the `aws_iam_group_membership` resource
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSGroupMembership_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSGroupMembership_ -timeout 120m
=== RUN TestAccAWSGroupMembership_basic
--- PASS: TestAccAWSGroupMembership_basic (74.14s)
=== RUN TestAccAWSGroupMembership_paginatedUserList
--- PASS: TestAccAWSGroupMembership_paginatedUserList (273.29s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 347.447s
```
The S3 API has two parameters that can be passed to it (HostName
and Protocol) for the RedirectAllRequestsTo functionality.
HostName is somewhat poorly named because it need not be only a
hostname (it can contain a path too.)
The terraform code for this was treating the API as the parameter
name suggests and was truncating out any paths that were passed.
This commit adds VPN Gateway attachment resource, and also an initial tests and
documentation stubs.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Fixes#7996
The Create func was using the timeout that we were passing to the
resource. Update func was not.
```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSCloudFormation_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSCloudFormation_ -timeout 120m
=== RUN TestAccAWSCloudFormation_basic
--- PASS: TestAccAWSCloudFormation_basic (120.61s)
=== RUN TestAccAWSCloudFormation_defaultParams
--- PASS: TestAccAWSCloudFormation_defaultParams (121.40s)
=== RUN TestAccAWSCloudFormation_allAttributes
--- PASS: TestAccAWSCloudFormation_allAttributes (263.29s)
=== RUN TestAccAWSCloudFormation_withParams
--- PASS: TestAccAWSCloudFormation_withParams (205.52s)
=== RUN TestAccAWSCloudFormation_withUrl_withParams
--- PASS: TestAccAWSCloudFormation_withUrl_withParams (402.71s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws
1113.552s
```
`elasticsearch_version` 2.3
Fixes#7836
This will allow ElasticSearch domains to be deployed with version 2.3 of
ElasticSearch
The other slight modifications are to stop dereferencing values before
passing to d.Set in the Read func. It is safer to pass the pointer to
d.Set and allow that to dereference if there is a value
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticSearchDomain_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSElasticSearchDomain_ -timeout 120m
=== RUN TestAccAWSElasticSearchDomain_basic
--- PASS: TestAccAWSElasticSearchDomain_basic (1611.74s)
=== RUN TestAccAWSElasticSearchDomain_v23
--- PASS: TestAccAWSElasticSearchDomain_v23 (1898.80s)
=== RUN TestAccAWSElasticSearchDomain_complex
--- PASS: TestAccAWSElasticSearchDomain_complex (1802.44s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 5313.006s
```
Update resource_aws_elasticsearch_domain.go
This commit resolves the issue where lack of snapshot ID in the device mapping
section of the API response to DescribeImagesResponse would cause Terraform to
crash due to a nil pointer dereference. Usually, the snapshot ID is included,
but in some unique cases (e.g. ECS-enabled AMI from Amazon available on the
Market Place) a volume that is attached might not have it.
The API documentation does not clearly define whether the snapshot ID either
should be or must be included for any volume in the response.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Add state filter to aws_availability_zones data source.
This commit adds an ability to filter Availability Zones based on state, where
by default it would only list available zones.
Be advised that this does not always works reliably for an older accounts which
have been created in the pre-VPC era of EC2. These accounts tends to retrieve
availability zones that are not VPC-enabled, thus creation of a custom subnet
within such Availability Zone would result in a failure.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Update documentation for aws_availability_zones data source.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Do not filter on state by default.
This commit makes the state filter applicable only when set.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
We create hundreds of AWS Elasticsearch resources over the last few months and we get occasional timeout failures from AWS. This will PR is to increase the timeout once again. I did it before:
https://github.com/hashicorp/terraform/pull/5910/files
But we've seen enough timeouts from AWS on this resource that increasing the timeout seems like the only solution.
When migrating the state of an `aws_route53_record`, a v0 state was
never upgraded to v2, and a typo in a unit test masked this. This commit
fixes the migration by chaining the invocation of the migration
function, and corrects the test.
