18:41 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSIAMGroup_
-timeout 120m
=== RUN   TestAccAWSIAMGroup_importBasic
--- PASS: TestAccAWSIAMGroup_importBasic (13.80s)
=== RUN   TestAccAWSIAMGroup_basic
--- PASS: TestAccAWSIAMGroup_basic (23.30s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws37.121s
```

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUser_'                                                                 ✚
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/25 13:22:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUser_ -timeout 120m
=== RUN   TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (14.33s)
=== RUN   TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (25.36s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	39.710s
```
2016-10-25 13:18:41 +01:00
Paul Stack a65dc539ac Merge pull request #9504 from hashicorp/aws-redshift-sng-tags
provider/aws: Add tagging support to aws_redshift_subnet_group
2016-10-25 11:48:16 +01:00
Mike Tougeron ed7d19783f Add 'tags' attribute to the docs for aws_cloudfront_distribution 2016-10-24 15:10:37 -07:00
stack72 52f2717bfb
provider/aws: Add tagging support to aws_redshift_subnet_group
Fixes #9492

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRedshiftSubnetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/21 17:16:02 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRedshiftSubnetGroup_ -timeout 120m
=== RUN   TestAccAWSRedshiftSubnetGroup_importBasic
--- PASS: TestAccAWSRedshiftSubnetGroup_importBasic (86.54s)
=== RUN   TestAccAWSRedshiftSubnetGroup_basic
--- PASS: TestAccAWSRedshiftSubnetGroup_basic (85.50s)
=== RUN   TestAccAWSRedshiftSubnetGroup_updateSubnetIds
--- PASS: TestAccAWSRedshiftSubnetGroup_updateSubnetIds (140.01s)
=== RUN   TestAccAWSRedshiftSubnetGroup_tags
--- PASS: TestAccAWSRedshiftSubnetGroup_tags (136.02s)
PASS
ok	github.com/hashicorp/terraform/builtin/providers/aws	448.075
```
2016-10-24 13:44:46 +01:00
Paul Stack 7f35b56df8 Merge pull request #9454 from kwilczynski/feature/improve-documentation-aws_ecs_task_definition
provider/aws: Re-factor documentation for the aws_ecs_task_definition resource.
2016-10-24 15:57:49 +04:00
Paul Stack 184de27519 Merge pull request #9528 from jrstarke/cloudformation_parameters
Added a Parameter example
2016-10-24 15:54:09 +04:00
Krzysztof Wilczynski 263b1467a8
Remove references to documentation localised in French.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-24 11:59:03 +01:00
Jamie Starke 184e3ce8ad Fixed the parameters structure
Removed the `=` from the parameters structure, and changed the `VPCCidrParameter` to match `VPCCidr` in the Cloudformation template.
2016-10-23 19:13:45 -07:00
Jamie Starke 3ba46b2a9b Added a Parameter example 2016-10-22 17:23:38 -07:00
Paul Stack faa9c4ba59 docs/aws: Document the default of aws_alb enable_deletion_protection (#9503)
Fixes #9486
2016-10-22 13:36:37 +01:00
Clint 7d8a5e4423 Merge pull request #9172 from dnABic/docs-p2
Documentation Update: Changing virtualization type in documentation for aws_instance
2016-10-21 10:10:27 -05:00
Niclas Nilsson 2a5b3e406d Bugfix in example
Shouldn't the aws_route53_record in the example should use the "dev" zone_id?
2016-10-21 11:11:39 +02:00
Pat Downey 89803a2d00 fix incorrect reference to iops property in `aws_ami` data source 2016-10-20 09:50:04 -05:00
Krzysztof Wilczynski 2c67f9e875
Re-factor documentation for the aws_ecs_task_definition resource.
This commits changes the documentation of the aws_ecs_task_definition
resource to ensure that the `container_definitions` attribute consumes
a valid JSON document containing a list of valid container definitions,
rather than that the attribute itself is a list, etc.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-19 16:29:43 +01:00
@tmshn 8ec06e82b6 Added "arn" attribute to AWS Lambda alias 2016-10-16 21:43:44 +09:00
dnABic 4daf9eeef4 Changing t1.micro to t2.micro and m4.large 2016-10-15 01:02:44 +02:00
dnABic c1d6e36616 Changing t1 to t2 and us-east-1 to us-west-2 2016-10-15 00:37:30 +02:00
James Turnbull 523fffe176 Data source docs missing `data.`
Several variables were missing the `data.` prefix in the new subnet and
VPC data source documentation.
2016-10-15 06:32:20 +11:00
Clint 46ee2ef51a Merge pull request #6819 from hashicorp/f-aws-vpc-data-sources
provider/aws: data sources for AWS network planning
2016-10-13 14:17:55 -05:00
Nick Santamaria 6edbe2faf3 Removed errant backtick in AWS provider documentation. (#9317) 2016-10-13 08:50:46 -07:00
Dave Walter 5a40fa2914 Update the docs for the AWS security_group_rule resource.
- clarify the description of the from/to port arguments
2016-10-12 12:24:45 -07:00
Joel Vasallo 7dd376216b Added documentation around access_logs enabled and reverted default
value to true
2016-10-10 10:05:13 -05:00
Nick Walke e52ab28218
Add reference about AWS IAM policy requirements
