Commit Graph

1186 Commits

Author SHA1 Message Date
Paul Stack 2d90f8a91c Merge pull request #9140 from hashicorp/import-aws-elasticache_replication_groups
provider/aws: Support Import of AWS elasticache_replication_groups
2016-10-03 16:59:31 +01:00
stack72 520f96e84b
provider/aws: Support Import of AWS elasticache_replication_groups
Fixes #9094

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/30 00:09:04 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSElasticacheReplicationGroup_importBasic -timeout 120m
=== RUN   TestAccAWSElasticacheReplicationGroup_importBasic
--- PASS: TestAccAWSElasticacheReplicationGroup_importBasic (756.38s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws756.398s
```
2016-10-03 16:52:29 +01:00
stack72 2f81f47d49
Merge branch 'import-opsworks-stacks' of https://github.com/DJRH/terraform into DJRH-import-opsworks-stacks 2016-10-03 16:23:03 +01:00
Paul Stack a72719a06b Revert "Fix docs aws_instance" 2016-10-03 15:45:34 +01:00
DJ Home 967335eae3 Merge branch 'master' into import-opsworks-stacks 2016-10-03 11:28:28 +01:00
dnABic 1cfc27730f Changing virtualization type in documentation for aws_instance 2016-10-02 23:54:16 +02:00
dnABic 34764c52af mostly typos in documens and aws autoscaling id instead of name 2016-09-30 22:41:15 +02:00
Alex Meng f6ce1ff5a5 Docs: Example import for cloudfront_distribution 2016-09-29 14:40:57 -06:00
DJ Home 1bc154535f Add ability to import OpsWorks stacks 2016-09-29 11:44:58 +01:00
Paul Stack b6718de299 Merge pull request #9010 from hashicorp/aws-elasticache-cluster-import
Aws elasticache cluster import
2016-09-28 19:49:42 +01:00
Anshul Sharma 1d443e87bc Fix docs
Fixes #8714
2016-09-27 13:26:15 +05:30
Radek Simko ac7f551155
aws: Fix docs after changing Aurora instance schema 2016-09-26 20:50:20 +01:00
hanks e12f42a8b5 remove `description` section in Argument Reference of AWS_DEFAULT_SECURITY_GROUP,
because do not support description field according to the source code.
2016-09-26 13:55:57 -05:00
Martin Atkins 94c45c67cd provider/aws: aws_region data source
The primary purpose of this data source is to ask the question "what is
my current region?", but it can also be used to retrieve the endpoint
hostname for a particular (possibly non-current) region, should that be
useful for some esoteric case.
2016-09-24 15:19:33 -07:00
Martin Atkins fca9216f53 provider/aws: availability zone data source
This adds a singular data source in addition to the existing plural one.
This allows retrieving data about a specific AZ.

As a helper for writing reusable modules, the AZ letter (without its
usual region name prefix) is exposed so that it can be used in
region-agnostic mappings where a different value is used per AZ, such as
for subnet numbering schemes.
2016-09-24 15:19:33 -07:00
Martin Atkins aa0b6019f8 provider/aws: aws_vpc data source 2016-09-24 15:19:33 -07:00
Martin Atkins 82f958cc17 provider/aws: aws_subnet data source 2016-09-24 15:19:33 -07:00
Sean Chittenden 31f20a1f31
AWS S3 bucket life_cycle rule IDs must be unique. 2016-09-23 15:09:25 -07:00
Alex Meng 79e1c55680 aws_flow_docs
Update aws_flow_log docs with aws_cloudwatch_log_group resource example.
2016-09-23 11:18:17 -06:00
Chris Marchesi 5af63c233e
provider/aws: Add query_string_cache_keys to aws_cloudfront_distribution
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.

This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
2016-09-23 13:11:05 +01:00
Chris Marchesi ec2b345ed0
provider/aws: Enable aws_cloudfront_distribution HTTP/2
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.

Fixes hashicorp/terraform#8730.
2016-09-23 13:10:33 +01:00
stack72 cea685099e
Merge branch 'elasticache-cluster-import' of https://github.com/AMeng/terraform into AMeng-elasticache-cluster-import 2016-09-23 10:04:57 +01:00
Paul Stack a8a1f6d166 Merge pull request #9007 from steve-jansen/patch-2
Update aws_lambda_permission doc for CloudWatch Events
2016-09-23 09:00:52 +01:00
tomgoren 208dc514df Fixed typo - no such thing as `aws_target_group` (#9005)
It seems like there was a typo and a reference was made to
`aws_target_group`, when the actual resource name is
`aws_alb_target_group`.
2016-09-22 22:21:03 -05:00
Clint b7ad602993 provider/aws: Fix importing of EIP by IP address (#8970)
