Although the aws_iam_policy has a problem of normalization (refs #8350),
I think it would be useful simply to add JSON syntax validation.
I wasted a lot of time with JSON syntax errors.
Validate the aws_iam_policy using the validateJsonString helper.
* provider/aws: Add ability to create aws_ebs_snapshot
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEBSSnapshot_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 14:18:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEBSSnapshot_
-timeout 120m
=== RUN TestAccAWSEBSSnapshot_basic
--- PASS: TestAccAWSEBSSnapshot_basic (31.56s)
=== RUN TestAccAWSEBSSnapshot_withDescription
--- PASS: TestAccAWSEBSSnapshot_withDescription (189.35s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws220.928s
```
* docs/aws: Addition of the docs for aws_ebs_snapshot resource
* provider/aws: Creation of shared schema funcs for common AWS data source
patterns
* provider/aws: Create aws_ebs_snapshot datasource
Fixes#8828
This data source will use a number of filters, owner_ids, snapshot_ids
and restorable_by_user_ids in order to find the correct snapshot. The
data source has no real use case for most_recent and will error on no
snapshots found or greater than 1 snapshot found
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEbsSnapshotDataSource_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 14:34:33 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEbsSnapshotDataSource_ -timeout 120m
=== RUN TestAccAWSEbsSnapshotDataSource_basic
--- PASS: TestAccAWSEbsSnapshotDataSource_basic (192.66s)
=== RUN TestAccAWSEbsSnapshotDataSource_multipleFilters
--- PASS: TestAccAWSEbsSnapshotDataSource_multipleFilters (33.84s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws226.522s
```
* docs/aws: Addition of docs for the aws_ebs_snapshot data source
Adds the new resource `aws_ebs_snapshot`
This update adds ALB support to the
wait_for_elb_capacity/min_elb_capacity options. Target groups are
handled in nearly the same way as Classic ELBs, so the change should be
transparent. This supports both ALB target groups and classic ELBs being
attached to the ASG at the same time.
* provider/aws: Add aws_alb data source
This adds the aws_alb data source for getting information on an AWS
Application Load Balancer.
The schema is nearly the same as the resource of the same name, with
most of the resource population logic de-coupled into its own function
so that they can be shared between the resource and data source.
* provider/aws: aws_alb data source language revisions
* Multiple/zero result error slightly updated to be a bit more
specific.
* Fixed relic of the copy of the resource docs (resource -> data
source)
When `force_destroy` was specifed on an `aws_iam_user` resource, only IAM
access keys and the login profile were destroyed. If a multi-factor auth
device had been activated for that user, deletion would fail as follows:
```
* aws_iam_user.testuser1: Error deleting IAM User testuser1: DeleteConflict: Cannot delete entity, must delete MFA device first.
status code: 409, request id: aa41b1b7-ac4d-11e6-bb3f-3b4c7a310c65
```
This commit iterates over any of the user's MFA devices and deactivates
them before deleting the user. It follows a pattern similar to that used
to remove users' IAM access keys before deletion.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUser_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/20 17:09:00 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUser_ -timeout 120m
=== RUN TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (5.70s)
=== RUN TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (11.12s)
PASS
ok github.com/rhenning/terraform/builtin/providers/aws 20.840s
```
* provider/aws: Add aws_alb_listener data source
This adds the aws_alb_listener data source to get information on an AWS
Application Load Balancer listener.
The schema is slightly modified (only option-wise, attributes are the
same) and we use the aws_alb_listener resource read function to get the
data.
Note that the HTTPS test here may fail due until
hashicorp/terraform#10180 is merged.
* provider/aws: Add aws_alb_listener data source docs
Now documented.
Looks like sometimes it takes some time for IAM certificates to
propagate, which can cause errors on ALB listener creation.
Possibly same thing as hashicorp/terraform#5178, but for ALB
now instead of ELB.
This was discovered via acceptance tests, specifically the
TestAccAWSALBListener_https test. Updated the creation process to wait
on CertificateNotFound for a max of 5min.