This adds a note in the `aws_iam_policy_document` documentation that
`resources` is required by AWS if used on an IAM policy.  Also added a
note on `aws_iam_policy` that `aws_iam_policy_document` is a good thing
to use when configuring.

Closes #9002
2016-10-07 13:25:12 -05:00
Paul Stack dd66af0fa0 Merge pull request #8701 from steveh/feature/aws-billing-service-account
provider/aws: Add AWS Billing & Cost Management service account
2016-10-07 13:34:51 +01:00
DJ Home 56f35dd67d
Add ability to import AWS OpsWorks Custom Layers 2016-10-07 11:57:11 +01:00
Krzysztof Wilczynski 1260b3a9b5
Add new "ANY" as valid HTTP method to API Gateway validator.
This commit adds a new HTTP method to a list of valid HTTP methods which
is now accepted by API Gateway.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-10-06 16:11:45 +01:00
clint shryock dad6face2b re-go-fmt after rebase
use us-west-2 region in tests

update test with working config

provider/aws: Update EMR contribution with passing test, polling for instance in DELETE method

remove defaulted role

document emr_cluster

rename aws_emr -> aws_emr_cluster

update docs for name change

update delete timeout/polling

rename emr taskgroup to emr instance group

default instance group count to 0, down from 60

update to ref emr_cluster, emr_instance_group

more cleanups for instance groups; need to read and update

add read, delete method for instance groups

refactor the read method to seperate out the fetching of the specific group

more refactoring for finding instance groups

update emr instance group docs

err check on reading HTTP. Dont' return the error, just log it

refactor the create method to catch optionals

additional cleanups, added a read method

update test to be non-master-only

wrap up the READ method for clusters

poll for instance group to be running after a modification

patch up a possible deref

provider/aws: EMR cleanups

fix test naming

remove outdated docs

randomize emr_profile names
2016-10-05 14:30:16 -05:00
Paul Stack aa97ebd0e7 Merge pull request #9220 from AMeng/import-db-event-sub
provider/aws: Import aws_db_event_subscription
2016-10-05 01:03:53 +01:00
AMeng b7fae4028c provider/aws: Import aws_db_event_subscription 2016-10-04 15:24:30 -06:00
Michael Henry 0dd9a0db4b document new api_gateway_integration type values 2016-10-04 15:56:38 -04:00
Nick Walke aa87472aa2
Added note about us-east-1 ACM certs.
Fixes hashicorp/terraform#9170
2016-10-03 11:23:53 -05:00
Paul Stack 2d90f8a91c Merge pull request #9140 from hashicorp/import-aws-elasticache_replication_groups
provider/aws: Support Import of AWS elasticache_replication_groups
2016-10-03 16:59:31 +01:00
stack72 520f96e84b
provider/aws: Support Import of AWS elasticache_replication_groups
Fixes #9094

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/30 00:09:04 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSElasticacheReplicationGroup_importBasic -timeout 120m
=== RUN   TestAccAWSElasticacheReplicationGroup_importBasic
--- PASS: TestAccAWSElasticacheReplicationGroup_importBasic (756.38s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws756.398s
```
2016-10-03 16:52:29 +01:00
stack72 2f81f47d49
Merge branch 'import-opsworks-stacks' of https://github.com/DJRH/terraform into DJRH-import-opsworks-stacks 2016-10-03 16:23:03 +01:00
Paul Stack a72719a06b Revert "Fix docs aws_instance" 2016-10-03 15:45:34 +01:00
DJ Home 967335eae3 Merge branch 'master' into import-opsworks-stacks 2016-10-03 11:28:28 +01:00
dnABic 1cfc27730f Changing virtualization type in documentation for aws_instance 2016-10-02 23:54:16 +02:00
dnABic 34764c52af mostly typos in documens and aws autoscaling id instead of name 2016-09-30 22:41:15 +02:00
Alex Meng f6ce1ff5a5 Docs: Example import for cloudfront_distribution 2016-09-29 14:40:57 -06:00
DJ Home 1bc154535f Add ability to import OpsWorks stacks 2016-09-29 11:44:58 +01:00
Paul Stack b6718de299 Merge pull request #9010 from hashicorp/aws-elasticache-cluster-import
Aws elasticache cluster import
2016-09-28 19:49:42 +01:00
Anshul Sharma 1d443e87bc Fix docs
Fixes #8714
2016-09-27 13:26:15 +05:30
Radek Simko ac7f551155
aws: Fix docs after changing Aurora instance schema 2016-09-26 20:50:20 +01:00
hanks e12f42a8b5 remove `description` section in Argument Reference of AWS_DEFAULT_SECURITY_GROUP,
because do not support description field according to the source code.
2016-09-26 13:55:57 -05:00
Martin Atkins 94c45c67cd provider/aws: aws_region data source
The primary purpose of this data source is to ask the question "what is
my current region?", but it can also be used to retrieve the endpoint
hostname for a particular (possibly non-current) region, should that be
useful for some esoteric case.
2016-09-24 15:19:33 -07:00
Martin Atkins fca9216f53 provider/aws: availability zone data source
This adds a singular data source in addition to the existing plural one.
This allows retrieving data about a specific AZ.