* provider/aws: Fix importing of EIP by IP address

EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.

This PR does:

- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id

I chose not to document that looking up by IP is a method of import,
because the AWS  API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.

Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.

* fix issue with swapping IDs on EC2 Classic

* update docs

* update comment
2016-09-22 21:53:21 -05:00
Steve Jansen 2e7e284bc9 Update aws_lambda_permission for CloudWatch Events
Based on support case with AWS, CloudWatch Events invoking Lambda should also specify the `source_arn`

Example, the resulting policy needs to be like:
```
{
    "Condition": {
        "ArnLike": {
            "AWS:SourceArn": "arn:aws:events:us-east-1:0123456789:rule/my-cloudwatch-events-rule"
        }
    },
    "Action": "lambda:InvokeFunction",
    "Resource": "arn:aws:lambda:us-east-1:0123456789:function:my-lambda-function",
    "Effect": "Allow",
    "Principal": {
        "Service": "events.amazonaws.com"
    },
    "Sid": "AllowMyCloudWatchEventRuleToCallMyLambda"
}
```
2016-09-22 20:14:42 -04:00
Jarrod Jackson 50eb2338f0 Correct a typo in the description of the master_password argument. (#9004) 2016-09-22 15:58:02 -05:00
stack72 9fbbc343e9
provider/aws: VPC ID, Port, Protocol and Name change on
aws_alb_target_group will ForceNew resource

Fixes #8741

The modify-target-group doesn't allow changes to name, port, protocol or
vpc_id - therefore, they should all be ForceNew: true

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/22 16:04:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN   TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (50.66s)
=== RUN   TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (84.48s)
=== RUN   TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (95.89s)
=== RUN   TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (85.77s)
=== RUN   TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (85.00s)
=== RUN   TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (88.11s)
=== RUN   TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (82.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    572.083s
```
2016-09-22 17:12:39 +01:00
Paul Stack 27a89ff405 Merge pull request #8671 from hashicorp/f-aws-firehose-cloudwatch
provider/aws: Add support for `cloudwatch_logging_options` to AWS Kinesis Firehose Delivery Streams
2016-09-22 10:01:44 +01:00
James Nugent a64898e0eb provider/aws: Fix other example of vpc_id => id
Also related to #8981.
2016-09-22 09:09:13 +01:00
James Nugent 38b9467dae provider/aws: Change vpc_id to id in documentation 2016-09-22 08:44:22 +01:00
Jay Wallace 45da08c67f
Allow use of protocol numbers for ah and esp 2016-09-21 11:52:23 -07:00
stack72 067a2744c7
docs/aws: Adding as an exported parameter for the resource 2016-09-20 17:35:04 +01:00
Paul Stack e9e1896ad4 Merge pull request #8775 from TimeIncOSS/f-aws-api-gateway-client-cert
provider/aws: Add API Gateway Client Certificate
2016-09-20 16:52:01 +01:00
Arthur Barr 21563be27c Add heading markdown
It looks like the text is written with the intention of it being a heading, but it wasn't marked as such, which meant it read strangely in HTML.
2016-09-20 09:22:21 +01:00
Rick Fletcher 558cd3b230 Fix typos in the aws_default_security_group docs (#8927)
- "arguement" → "argument"
- link to the default AWS docs, not the fr_fr version
2016-09-19 22:42:50 -05:00
Jay Wallace 8bb4f7f05b Update redshift_security_group.html.markdown
underscores are not valid
2016-09-19 10:47:18 -07:00
Jay Wallace cd9437a82a Update redshift_subnet_group.html.markdown 2016-09-18 21:41:29 -07:00
Cameron Stokes 351c6bed79 Minor typo in aws_default_security_group docs. 2016-09-16 09:47:54 -07:00
Clint 69f44a04e9 provider/aws: Add reader_endpoint RDS Clusters (supersedes #8878) (#8884)
* provider/aws: Add support for Aurora ReaderEndpoint

* provider/aws: Add reader_endpoint to the schema, document, test
2016-09-16 16:45:04 +01:00
Adrian Hesketh 19e8932a92 Clarify how to notify multiple lambdas (#8854)
Clarified that to send notifications to more than one Lambda function requires a single `s3_bucket_notification` element with multiple `lambda_function` configuration elements.