- Per our discussion around the PR to increase this initially, we
weren't sure if 1 minute would be sufficient. Well, it turns out it
wasn't for me today (we don't delete these often so not sure how
often people run into this).
Picking another somewhat arbitrary value of 5 minutes in the hopes
that it will be sufficient (today it took a little over 2 minutes).
Since the Lambda CreateFunction call may include an up to 50MB payload,
the request can easily take more than a minute. This increases the
timeout to 10 minutes.
Fixes#10042Fixes#9989
Another panic was found with this resource. IT essentially was causing a
panic when no certificates were found. This was due to the casting of
status to []string
There are times when there are no statuses passed in. Made the error
message a lot more generic now rather than having something like this
```
No certificate with statuses [] for domain mytestdomain.com found in this region.
```
This now becomes:
```
No certificate for domain mytestdomain.com found in this region.
```
Also, added a test to show that the panic is gone
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAwsAcmCertificateDataSource_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/11 15:11:33 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAwsAcmCertificateDataSource_ -timeout 120m
=== RUN TestAccAwsAcmCertificateDataSource_noMatchReturnsError
--- PASS: TestAccAwsAcmCertificateDataSource_noMatchReturnsError (6.07s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws6.094s
```
* allow underscore in database_name [redshift]
Fixes#10009
* Added Test Cases To Validate Redshift DBName
* Remove Old Test Cases Regarding Redshift DBName Validation
* Added More Test Cases For Redshift DBName
Also added a test to prove that the computed value gets set
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBInstance_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 06:26:22 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDBInstance_basic -timeout 120m
=== RUN TestAccAWSDBInstance_basic
--- PASS: TestAccAWSDBInstance_basic (634.33s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws634.347s
```
Fixes#9989
When passing a list of statuses to the acm_certificate data source, we
were trying to cast a schema.TypeList directly to []string
We need to do it via an []interface{} and then cast to string when
ranging over the results. Without this, we get a panic
* Added key_name_prefix to aws_key_pair resource schema.
* Added logic to prefix the aws_key_pair name on create.
* Added aws_key_pair test config for key_name_prefix case.
* Copied test cases from testAccAWSSecurityGroup namespace.
* Modified copied test case to suit aws_key_pair resource.
* Changed required flag to optional on key_name argument for aws_key_pair resource.
* Added documentation for key_name_prefix argument.
* Code style fix.
* Fixed undefined variable error in test.
Fixes#9895
The replication_group_id should allow length to be max of 20 not 16
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestResourceAWSElastiCacheReplicationGroupIdValidation'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/07 16:17:52 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestResourceAWSElastiCacheReplicationGroupIdValidation -timeout
120m
=== RUN TestResourceAWSElastiCacheReplicationGroupIdValidation
--- PASS: TestResourceAWSElastiCacheReplicationGroupIdValidation (0.00s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws0.032s
```
The work to add the arn_suffix in #9734 skipped adding the targetgroup/
part of the arn
This PR adds it
//cc @firthh
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/07 12:19:16 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (47.23s)
=== RUN TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (80.09s)
=== RUN TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (87.45s)
=== RUN TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (78.47s)
=== RUN TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (73.53s)
=== RUN TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (75.60s)
=== RUN TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (76.40s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 518.777s
```
fixes#9110
An error was found where, static_routes_only was not set on a vpn
connection import. This commit introduces setting the static_routes_only
to false when no Options are found. This follows the AWS convention as follows:
```
- options (structure)
Indicates whether the VPN connection requires static routes. If you are creating a VPN connection for a device that does not support BGP, you must specify true .
Default: false
```
So we take it that `static_options_only` is false by default
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpnConnection_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 10:38:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpnConnection_ -timeout 120m
=== RUN TestAccAWSVpnConnection_importBasic
--- PASS: TestAccAWSVpnConnection_importBasic (178.29s)
=== RUN TestAccAWSVpnConnection_basic
--- PASS: TestAccAWSVpnConnection_basic (336.81s)
=== RUN TestAccAWSVpnConnection_withoutStaticRoutes
--- PASS: TestAccAWSVpnConnection_withoutStaticRoutes (195.45s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 710.572s
```