As a helper for writing reusable modules, the AZ letter (without its
usual region name prefix) is exposed so that it can be used in
region-agnostic mappings where a different value is used per AZ, such as
for subnet numbering schemes.
2016-09-24 15:19:33 -07:00
Martin Atkins aa0b6019f8 provider/aws: aws_vpc data source 2016-09-24 15:19:33 -07:00
Martin Atkins 82f958cc17 provider/aws: aws_subnet data source 2016-09-24 15:19:33 -07:00
Sean Chittenden 31f20a1f31
AWS S3 bucket life_cycle rule IDs must be unique. 2016-09-23 15:09:25 -07:00
Alex Meng 79e1c55680 aws_flow_docs
Update aws_flow_log docs with aws_cloudwatch_log_group resource example.
2016-09-23 11:18:17 -06:00
Chris Marchesi 5af63c233e
provider/aws: Add query_string_cache_keys to aws_cloudfront_distribution
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.

This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
2016-09-23 13:11:05 +01:00
Chris Marchesi ec2b345ed0
provider/aws: Enable aws_cloudfront_distribution HTTP/2
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.

Fixes hashicorp/terraform#8730.
2016-09-23 13:10:33 +01:00
stack72 cea685099e
Merge branch 'elasticache-cluster-import' of https://github.com/AMeng/terraform into AMeng-elasticache-cluster-import 2016-09-23 10:04:57 +01:00
Paul Stack a8a1f6d166 Merge pull request #9007 from steve-jansen/patch-2
Update aws_lambda_permission doc for CloudWatch Events
2016-09-23 09:00:52 +01:00
tomgoren 208dc514df Fixed typo - no such thing as `aws_target_group` (#9005)
It seems like there was a typo and a reference was made to
`aws_target_group`, when the actual resource name is
`aws_alb_target_group`.
2016-09-22 22:21:03 -05:00
Clint b7ad602993 provider/aws: Fix importing of EIP by IP address (#8970)
* provider/aws: Fix importing of EIP by IP address

EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.

This PR does:

- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id

I chose not to document that looking up by IP is a method of import,
because the AWS  API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.

Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.

* fix issue with swapping IDs on EC2 Classic

* update docs

* update comment
2016-09-22 21:53:21 -05:00
Steve Jansen 2e7e284bc9 Update aws_lambda_permission for CloudWatch Events
Based on support case with AWS, CloudWatch Events invoking Lambda should also specify the `source_arn`

Example, the resulting policy needs to be like:
```
{
    "Condition": {
        "ArnLike": {
            "AWS:SourceArn": "arn:aws:events:us-east-1:0123456789:rule/my-cloudwatch-events-rule"
        }
    },
    "Action": "lambda:InvokeFunction",
    "Resource": "arn:aws:lambda:us-east-1:0123456789:function:my-lambda-function",
    "Effect": "Allow",
    "Principal": {
        "Service": "events.amazonaws.com"
    },
    "Sid": "AllowMyCloudWatchEventRuleToCallMyLambda"
}
```
2016-09-22 20:14:42 -04:00
Jarrod Jackson 50eb2338f0 Correct a typo in the description of the master_password argument. (#9004) 2016-09-22 15:58:02 -05:00
stack72 9fbbc343e9
provider/aws: VPC ID, Port, Protocol and Name change on
aws_alb_target_group will ForceNew resource

Fixes #8741

The modify-target-group doesn't allow changes to name, port, protocol or
vpc_id - therefore, they should all be ForceNew: true