If multiple `s3_bucket_notification` elements, each with a single `lambda_function` element are used, one of the configurations is applied, seemingly at random.
2016-09-15 15:28:07 -05:00
Clint 79bb2e8a87 provider/aws: Add Default Security Group Resource (#8861)
* Docs for default security group
* overrides of default behavior
* add special disclaimer
* update to support classic environments
2016-09-15 13:59:20 -05:00
Laurent Crisci 64acf0afe5 Fixed typo in aws_elb_attachment website docs
The instance argument is a string and not a list.
It will give you an error if you try to define it as a list.
2016-09-14 23:17:19 +01:00
James Nugent 9d51ebd0aa provider/aws: Expose ARN suffix on ALB (#8833)
When creating a CloudWatch Metric for an Application Load Balancer it is
neccessary to use the suffix of the ARN as the reference to the load
balancer. This commit exposes that as an attribute on the `aws_alb`
resource to prevent the need to use regular expression substitution to
make the reference.

Fixes #8808.
2016-09-14 15:50:10 +01:00
Kerim Satirli 5aa1d3a4e5 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN 2016-09-14 11:18:47 +02:00
James Nugent 10226030dd Merge pull request #8823 from RodrigoAlmodovar/patch-1
Update ses_receipt_rule_set.html.markdown
2016-09-14 01:15:41 -07:00
Kerim Satirli dfb85fb0d7 changing AWS_SECURITY_TOKEN to AWS_SESSION_TOKEN (#8816)
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: https://github.com/hashicorp/terraform/pull/1785)

Example ENV:

```
AWS_SECURITY_TOKEN="FQo...vgU="
AWS_ACCESS_KEY_ID="A...A"
AWS_SECRET_ACCESS_KEY="I...t"
AWS_DEFAULT_REGION="eu-west-1"
```
This errors with messages akin to "AWS was not able to validate the provided access credentials".

Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: d1ac7d3b2e/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go (L69), making this whole thing a documentation change.

Happy to provide test cases or additional insights though!
2016-09-13 13:04:46 -05:00
RodrigoAlmodovar d29fb0b691 Update ses_receipt_rule_set.html.markdown
Title was wrong. It said aws_ses_active_receipt_rule_set while the page is referred to aws_ses_receipt_rule_set
2016-09-13 17:19:04 +02:00
Silvio Moioli 78bb87082b aws_instance doc: fix attachment resource name
Correct name is `aws_volume_attachment`.
2016-09-13 08:41:39 +02:00
Paul Stack 44bc70971d Merge pull request #8673 from hashicorp/f-aws-alb-generated-name
provider/aws: Allow `aws_alb` to have the name auto-generated
2016-09-12 11:04:47 +01:00
stack72 229f2698ce
Merge branch '6973-codecommit-trigger' of https://github.com/optimisticanshul/terraform into optimisticanshul-6973-codecommit-trigger 2016-09-12 10:44:32 +01:00
stack72 20ad3e0b2f
provider/aws: Allow `aws_alb` to have the name auto-generated
In order to satisify scenarios where a lifecycle is block is used, we
would need the AWS ALB name field to be autogenerated. WE follow the
same work as AWS ELB, we prefix it with `tl-lb-`