This test overrides the AWS_DEFAULT_REGION parameter as the security
groups are created in us-east-1 (due to classic VPC requirements)
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBSecurityGroup_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDBSecurityGroup_importBasic -timeout 120m
=== RUN TestAccAWSDBSecurityGroup_importBasic
--- PASS: TestAccAWSDBSecurityGroup_importBasic (49.46s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 49.487s
```
deleted state
Fixes#7859
When a VPN Gateway has been manually deleted, we should expect it to be
added back to the plan
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpnGateway_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpnGateway_
-timeout 120m
=== RUN TestAccAWSVpnGateway_importBasic
--- PASS: TestAccAWSVpnGateway_importBasic (247.94s)
=== RUN TestAccAWSVpnGateway_basic
--- PASS: TestAccAWSVpnGateway_basic (409.50s)
=== RUN TestAccAWSVpnGateway_reattach
--- PASS: TestAccAWSVpnGateway_reattach (211.33s)
=== RUN TestAccAWSVpnGateway_delete
--- PASS: TestAccAWSVpnGateway_delete (121.10s)
=== RUN TestAccAWSVpnGateway_tags
--- PASS: TestAccAWSVpnGateway_tags (125.38s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws
1115.274s
```
This changes the behaviour of `aws_api_gateway_integration` to set the
`passthrough_behaviour` to be computed as this was breaking the import
test
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAPIGatewayApiKey_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSAPIGatewayApiKey_importBasic -timeout 120m
=== RUN TestAccAWSAPIGatewayApiKey_importBasic
--- PASS: TestAccAWSAPIGatewayApiKey_importBasic (50.19s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 50.210s
```
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAPIGatewayIntegration_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSAPIGatewayIntegration_ -timeout 120m
=== RUN TestAccAWSAPIGatewayIntegration_basic
--- PASS: TestAccAWSAPIGatewayIntegration_basic (67.43s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 67.449s
```
* Add ability to set Performance Mode in aws_efs_file_system.
The Elastic File System (EFS) allows for setting a Performance Mode during
creation, thus enabling anyone to chose performance of the file system according
to their particular needs. This commit adds an optional "performance_mode"
attribte to the aws_efs_file_system resource so that an appropriate mode can be
set as needed.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Add test coverage for the ValidateFunc used.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Add "creation_token" and deprecate "reference_name".
Add the "creation_token" attribute so that the resource follows the API more
closely (as per the convention), thus deprecate the "reference_name" attribute.
Update tests and documentation accordingly.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Fixes#7423
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRedshiftCluster_loggingEnabled'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftCluster_loggingEnabled -timeout 120m
=== RUN TestAccAWSRedshiftCluster_loggingEnabled
--- PASS: TestAccAWSRedshiftCluster_loggingEnabled (675.21s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 675.233s
```
the Read func
Fixes#7782
Lambda functions are eventually consistent :( Therefore, when we move
from the Create func to the Read func, there is a chance that the Lambda
hasn't replicated yet and we could therefore find that it doesn't exist
and delete it as follows:
```
params := &lambda.GetFunctionInput{
FunctionName: aws.String(d.Get("function_name").(string)),
}
getFunctionOutput, err := conn.GetFunction(params)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ResourceNotFoundException" {
d.SetId("")
return nil
}
return err
}
```
This PR uses `d.IsNewResource()` to check if the Read is being called
after a Create and therefore, won't delete the lambda if not found. This
should allow the lambda to replicate
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLambdaFunction_'
=> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSLambdaFunction_ -timeout 120m
=== RUN TestAccAWSLambdaFunction_importLocalFile
--- PASS: TestAccAWSLambdaFunction_importLocalFile (36.64s)
=== RUN TestAccAWSLambdaFunction_importLocalFile_VPC
--- PASS: TestAccAWSLambdaFunction_importLocalFile_VPC (45.17s)
=== RUN TestAccAWSLambdaFunction_importS3
--- PASS: TestAccAWSLambdaFunction_importS3 (40.88s)
=== RUN TestAccAWSLambdaFunction_basic