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/22 16:04:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (50.66s)
=== RUN   TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (84.48s)
=== RUN   TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (95.89s)
=== RUN   TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (85.77s)
=== RUN   TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (85.00s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (88.11s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (82.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    572.083s
```
2016-09-22 17:12:39 +01:00
Paul Stack 27a89ff405 Merge pull request #8671 from hashicorp/f-aws-firehose-cloudwatch
provider/aws: Add support for `cloudwatch_logging_options` to AWS Kinesis Firehose Delivery Streams
2016-09-22 10:01:44 +01:00
James Nugent a64898e0eb provider/aws: Fix other example of vpc_id => id
Also related to #8981.
2016-09-22 09:09:13 +01:00
James Nugent 38b9467dae provider/aws: Change vpc_id to id in documentation 2016-09-22 08:44:22 +01:00
Jay Wallace 45da08c67f
Allow use of protocol numbers for ah and esp 2016-09-21 11:52:23 -07:00
stack72 067a2744c7
docs/aws: Adding as an exported parameter for the resource 2016-09-20 17:35:04 +01:00
Paul Stack e9e1896ad4 Merge pull request #8775 from TimeIncOSS/f-aws-api-gateway-client-cert
provider/aws: Add API Gateway Client Certificate
2016-09-20 16:52:01 +01:00
Arthur Barr 21563be27c Add heading markdown
It looks like the text is written with the intention of it being a heading, but it wasn't marked as such, which meant it read strangely in HTML.
2016-09-20 09:22:21 +01:00
Rick Fletcher 558cd3b230 Fix typos in the aws_default_security_group docs (#8927)
- "arguement" → "argument"
- link to the default AWS docs, not the fr_fr version
2016-09-19 22:42:50 -05:00
Jay Wallace 8bb4f7f05b Update redshift_security_group.html.markdown
underscores are not valid
2016-09-19 10:47:18 -07:00
Jay Wallace cd9437a82a Update redshift_subnet_group.html.markdown 2016-09-18 21:41:29 -07:00
Cameron Stokes 351c6bed79 Minor typo in aws_default_security_group docs. 2016-09-16 09:47:54 -07:00
Clint 69f44a04e9 provider/aws: Add reader_endpoint RDS Clusters (supersedes #8878) (#8884)
* provider/aws: Add support for Aurora ReaderEndpoint

* provider/aws: Add reader_endpoint to the schema, document, test
2016-09-16 16:45:04 +01:00
Adrian Hesketh 19e8932a92 Clarify how to notify multiple lambdas (#8854)
Clarified that to send notifications to more than one Lambda function requires a single `s3_bucket_notification` element with multiple `lambda_function` configuration elements.

If multiple `s3_bucket_notification` elements, each with a single `lambda_function` element are used, one of the configurations is applied, seemingly at random.
2016-09-15 15:28:07 -05:00
Clint 79bb2e8a87 provider/aws: Add Default Security Group Resource (#8861)
* Docs for default security group
* overrides of default behavior
* add special disclaimer
* update to support classic environments
2016-09-15 13:59:20 -05:00
Laurent Crisci 64acf0afe5 Fixed typo in aws_elb_attachment website docs
The instance argument is a string and not a list.
It will give you an error if you try to define it as a list.
2016-09-14 23:17:19 +01:00
James Nugent 9d51ebd0aa provider/aws: Expose ARN suffix on ALB (#8833)
When creating a CloudWatch Metric for an Application Load Balancer it is
neccessary to use the suffix of the ARN as the reference to the load
balancer. This commit exposes that as an attribute on the `aws_alb`
resource to prevent the need to use regular expression substitution to
make the reference.

Fixes #8808.
2016-09-14 15:50:10 +01:00
Kerim Satirli 5aa1d3a4e5 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN 2016-09-14 11:18:47 +02:00
James Nugent 10226030dd Merge pull request #8823 from RodrigoAlmodovar/patch-1
Update ses_receipt_rule_set.html.markdown
2016-09-14 01:15:41 -07:00
Kerim Satirli dfb85fb0d7 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN (#8816)
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: https://github.com/hashicorp/terraform/pull/1785)

Example ENV:

```
AWS_SECURITY_TOKEN="FQo...vgU="
AWS_ACCESS_KEY_ID="A...A"
AWS_SECRET_ACCESS_KEY="I...t"
AWS_DEFAULT_REGION="eu-west-1"
```
This errors with messages akin to "AWS was not able to validate the provided access credentials".

Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: d1ac7d3b2e/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go (L69), making this whole thing a documentation change.

Happy to provide test cases or additional insights though!
2016-09-13 13:04:46 -05:00
RodrigoAlmodovar d29fb0b691 Update ses_receipt_rule_set.html.markdown
Title was wrong. It said aws_ses_active_receipt_rule_set while the page is referred to aws_ses_receipt_rule_set
2016-09-13 17:19:04 +02:00
Silvio Moioli 78bb87082b aws_instance doc: fix attachment resource name
Correct name is `aws_volume_attachment`.
2016-09-13 08:41:39 +02:00
Paul Stack 44bc70971d Merge pull request #8673 from hashicorp/f-aws-alb-generated-name
provider/aws: Allow `aws_alb` to have the name auto-generated
2016-09-12 11:04:47 +01:00
stack72 229f2698ce
Merge branch '6973-codecommit-trigger' of https://github.com/optimisticanshul/terraform into optimisticanshul-6973-codecommit-trigger 2016-09-12 10:44:32 +01:00
stack72 20ad3e0b2f
provider/aws: Allow `aws_alb` to have the name auto-generated
In order to satisify scenarios where a lifecycle is block is used, we
would need the AWS ALB name field to be autogenerated. WE follow the
same work as AWS ELB, we prefix it with `tl-lb-`

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/08 12:43:40 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout
120m
=== RUN   TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (79.81s)
=== RUN   TestAccAWSALB_generatedName
--- PASS: TestAccAWSALB_generatedName (93.81s)
=== RUN   TestAccAWSALB_namePrefix
--- PASS: TestAccAWSALB_namePrefix (73.48s)
=== RUN   TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (181.32s)
=== RUN   TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (66.03s)
=== RUN   TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (130.82s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    625.285s
```
2016-09-12 10:38:13 +01:00
Radek Simko 46d5d51ad6
provider/aws: Add API Gateway Client Certificate 2016-09-12 10:09:47 +01:00
Paul Stack 04e675c663 Merge pull request #8779 from TimeIncOSS/docs-fix-misspellings
docs: Fix misspelled words
2016-09-12 09:41:26 +01:00
Anshul Sharma 7150bafb84 Remove Region Condition From CodeCommit Repo Resource (#8778) 2016-09-12 07:30:46 +01:00
Radek Simko 43de2afde1
docs: Fix misspelled words 2016-09-12 07:08:00 +01:00
Anshul Sharma 497063af3e Added Codecommit Trigger 2016-09-12 10:17:04 +05:30
Steve Hoeksema 1d04cdb9bc Export AWS ELB service account ARN (#8700) 2016-09-11 19:13:58 +01:00
stack72 d81cbdb4fb
provider/aws: Add support for `cloudwatch_logging_options` to AWS
Kinesis Firehose Delivery Streams