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/08 12:43:40 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout
120m
=== RUN   TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (79.81s)
=== RUN   TestAccAWSALB_generatedName
--- PASS: TestAccAWSALB_generatedName (93.81s)
=== RUN   TestAccAWSALB_namePrefix
--- PASS: TestAccAWSALB_namePrefix (73.48s)
=== RUN   TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (181.32s)
=== RUN   TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (66.03s)
=== RUN   TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (130.82s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    625.285s
```
2016-09-12 10:38:13 +01:00
Radek Simko 46d5d51ad6
provider/aws: Add API Gateway Client Certificate 2016-09-12 10:09:47 +01:00
Paul Stack 04e675c663 Merge pull request #8779 from TimeIncOSS/docs-fix-misspellings
docs: Fix misspelled words
2016-09-12 09:41:26 +01:00
Anshul Sharma 7150bafb84 Remove Region Condition From CodeCommit Repo Resource (#8778) 2016-09-12 07:30:46 +01:00
Radek Simko 43de2afde1
docs: Fix misspelled words 2016-09-12 07:08:00 +01:00
Anshul Sharma 497063af3e Added Codecommit Trigger 2016-09-12 10:17:04 +05:30
Steve Hoeksema 1d04cdb9bc Export AWS ELB service account ARN (#8700) 2016-09-11 19:13:58 +01:00
stack72 d81cbdb4fb
provider/aws: Add support for `cloudwatch_logging_options` to AWS
Kinesis Firehose Delivery Streams

Fixes #7152

Adding support for CloudWatch Logging to Firehose as per the
instructions here -
http://docs.aws.amazon.com/firehose/latest/dev/monitoring-with-cloudwatch-logs.html

```

```
2016-09-07 23:29:08 +01:00
Paul Stack de53db01b9 Merge pull request #8653 from TimeIncOSS/f-aws-lambda-publish
provider/aws: Support 'publish' attribute in lambda_function
2016-09-07 09:32:01 +01:00
Steve Hoeksema 74587baa4a Add AWS Billing & Cost Management service account
This adds a very simple data source for the AWS Billing account ID magic number.

Used to allow AWS to dump detailed billing reports into an S3 bucket you control.

http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-getting-started.html#step-2
2016-09-07 17:43:45 +12:00
Marcus Noble 55a43c444a Corrected stage_name argument 2016-09-06 16:40:08 +01:00
Radek Simko 5820ce6c5c
provider/aws: Add aws_sqs_queue_policy 2016-09-05 08:17:48 +01:00
Radek Simko c1178967b0
provider/aws: Add aws_sns_topic_policy 2016-09-04 18:34:24 +01:00
Radek Simko 03df8360cb
provider/aws: Support 'publish' attribute in lambda_function 2016-09-04 17:15:35 +01:00
James Nugent 6c23181686 Merge pull request #8383 from kjmkznr/import-aws-s3-b-notification
provider/aws: Support import `aws_s3_bucket_notification`
2016-09-03 15:50:25 -07:00
stack72 49b8568bec
provider/aws: `aws_cloudwatch_log_stream` resource
This is a requirement for enabling CloudWatch Logging on Kinesis
Firehost

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchLogStream_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/02 16:19:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSCloudWatchLogStream_ -timeout 120m
=== RUN   TestAccAWSCloudWatchLogStream_basic
--- PASS: TestAccAWSCloudWatchLogStream_basic (22.31s)
=== RUN   TestAccAWSCloudWatchLogStream_disappears
--- PASS: TestAccAWSCloudWatchLogStream_disappears (21.21s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    43.538s
2016-09-04 00:26:02 +03:00
James Nugent 54784864fc Merge pull request #8640 from TimeIncOSS/f-aws-cloudformation-data-source
provider/aws: Add cloudformation_stack data source
2016-09-03 14:16:46 -07:00
Paul Stack 0370f41df5 Merge pull request #8440 from hashicorp/aws-spotfeed-sub
provider/aws: New resource `aws_spot_datafeed_subscription`
2016-09-04 00:16:14 +03:00
Paul Stack 7485061635 Merge pull request #8637 from jrm16020/jeremy_tls_provider_docs_update
Adding reference to docs for supported ECDSA curves.
2016-09-03 23:11:57 +03:00
stack72 7e89c1d3a2
Merge branch 'paybyphone-paybyphone_GH_6396' 2016-09-03 23:10:27 +03:00
James Nugent 94ca84e772 Merge pull request #8638 from hashicorp/f-aws-assume-role
provider/aws: Add support for AssumeRole prior to operations
2016-09-03 13:04:03 -07:00
Chris Marchesi 38d2a2e717
provider/aws: VPC Peering: allow default peer VPC ID
Update the aws_vpc_peering_connection resource to allow peer_owner_id
to be omitted, defaulting to the connected AWS account ID (ie: for
VPC-to-VPC peers in the same account).

Also included is a doc cleanup and updates to the peer test in
resource_aws_route_table_test.go.

This fixes hashicorp/terraform#6396.
2016-09-03 23:03:31 +03:00
James Nugent e3ccb51168 provider/aws: Add assume_role block to provider
This replaces the previous `role_arn` with a block which looks like
this:

```
provider "aws" {
        // secret key, access key etc

	assume_role {
	        role_arn = "<Role ARN>"
		session_name = "<Session Name>"
		external_id = "<External ID>"
	}
}
```

We also modify the configuration structure and read the values from the
block if present into those values and adjust the call to AssumeRole to
include the SessionName and ExternalID based on the values set in the
configuration block.

Finally we clean up the tests and add in missing error checks, and clean
up the error handling logic in the Auth helper functions.
2016-09-03 12:54:30 -07:00
stack72 900e14e168
provider/aws: New resource `aws_spot_datafeed_subscription`
Fixes: #4922

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSpotDatafeedSubscription_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 10:46:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSpotDatafeedSubscription_ -timeout 120m
=== RUN   TestAccAWSSpotDatafeedSubscription_importBasic
--- PASS: TestAccAWSSpotDatafeedSubscription_importBasic (56.31s)
=== RUN   TestAccAWSSpotDatafeedSubscription_basic
--- PASS: TestAccAWSSpotDatafeedSubscription_basic (56.77s)
=== RUN   TestAccAWSSpotDatafeedSubscription_disappears
--- PASS: TestAccAWSSpotDatafeedSubscription_disappears (56.79s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    169.893s
```
2016-09-03 20:06:40 +03:00
Radek Simko a3c21d6c3b
provider/aws: Add cloudformation_stack data source 2016-09-03 11:33:59 +01:00
Jeremy Young b295192ed3 Adding reference in ELB docs for supported ECDSA curves. 2016-09-02 16:25:20 -05:00
Ian Duffy 767914bbdc [GH-1275] Support for AWS access via IAMs AssumeRole functionality
This commit enables terraform to utilise the assume role functionality
of sts to execute commands with different privileges than the API
keys specified.

Signed-off-by: Ian Duffy <ian@ianduffy.ie>
2016-09-02 10:22:57 -07:00
Jesse Mandel f168c90afa Update ami.html.markdown
typo `i368` to `i386`
2016-09-02 10:22:18 -07:00
James Nugent 93f31fce17 provider/aws: Add aws_s3_bucket_policy resource
This commit adds a new "attachment" style resource for setting the
policy of an AWS S3 bucket. This is desirable such that the ARN of the
bucket can be referenced in an IAM Policy Document.

In addition, we now suppress diffs on the (now-computed) policy in the
S3 bucket for structurally equivalent policies, which prevents flapping
because of whitespace and map ordering changes made by the S3 endpoint.
2016-09-02 09:07:54 -07:00
liamjbennett e98e5fb017
provider/aws: add aws_ssm_association resource 2016-09-02 16:46:05 +03:00
Babak Mahmoudy 28767a20df Add missing json attribute to documentation 2016-09-02 12:55:14 +10:00
Alfonso Cabrera 30ea22c252 Fix multiple typos (#8611) 2016-09-01 15:07:58 -05:00
stack72 cea2ff6be0
docs/aws: `aws_alb` name parameter is now documented as a Required
field

The validation rules are also included in the documentation

Fixes #8561
2016-08-31 20:06:04 +01:00
Sean Knight 76ea6c59cd website: fix error in the Kinesis Firehose ElasticSearch example
"destination" was set to "redshift" by mistake.
2016-08-29 17:00:38 -07:00
stack72 d330ac4d26
docs/aws: AWS ELB access_logs now support whether to enable or disable logging 2016-08-29 21:15:10 +01:00
Radek Simko cc38378870 provider/aws: API Gateway Custom Authorizer (#8535)
* [WIP] AWS APIGateway Custom Authorizer