--- PASS: TestAccAWSLambdaFunction_basic (44.77s)
=== RUN TestAccAWSLambdaFunction_VPC
--- PASS: TestAccAWSLambdaFunction_VPC (44.13s)
=== RUN TestAccAWSLambdaFunction_s3
--- PASS: TestAccAWSLambdaFunction_s3 (43.62s)
=== RUN TestAccAWSLambdaFunction_localUpdate
--- PASS: TestAccAWSLambdaFunction_localUpdate (33.49s)
=== RUN TestAccAWSLambdaFunction_localUpdate_nameOnly
--- PASS: TestAccAWSLambdaFunction_localUpdate_nameOnly (51.83s)
=== RUN TestAccAWSLambdaFunction_s3Update
--- PASS: TestAccAWSLambdaFunction_s3Update (106.49s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 447.055s
```
Thanks to @radeksimko for pointing out `d.IsNewResource()`
using: `govendor add
github.com/aws/aws-sdk-go/service/applicationautoscaling@v1.2.5`
introduce a retry for scalable target creation
Due to possible inconsistencies in IAM, let's retry creation of the scalable target before we fail.
Added IAM role as part of acceptance test
Expose the network interface ID that is created with a new instance.
This can be useful when associating an existing elastic IP to the
default interface on an instance that has multiple network interfaces.
There were some changes required to the Read func to get this working.
The initial set of tests showed the following:
```
testing.go:255: Step 1 error: ImportStateVerify attributes not equivalent. Difference is shown below. Top is actual, bottom is expected.
(map[string]string) {
}
(map[string]string) (len=8) {
(string) (len=8) "hash_key": (string) (len=16) "TestTableHashKey",
(string) (len=23) "local_secondary_index.#": (string) (len=1) "1",
(string) (len=36) "local_secondary_index.884610231.name": (string) (len=12) "TestTableLSI",
(string) (len=52) "local_secondary_index.884610231.non_key_attributes.#": (string) (len=1) "0",
(string) (len=47) "local_secondary_index.884610231.projection_type": (string) (len=3) "ALL",
(string) (len=41) "local_secondary_index.884610231.range_key": (string) (len=15) "TestLSIRangeKey",
(string) (len=4) "name": (string) (len=38) "TerraformTestTable-2710929679033484576",
(string) (len=9) "range_key": (string) (len=17) "TestTableRangeKey"
}
```
On investigation, this was telling me that `hash_key`, `range_key`, `name` and `local_secondary_index` were not being set on the Read func
When they were being set, all looks as expected:
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDynamoDbTable_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDynamoDbTable_ -timeout 120m
=== RUN TestAccAWSDynamoDbTable_importBasic
--- PASS: TestAccAWSDynamoDbTable_importBasic (20.39s)
=== RUN TestAccAWSDynamoDbTable_basic
--- PASS: TestAccAWSDynamoDbTable_basic (39.99s)
=== RUN TestAccAWSDynamoDbTable_streamSpecification
--- PASS: TestAccAWSDynamoDbTable_streamSpecification (50.44s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 110.841s
```
* aws_db_parameter_group: Support more than 20 parameters in a single update
* create test to prove greater than 20 database parameters can be processed
* update test to prove updating greater than 20 database parameters can be processed
* Issues with certain key value database parameters
Cannot create a passing test for database parameters "innodb_file_per_table" and "binlog_format"
It seems that these parameters can be created and tested successfully
BUT after the "parameter group" has been destroyed, it then makes a "DescribeDBParameterGroups" call
This fails with a 404 error...makes sense since the group does not exist
Have very little understanding of how the test framework works, so am struggling to debug
Currently commented out to have a passing test
* reorder create database parameter group dataset
* reorder update database parameter group dataset
* typo: excede => exceed
* add one extra database parameter; now it is 41 in total
* added test for additonal database parameter added in previous commit
* remove commented out database parameters from test
* provider/aws: Delete access keys before deleting IAM user
* provider/aws: Put IAM key removal behind force_destroy option
* provider/aws: Move all access key deletion under force_destroy
* Add iam_user force_destroy to website
* provider/aws: Improve clarity of looping over pages in delete IAM user
We conditionally format version with VersionPrerelease in a number of
places. Add a package-level function where we can unify the version
format. Replace most of version formatting in terraform, but leave th
few instances set from the top-level package to make sure we don't break
anything before release.