Fixes #7152

Adding support for CloudWatch Logging to Firehose as per the
instructions here -
http://docs.aws.amazon.com/firehose/latest/dev/monitoring-with-cloudwatch-logs.html

```

```
2016-09-07 23:29:08 +01:00
Paul Stack de53db01b9 Merge pull request #8653 from TimeIncOSS/f-aws-lambda-publish
provider/aws: Support 'publish' attribute in lambda_function
2016-09-07 09:32:01 +01:00
Steve Hoeksema 74587baa4a Add AWS Billing & Cost Management service account
This adds a very simple data source for the AWS Billing account ID magic number.

Used to allow AWS to dump detailed billing reports into an S3 bucket you control.

http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2
2016-09-07 17:43:45 +12:00
Marcus Noble 55a43c444a Corrected stage_name argument 2016-09-06 16:40:08 +01:00
Radek Simko 5820ce6c5c
provider/aws: Add aws_sqs_queue_policy 2016-09-05 08:17:48 +01:00
Radek Simko c1178967b0
provider/aws: Add aws_sns_topic_policy 2016-09-04 18:34:24 +01:00
Radek Simko 03df8360cb
provider/aws: Support 'publish' attribute in lambda_function 2016-09-04 17:15:35 +01:00
James Nugent 6c23181686 Merge pull request #8383 from kjmkznr/import-aws-s3-b-notification
provider/aws: Support import `aws_s3_bucket_notification`
2016-09-03 15:50:25 -07:00
stack72 49b8568bec
provider/aws: `aws_cloudwatch_log_stream` resource
This is a requirement for enabling CloudWatch Logging on Kinesis
Firehost

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchLogStream_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/02 16:19:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSCloudWatchLogStream_ -timeout 120m
=== RUN   TestAccAWSCloudWatchLogStream_basic
--- PASS: TestAccAWSCloudWatchLogStream_basic (22.31s)
=== RUN   TestAccAWSCloudWatchLogStream_disappears
--- PASS: TestAccAWSCloudWatchLogStream_disappears (21.21s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    43.538s
2016-09-04 00:26:02 +03:00
James Nugent 54784864fc Merge pull request #8640 from TimeIncOSS/f-aws-cloudformation-data-source
provider/aws: Add cloudformation_stack data source
2016-09-03 14:16:46 -07:00
Paul Stack 0370f41df5 Merge pull request #8440 from hashicorp/aws-spotfeed-sub
provider/aws: New resource `aws_spot_datafeed_subscription`
2016-09-04 00:16:14 +03:00
Paul Stack 7485061635 Merge pull request #8637 from jrm16020/jeremy_tls_provider_docs_update
Adding reference to docs for supported ECDSA curves.
2016-09-03 23:11:57 +03:00
stack72 7e89c1d3a2
Merge branch 'paybyphone-paybyphone_GH_6396' 2016-09-03 23:10:27 +03:00
James Nugent 94ca84e772 Merge pull request #8638 from hashicorp/f-aws-assume-role
provider/aws: Add support for AssumeRole prior to operations
2016-09-03 13:04:03 -07:00
Chris Marchesi 38d2a2e717
provider/aws: VPC Peering: allow default peer VPC ID
Update the aws_vpc_peering_connection resource to allow peer_owner_id
to be omitted, defaulting to the connected AWS account ID (ie: for
VPC-to-VPC peers in the same account).

Also included is a doc cleanup and updates to the peer test in
resource_aws_route_table_test.go.

This fixes hashicorp/terraform#6396.
2016-09-03 23:03:31 +03:00
James Nugent e3ccb51168 provider/aws: Add assume_role block to provider
This replaces the previous `role_arn` with a block which looks like
this:

```
provider "aws" {
        // secret key, access key etc

	assume_role {
	        role_arn = "<Role ARN>"
		session_name = "<Session Name>"
		external_id = "<External ID>"
	}
}
```

We also modify the configuration structure and read the values from the
block if present into those values and adjust the call to AssumeRole to
include the SessionName and ExternalID based on the values set in the
configuration block.