* provider/aws: api_gateway_method - Add missing fields to Read+Update

* provider/aws: Make API Gateway name in test more specific

* provider/aws: APIG - Use minimal configuration in create request
2016-08-29 20:51:59 +01:00
Krzysztof Wilczynski 52eeaa0b72 Fix example. Do not use deprecated attribute. (#8531)
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-08-29 15:39:29 +01:00
Paul Stack 53ac54ac06 docs/aws: Add `primary_endpoint_address` to the docs for (#8528)
`aws_elasticache_replication_group`
2016-08-29 14:39:15 +01:00
Martin Atkins 4f906dba7a Merge #8403: name_regex attribute on aws_ami data source 2016-08-27 13:11:45 -07:00
Martin Atkins 39d68025a5 Merge #8505: correct mistake in example for aws_ip_ranges data source 2016-08-27 07:28:58 -07:00
Clint daac877c82 provider/aws: Get and export ASG ARN value (#8503) 2016-08-27 15:20:11 +01:00
knakayama 0b67962338 Fix doc for provider/aws_ip_ranges 2016-08-27 09:41:34 +09:00
Clint 3cfce54910 Update alb_listener_rule.html.markdown
fix typo
2016-08-26 09:40:36 -05:00
sethp-jive 36d0e6690d aws_iam_instance_profile: Restrict example perms
In this example, principal "AWS": "*" tells IAM that any user in the world can assume that role as long as they know the account ID + role name. 

In my testing, "Service": "ec2.amazonaws.com" is sufficiently permissive to allow the instance_profile to work without allowing global accesses.
2016-08-25 15:28:39 -07:00
Clint 49ecfe8921 provider/aws: Add aws_default_route_table resource (#8323)
* provider/aws: Add docs for Default Route Table

* add new default_route_table_id attribute, test to VPC

* stub

* add warning to docs

* rough implementation

* first test

* update test, add swap test

* fix typo
2016-08-25 16:02:44 -05:00
stack72 0087068a0e
provider/aws: `aws_ecs_container_definition` datasource parameter
changes to memory_reservation
2016-08-25 18:10:08 +01:00
Paul Stack 0adc1fc4b2 provider/aws: Allow `aws_rds_instance` to upgrade the major version (#8471)
Fixes #8468

If a user wished to bump the `engine_version` of an RDS instance,
Terraform was not sending `allow_major_version_upgrade` to the API
*unless* that value also changed at the same time. This caused the
following error from RDS API:

```
* aws_db_instance.bar: Error modifying DB Instance
* tf-20160825101420910562798obb: InvalidParameterCombination: The
* AllowMajorVersionUpgrade flag must be present when upgrading to a new
* major version.
    status code: 400, request id: 20e36364-6ab0-11e6-b794-51f12f4135f1
```

This change will always send the `allow_major_version_upgrade` flag to
the API when the `engine_version` changes.

This still relies on the user setting the correct value i.e. if they are
upgrading from postgres 0.4.7 -> 9.5.2 then the config will need to set
the `allow_major_version_upgrade` flag to be `true`
2016-08-25 13:54:40 +01:00
Paul Stack 64510d9cfb provider/aws: Adding `aws_ssm_document` resource (#8460)
* provider/aws: add `aws_ssm_document` resource

* provider/aws: Changes to `aws_ssm_document` post code review

The changes are things like using d.Id rather than d.Get("name").(string)

and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 09:47:24 +01:00
Paul Stack 3901827b40 provider/aws: Validate `aws_iam_policy_attachment` Name parameter to stop being empty (#8441)
* provider/aws: Validate `aws_iam_policy_attachment` Name parameter to
stop being empty

Fixes #8368

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSPolicyAttachment_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/08/24 11:46:01 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSPolicyAttachment_ -timeout 120m
=== RUN   TestAccAWSPolicyAttachment_basic
--- PASS: TestAccAWSPolicyAttachment_basic (44.67s)
=== RUN   TestAccAWSPolicyAttachment_paginatedEntities
--- PASS: TestAccAWSPolicyAttachment_paginatedEntities (161.68s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    206.379s
```

* Update resource_aws_iam_policy_attachment.go
2016-08-24 21:28:41 +01:00