`aws_rds_cluster_instance`
The Import test showed that there was no setting of the
`storage_encrypted` value back to state on the Read func.
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRDSClusterInstance_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRDSClusterInstance_importBasic -timeout 120m
=== RUN TestAccAWSRDSClusterInstance_importBasic
--- PASS: TestAccAWSRDSClusterInstance_importBasic (754.30s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 754.411s
```
* add opsworks permission resource
* add docs
* remove permission from state if the permission object could not be found
* remove nil validate function. validation is done in schema.Resource.
* add id to the list of exported values
* renge over permission to check that we have found got the correct one
* removed comment
* removed set id
* fix unknown region us-east-1c
* add user_profile resource
* add docs
* add default value
* provider/aws: Support kms_key_id for `aws_rds_cluster`
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRDSCluster_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRDSCluster_
-timeout 120m
=== RUN TestAccAWSRDSCluster_basic
--- PASS: TestAccAWSRDSCluster_basic (127.57s)
=== RUN TestAccAWSRDSCluster_kmsKey
--- PASS: TestAccAWSRDSCluster_kmsKey (323.72s)
=== RUN TestAccAWSRDSCluster_encrypted
--- PASS: TestAccAWSRDSCluster_encrypted (173.25s)
=== RUN TestAccAWSRDSCluster_backupsUpdate
--- PASS: TestAccAWSRDSCluster_backupsUpdate (264.07s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 888.638s
```
* provider/aws: Add KMS Key ID to `aws_rds_cluster_instance`
```
```
Rearrange client setup, and remove the extraneous log lines we make per
connection. There's no need to log one line per API client - we're just
setting up structs for most of them.
Since this collapses the file down quite a bit, switch to alphabetized
client setup, since previously there wasn't much of an order to things.
* Import support and acceptance tests for import support have been added.
* geo_restriction.location is now guarnteed to be in sorted order (was
causing a failure in the test)
`skip_final_snapshot`
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRedshiftCluster_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftCluster_importBasic -timeout 120m
=== RUN TestAccAWSRedshiftCluster_importBasic
--- PASS: TestAccAWSRedshiftCluster_importBasic (641.87s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 641.888s
```
`enabled_metrics`
Fixes#7693
The metrics_granularity parameter was not being passed to the
`EnableMetricsCollection` when we were calling it from the Update func.