Finally we clean up the tests and add in missing error checks, and clean
up the error handling logic in the Auth helper functions.
2016-09-03 12:54:30 -07:00
stack72 900e14e168
provider/aws: New resource `aws_spot_datafeed_subscription`
Fixes: #4922

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSpotDatafeedSubscription_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 10:46:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSpotDatafeedSubscription_ -timeout 120m
=== RUN   TestAccAWSSpotDatafeedSubscription_importBasic
--- PASS: TestAccAWSSpotDatafeedSubscription_importBasic (56.31s)
=== RUN   TestAccAWSSpotDatafeedSubscription_basic
--- PASS: TestAccAWSSpotDatafeedSubscription_basic (56.77s)
=== RUN   TestAccAWSSpotDatafeedSubscription_disappears
--- PASS: TestAccAWSSpotDatafeedSubscription_disappears (56.79s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    169.893s
```
2016-09-03 20:06:40 +03:00
Radek Simko a3c21d6c3b
provider/aws: Add cloudformation_stack data source 2016-09-03 11:33:59 +01:00
Jeremy Young b295192ed3 Adding reference in ELB docs for supported ECDSA curves. 2016-09-02 16:25:20 -05:00
Ian Duffy 767914bbdc [GH-1275] Support for AWS access via IAMs AssumeRole functionality
This commit enables terraform to utilise the assume role functionality
of sts to execute commands with different privileges than the API
keys specified.

Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-09-02 10:22:57 -07:00
Jesse Mandel f168c90afa Update ami.html.markdown
typo `i368` to `i386`
2016-09-02 10:22:18 -07:00
James Nugent 93f31fce17 provider/aws: Add aws_s3_bucket_policy resource
This commit adds a new "attachment" style resource for setting the
policy of an AWS S3 bucket. This is desirable such that the ARN of the
bucket can be referenced in an IAM Policy Document.

In addition, we now suppress diffs on the (now-computed) policy in the
S3 bucket for structurally equivalent policies, which prevents flapping
because of whitespace and map ordering changes made by the S3 endpoint.
2016-09-02 09:07:54 -07:00
liamjbennett e98e5fb017
provider/aws: add aws_ssm_association resource 2016-09-02 16:46:05 +03:00
Babak Mahmoudy 28767a20df Add missing json attribute to documentation 2016-09-02 12:55:14 +10:00
Alfonso Cabrera 30ea22c252 Fix multiple typos (#8611) 2016-09-01 15:07:58 -05:00
stack72 cea2ff6be0
docs/aws: `aws_alb` name parameter is now documented as a Required
field

The validation rules are also included in the documentation

Fixes #8561
2016-08-31 20:06:04 +01:00
Sean Knight 76ea6c59cd website: fix error in the Kinesis Firehose ElasticSearch example
"destination" was set to "redshift" by mistake.
2016-08-29 17:00:38 -07:00
stack72 d330ac4d26
docs/aws: AWS ELB access_logs now support whether to enable or disable logging 2016-08-29 21:15:10 +01:00
Radek Simko cc38378870 provider/aws: API Gateway Custom Authorizer (#8535)
* [WIP] AWS APIGateway Custom Authorizer

* provider/aws: api_gateway_method - Add missing fields to Read+Update

* provider/aws: Make API Gateway name in test more specific

* provider/aws: APIG - Use minimal configuration in create request
2016-08-29 20:51:59 +01:00
Krzysztof Wilczynski 52eeaa0b72 Fix example. Do not use deprecated attribute. (#8531)
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-29 15:39:29 +01:00
Paul Stack 53ac54ac06 docs/aws: Add `primary_endpoint_address` to the docs for (#8528)
`aws_elasticache_replication_group`
2016-08-29 14:39:15 +01:00
Martin Atkins 4f906dba7a Merge #8403: name_regex attribute on aws_ami data source 2016-08-27 13:11:45 -07:00
Martin Atkins 39d68025a5 Merge #8505: correct mistake in example for aws_ip_ranges data source 2016-08-27 07:28:58 -07:00
Clint daac877c82 provider/aws: Get and export ASG ARN value (#8503) 2016-08-27 15:20:11 +01:00
knakayama 0b67962338 Fix doc for provider/aws_ip_ranges 2016-08-27 09:41:34 +09:00
Clint 3cfce54910 Update alb_listener_rule.html.markdown
fix typo
2016-08-26 09:40:36 -05:00
sethp-jive 36d0e6690d aws_iam_instance_profile: Restrict example perms
In this example, principal "AWS": "*" tells IAM that any user in the world can assume that role as long as they know the account ID + role name. 

In my testing, "Service": "ec2.amazonaws.com" is sufficiently permissive to allow the instance_profile to work without allowing global accesses.
2016-08-25 15:28:39 -07:00
Clint 49ecfe8921 provider/aws: Add aws_default_route_table resource (#8323)
* provider/aws: Add docs for Default Route Table

* add new default_route_table_id attribute, test to VPC

* stub

* add warning to docs

* rough implementation

* first test

* update test, add swap test

* fix typo
2016-08-25 16:02:44 -05:00
stack72 0087068a0e
provider/aws: `aws_ecs_container_definition` datasource parameter
changes to memory_reservation
2016-08-25 18:10:08 +01:00
Paul Stack 0adc1fc4b2 provider/aws: Allow `aws_rds_instance` to upgrade the major version (#8471)
Fixes #8468

If a user wished to bump the `engine_version` of an RDS instance,
Terraform was not sending `allow_major_version_upgrade` to the API
*unless* that value also changed at the same time. This caused the
following error from RDS API:

```
* aws_db_instance.bar: Error modifying DB Instance
* tf-20160825101420910562798obb: InvalidParameterCombination: The
* AllowMajorVersionUpgrade flag must be present when upgrading to a new
* major version.
    status code: 400, request id: 20e36364-6ab0-11e6-b794-51f12f4135f1
```

This change will always send the `allow_major_version_upgrade` flag to
the API when the `engine_version` changes.

This still relies on the user setting the correct value i.e. if they are
upgrading from postgres 0.4.7 -> 9.5.2 then the config will need to set
the `allow_major_version_upgrade` flag to be `true`
2016-08-25 13:54:40 +01:00
Paul Stack 64510d9cfb provider/aws: Adding `aws_ssm_document` resource (#8460)
* provider/aws: add `aws_ssm_document` resource

* provider/aws: Changes to `aws_ssm_document` post code review

The changes are things like using d.Id rather than d.Get("name").(string)

and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 09:47:24 +01:00
Paul Stack 3901827b40 provider/aws: Validate `aws_iam_policy_attachment` Name parameter to stop being empty (#8441)
* provider/aws: Validate `aws_iam_policy_attachment` Name parameter to
stop being empty

Fixes #8368

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSPolicyAttachment_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 11:46:01 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSPolicyAttachment_ -timeout 120m
=== RUN   TestAccAWSPolicyAttachment_basic
--- PASS: TestAccAWSPolicyAttachment_basic (44.67s)
=== RUN   TestAccAWSPolicyAttachment_paginatedEntities
--- PASS: TestAccAWSPolicyAttachment_paginatedEntities (161.68s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    206.379s
```

* Update resource_aws_iam_policy_attachment.go
2016-08-24 21:28:41 +01:00
stack72 01fca172cb
provider/aws: Removing the merge conflict from the redshift_cluster resource 2016-08-24 20:50:06 +01:00
Clint 341c7bf766 provider/aws: Update VPC Peering connect accept/request attributes (supersedes #8338) (#8432)
* Fix crash when reading VPC Peering Connection options.

This resolves the issue introduced in #8310.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* Do not de-reference values when using Set().

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

* provider/aws: Update VPC Peering connect accept/request attributes

* change from type list to type set

* provider/aws: Update VPC Peering accept/requst options, tests

* errwrap some things
2016-08-24 13:24:42 -05:00
Paul Stack e524603d3f provider/aws: AWS SpotFleet Requests now works with Subnets and AZs (#8320)
* provider/aws: Change Spot Fleet Request to allow a combination of
subnet_id and availability_zone

Also added a complete set of tests that reflect all of the use cases
that Amazon document
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-examples.html

It is important to note there that Terraform will be suggesting that
users create multiple launch configurations rather than AWS's version of
combing values into CSV based parameters. This will ensure that we are
able to enforce the correct state

Also note that `associate_public_ip_address` now defaults to `false` - a migration has been
included in this PR to migration users of this functionality. This needs
to be noted in the changelog. The last part of changing functionality
here is waiting for the state of the request to become `active`. Before
we get to this state, we cannot guarantee that Amazon have accepted the
request or it could have failed validation.

```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSSpotFleetRequest_'
% 2 ↵
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/22 15:44:21 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSpotFleetRequest_ -timeout 120m
=== RUN   TestAccAWSSpotFleetRequest_changePriceForcesNewRequest
--- PASS: TestAccAWSSpotFleetRequest_changePriceForcesNewRequest (133.90s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceAzOrSubnetInRegion
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceAzOrSubnetInRegion (76.67s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceAzInGivenList
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceAzInGivenList (75.22s)
=== RUN   TestAccAWSSpotFleetRequest_lowestPriceSubnetInGivenList
--- PASS: TestAccAWSSpotFleetRequest_lowestPriceSubnetInGivenList (96.95s)
=== RUN   TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameAz
--- PASS: TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameAz (74.44s)
=== RUN   TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameSubnet
--- PASS: TestAccAWSSpotFleetRequest_multipleInstanceTypesInSameSubnet (97.82s)
=== RUN   TestAccAWSSpotFleetRequest_overriddingSpotPrice
--- PASS: TestAccAWSSpotFleetRequest_overriddingSpotPrice (76.22s)
=== RUN   TestAccAWSSpotFleetRequest_diversifiedAllocation
--- PASS: TestAccAWSSpotFleetRequest_diversifiedAllocation (79.81s)
=== RUN   TestAccAWSSpotFleetRequest_withWeightedCapacity
--- PASS: TestAccAWSSpotFleetRequest_withWeightedCapacity (77.15s)
=== RUN   TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName
--- PASS: TestAccAWSSpotFleetRequest_CannotUseEmptyKeyName (0.00s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    788.184s
```

