* Add schema_version as computed ssm document attribute
* Update the SSM document itself if the content has changed and it has a schema >= 2.0
* Add default_version as DocumentVersion in SSM doc update
* Acceptance test for updating an SSM document
* Better error handling in updating SSM documents
* Add SSM document update documentation
* Better names for SSM input params
Launch permissions are implicitly nuked if an AMI is removed for any
reason - Terraform should not error on refresh in this case, but rather
just see the launch permissions as gone and react appropriately.
* provider/aws: Fixed DynamoDB GSI update when using multiple indexes
* provider/aws: Fixed DynamoDB GSI set hash function
* Added DynamoDB table state migration
Redshift was changed to not skip snapshots by default, so our configs
were out of date and causing errors in destroy (thus leaking redshifts)
This changes the configs to skip snapshots, which should at least fix:
- TestAccAWSKinesisFirehoseDeliveryStream_RedshiftConfigUpdates
- TestAccAWSRedshiftCluster_loggingEnabled
* provider/aws: Fix KMS Key reading with Exists method
Fixes#13322 by checking if the key Exists and offering to recreate if
not found, or pending delete
* remove redundant code
Add getters for the AWSClient s3.S3 and dynamodb.DynamoDB clients so the
s3 remote-state backend can use all the same initialization code as the
aws provider.
* provider/aws: Add support for treat_missing_data to cloudwatch_metric_alarm
Fixes: #13263
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchMetricAlarm'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/04/05 08:51:06 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchMetricAlarm -timeout 120m
=== RUN TestAccAWSCloudWatchMetricAlarm_importBasic
--- PASS: TestAccAWSCloudWatchMetricAlarm_importBasic (23.93s)
=== RUN TestAccAWSCloudWatchMetricAlarm_basic
--- PASS: TestAccAWSCloudWatchMetricAlarm_basic (27.81s)
=== RUN TestAccAWSCloudWatchMetricAlarm_treatMissingData
--- PASS: TestAccAWSCloudWatchMetricAlarm_treatMissingData (43.39s)
=== RUN TestAccAWSCloudWatchMetricAlarm_extendedStatistic
--- PASS: TestAccAWSCloudWatchMetricAlarm_extendedStatistic (26.80s)
=== RUN TestAccAWSCloudWatchMetricAlarm_missingStatistic
--- PASS: TestAccAWSCloudWatchMetricAlarm_missingStatistic (5.95s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 127.899s
```
* provider/aws: Set cloudwatch_metric_alarm treamt_missing_data to missing
This follows what the AWS API does. We had to add a state migration for
this to make sure that the user doesn't see any unexpected activity on
their Terraform plans
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAWSCloudWatchMetricAlarmMigrateState'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/04/05 14:51:32 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAWSCloudWatchMetricAlarmMigrateState -timeout 120m
=== RUN TestAWSCloudWatchMetricAlarmMigrateState
2017/04/05 14:52:13 [INFO] Found AWS CloudWatch Metric Alarm State v0; migrating to v1
2017/04/05 14:52:13 [DEBUG] Attributes before migration: map[string]string{}
2017/04/05 14:52:13 [DEBUG] Attributes after migration: map[string]string{"treat_missing_data":"missing"}
--- PASS: TestAWSCloudWatchMetricAlarmMigrateState (0.00s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 0.018s
```
The AWS waiter package has changed location in the 1.8.0 version of the
SDK. DMS will need to mitigate a breaking change because of this
Between @radeksimko and myself, we think that we should migrate the DMS
resources to using the Terraform state refresh func pattern that is used
across the entire of the AWS provider. DMS is the *only* resource that
currently uses the AWS waiters, so the LOE to migrate is pretty low
For our ECS service definition we have this snippet at the
`load_balancer`.
The `target_group_arn` is being pupulated by an external service that
returns the arn based on a simple string from our microservices list.
If the arn changed, this would not cause a recreation of the service and
leaving a dangling pointer to an arn that does not exist anymore.
```
load_balancer {
target_group_arn = "${lookup(var.target_group_mapping, element(values(var.microservices), count.index))}"
container_name = "${element(values(var.microservices), count.index)}"
container_port = "${var.container_port}"
}
```
The fix is adding another field to the set that's creating the ELB/ALB
definition. From looking into the git history seems this code was
created prior to ALB thus not having this field available at the time.
Service is being recreated as expected, no other services are affected
(expected behavior)