this was causing the API call to silently fail and not update the
metrics for collection - unfortunately the enabled_metrics were still
being added to the state :(
By passing the granularity, we now get the correct metrics for
collection
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAutoScalingGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSAutoScalingGroup_ -timeout 120m
=== RUN TestAccAWSAutoScalingGroup_importBasic
--- PASS: TestAccAWSAutoScalingGroup_importBasic (166.86s)
=== RUN TestAccAWSAutoScalingGroup_basic
--- PASS: TestAccAWSAutoScalingGroup_basic (240.23s)
=== RUN TestAccAWSAutoScalingGroup_autoGeneratedName
--- PASS: TestAccAWSAutoScalingGroup_autoGeneratedName (50.29s)
=== RUN TestAccAWSAutoScalingGroup_terminationPolicies
--- PASS: TestAccAWSAutoScalingGroup_terminationPolicies (79.93s)
=== RUN TestAccAWSAutoScalingGroup_tags
--- PASS: TestAccAWSAutoScalingGroup_tags (270.79s)
=== RUN TestAccAWSAutoScalingGroup_VpcUpdates
--- PASS: TestAccAWSAutoScalingGroup_VpcUpdates (77.76s)
=== RUN TestAccAWSAutoScalingGroup_WithLoadBalancer
--- PASS: TestAccAWSAutoScalingGroup_WithLoadBalancer (400.67s)
=== RUN TestAccAWSAutoScalingGroup_withPlacementGroup
--- PASS: TestAccAWSAutoScalingGroup_withPlacementGroup (134.39s)
=== RUN TestAccAWSAutoScalingGroup_enablingMetrics
--- PASS: TestAccAWSAutoScalingGroup_enablingMetrics (305.32s)
=== RUN TestAccAWSAutoScalingGroup_withMetrics
--- PASS: TestAccAWSAutoScalingGroup_withMetrics (48.56s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws
1774.819s
```
* Update website_endpoint_url_test.go
Allow ap-south-1 (Mumbai) as valid region
* Update hosted_zones.go
Allowing ap-south-1 (Mumbai) as valid region
* Update website_endpoint_url_test.go
reformatting
* Update hosted_zones.go
reformatting
* Update resource_aws_s3_bucket.go
making changes for ap-south-1 (Mumbai) region
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchMetricAlarm_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSCloudWatchMetricAlarm_ -timeout 120m
=== RUN TestAccAWSCloudWatchMetricAlarm_importBasic
--- PASS: TestAccAWSCloudWatchMetricAlarm_importBasic (17.82s)
=== RUN TestAccAWSCloudWatchMetricAlarm_basic
--- PASS: TestAccAWSCloudWatchMetricAlarm_basic (17.11s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 34.957s
```
The test didn't expand the record name - therefore, when the name was
empty, it wasn't setting it to the domain name (like the normal resource
does!) This was causing an error
Added test for aws_route53_record with empty name
Integrated test for aws_route53_record with empty name
Changed test to use a third-level domain for zone
* provider/aws: Support ec2-classic and vpc
Fix Elastic Beanstalk recurring plans when additional security groups
are supplied. In the previous version, only non-default vpc security
groups would be handled by dropGeneratedSecurityGroup.
* provider/aws: Elastic Beanstalk VPC Test
Also, change order of processing to parse icmp_type first. Change wording of the
debug messages, and change format string type for rule_number where appropriate.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This fixes the `TestAccAWSBeanstalkEnv_tier` test. The instance profile
needs access to send and receive messages from its sqs queue. Without
these permissions Beanstalk returns an error event, causing the test to
fail.
The ICMP type 0 (Echo Reply) was not handled correctly. This commit changes the
type of attributes "icmp_type" and "icmp_code" from TypeInt to TypeString,
allowing for the string value to be manually converted into an integer. This
enables an integer values such as -1, 0, 8, etc., coming from the resource
definition in the template to be handled correctly.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Neither skip_final_snapshot nor final_snapshot_identifier can be fetched
from any API call, so we need to default skip_final_snapshot to true
during import so that final_snapshot_identifier is not required
Needed to change the test due to SQS having issues recreating the same
queue multiple times. Now it uses a random name
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSQSQueue_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSQSQueue_
-timeout 120m
=== RUN TestAccAWSSQSQueue_importBasic
--- PASS: TestAccAWSSQSQueue_importBasic (20.53s)
=== RUN TestAccAWSSQSQueue_basic
--- PASS: TestAccAWSSQSQueue_basic (33.85s)
=== RUN TestAccAWSSQSQueue_redrivePolicy
--- PASS: TestAccAWSSQSQueue_redrivePolicy (26.59s)
=== RUN TestAccAWSSQSQueue_Policybasic
--- PASS: TestAccAWSSQSQueue_Policybasic (36.92s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 117.908s
```
We cannot use the "id" field to represent policy ID, because it is used
internally by Terraform. Also change the "id" field within a statement
to "sid" for consistency with the generated JSON.