* Update resource_aws_spot_fleet_request.go
2016-08-24 11:08:46 +01:00
Paul Stack 3a2d73a2b1 provider/aws: Add support to `aws_redshift_cluster` for restoring from (#8414)
snapshot

Fixes #6406

Adds 2 new parameters:

* `snapshot_identifier`
* `snapshot_cluster_identifier`

These will be used to allow the Redshift cluster to be restored from a
pre-existing snapshot. Also makes the redshift username and password
fields optional as these are not required for the snapshot

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRedshiftCluster_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 12:04:53 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftCluster_ -timeout 120m
=== RUN   TestAccAWSRedshiftCluster_importBasic
--- PASS: TestAccAWSRedshiftCluster_importBasic (741.03s)
=== RUN   TestAccAWSRedshiftCluster_basic
--- PASS: TestAccAWSRedshiftCluster_basic (656.33s)
=== RUN   TestAccAWSRedshiftCluster_loggingEnabled
--- PASS: TestAccAWSRedshiftCluster_loggingEnabled (718.65s)
=== RUN   TestAccAWSRedshiftCluster_iamRoles
--- PASS: TestAccAWSRedshiftCluster_iamRoles (818.10s)
=== RUN   TestAccAWSRedshiftCluster_publiclyAccessible
--- PASS: TestAccAWSRedshiftCluster_publiclyAccessible (853.30s)
=== RUN   TestAccAWSRedshiftCluster_updateNodeCount
--- PASS: TestAccAWSRedshiftCluster_updateNodeCount (2083.37s)
=== RUN   TestAccAWSRedshiftCluster_tags
--- PASS: TestAccAWSRedshiftCluster_tags (621.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws
6491.963s
```

When deploying this, I was able to use config as follows:

```
resource "aws_redshift_cluster" "restore" {
  cluster_identifier = "my-test-restored-cluster"
  snapshot_identifier = "sample-snapshot-for-restore"
  node_type = "dc1.large"
}
```

And it resulted in:

```
terraform apply
[WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider.
  If you did not expect to see this message you will need to remove the old plugin.
  See https://www.terraform.io/docs/internals/internal-plugins.html
aws_redshift_cluster.restore: Creating...
  allow_version_upgrade:               "" => "true"
  automated_snapshot_retention_period: "" => "1"
  availability_zone:                   "" => "<computed>"
  bucket_name:                         "" => "<computed>"
  cluster_identifier:                  "" => "my-test-restored-cluster"
  cluster_parameter_group_name:        "" => "<computed>"
  cluster_public_key:                  "" => "<computed>"
  cluster_revision_number:             "" => "<computed>"
  cluster_security_groups.#:           "" => "<computed>"
  cluster_subnet_group_name:           "" => "<computed>"
  cluster_type:                        "" => "<computed>"
  cluster_version:                     "" => "1.0"
  database_name:                       "" => "<computed>"
  enable_logging:                      "" => "false"
  encrypted:                           "" => "<computed>"
  endpoint:                            "" => "<computed>"
  iam_roles.#:                         "" => "<computed>"
  kms_key_id:                          "" => "<computed>"
  node_type:                           "" => "dc1.large"
  number_of_nodes:                     "" => "1"
  port:                                "" => "5439"
  preferred_maintenance_window:        "" => "<computed>"
  publicly_accessible:                 "" => "true"
  s3_key_prefix:                       "" => "<computed>"
  skip_final_snapshot:                 "" => "true"
  snapshot_identifier:                 "" => "sample-snapshot-for-restore"
  vpc_security_group_ids.#:            "" => "<computed>"
..........
aws_redshift_cluster.restore: Still creating... (5m20s elapsed)
aws_redshift_cluster.restore: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
```
2016-08-24 10:58:05 +01:00
Paul Stack eec7b342c8 provider/aws: Support `snapshot_name` for ElastiCache Cluster and (#8419)
Replication Groups

In order to be able to restore a named snapshot as ElastiCache Cluster
or a Replication Group, the `snapshot_name` parameter was needed to be
passed. Changing the `snapshot_name` will force a new resource to be
created

```

```
2016-08-24 10:55:20 +01:00
Paul Stack 0d8709bdf3 provider/aws: Support Tags for `aws_alb` and `aws_alb_target_group` (#8422)
resources

Fixes #8420

Adds the ability to update tags on the ALB resource as well as
supporting tags on `aws_alb_target_group`

```
ALB Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'                                                                                                                         2 ↵ ✹
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 19:30:16 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout 120m
=== RUN   TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (67.18s)
=== RUN   TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (99.88s)
=== RUN   TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (62.49s)
=== RUN   TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (126.25s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	355.835s
```

```
ALB Target Group Tests:

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/23 19:37:37 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (47.26s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (81.01s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (78.74s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	207.025s
```
2016-08-24 10:54:43 +01:00
Paul Stack f22564c6c8 docs/aws: Documentation Update for `aws_db_option_group` (#8424)
Remove `apply_immediately` from the example and add a short note that we
apply_immediately by default
2016-08-23 20:02:22 +01:00
Radek Simko 070942df0f provider/aws: Add support for ECS svc - LB target group (#8190) 2016-08-23 11:19:43 -05:00