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSimpleDBDomain_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSimpleDBDomain_ -timeout 120m
=== RUN TestAccAWSSimpleDBDomain_importBasic
--- PASS: TestAccAWSSimpleDBDomain_importBasic (19.59s)
=== RUN TestAccAWSSimpleDBDomain_basic
--- PASS: TestAccAWSSimpleDBDomain_basic (19.93s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 39.535s
```
Fixes#2439
Port used to ForceNew, it has now been changed to allow it to be
updated. 2 changes were needed:
1. Setting the port back to state
2. Adding the wait for state function to the Update func
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBInstance_portUpdate'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDBInstance_portUpdate -timeout 120m
=== RUN TestAccAWSDBInstance_portUpdate
--- PASS: TestAccAWSDBInstance_portUpdate (699.84s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 699.861s
```
Previously, the `stage_key` were not being set back to state in the Read
func. Changing this means the tests now run as follows:
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAPIGatewayApiKey_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSAPIGatewayApiKey_ -timeout 120m
=== RUN TestAccAWSAPIGatewayApiKey_importBasic
--- PASS: TestAccAWSAPIGatewayApiKey_importBasic (42.42s)
=== RUN TestAccAWSAPIGatewayApiKey_basic
--- PASS: TestAccAWSAPIGatewayApiKey_basic (42.11s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 84.549s
```
We were not setting all the values in the read Func. One other issue, we
were setting the *wrong* db_parameter_name value to state
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRDSClusterInstance_import'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRDSClusterInstance_import -timeout 120m
=== RUN TestAccAWSRDSClusterInstance_importBasic
--- PASS: TestAccAWSRDSClusterInstance_importBasic (1201.80s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws
1201.814s
```
Fixes#7543 where creating a CloudWatch Group, then deleting it from the
console will cause no action on refresh / plan
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchLogGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSCloudWatchLogGroup_ -timeout 120m
=== RUN TestAccAWSCloudWatchLogGroup_importBasic
--- PASS: TestAccAWSCloudWatchLogGroup_importBasic (18.10s)
=== RUN TestAccAWSCloudWatchLogGroup_basic
--- PASS: TestAccAWSCloudWatchLogGroup_basic (17.34s)
=== RUN TestAccAWSCloudWatchLogGroup_retentionPolicy
--- PASS: TestAccAWSCloudWatchLogGroup_retentionPolicy (49.81s)
=== RUN TestAccAWSCloudWatchLogGroup_multiple
--- PASS: TestAccAWSCloudWatchLogGroup_multiple (23.74s)
=== RUN TestAccAWSCloudWatchLogGroup_disappears
--- PASS: TestAccAWSCloudWatchLogGroup_disappears (15.78s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 124.789s
```
Previously, any old HTTP error would be treated as the security_group_rule being
deleted. In reality there are only a few cases where this is the right
assumption.
This workaround is originally from 71b30c633f.
According to the commit message from Mitchell Hashimoto:
So I think the AWS API is just broken here. In the case that the state
doesn't update, just assume it did after 5 seconds.
Based on my experience, this AWS API is still broken in the same way.
The timeout was later increased from 5 seconds to 10 seconds in
265cc4fffa.
The timeout (but not the timer) was removed inexplicably in GH-1325.
The symptom is this error from `terraform apply`:
aws_internet_gateway.test: Error waiting for internet gateway (igw-553b4731) to attach: timeout while waiting for state to become '[available]'
followed by all subsequent `terraform apply` commands failing with this error:
aws_internet_gateway.test: Resource.AlreadyAssociated: resource igw-553b4731 is already attached to network vpc-61bc7606
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRedshiftCluster_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRedshiftCluster_importBasic -timeout 120m
=== RUN TestAccAWSRedshiftCluster_importBasic
--- PASS: TestAccAWSRedshiftCluster_importBasic (623.52s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 623.546s
```
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSESReceiptFilter_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSESReceiptFilter_ -timeout 120m
=== RUN TestAccAWSSESReceiptFilter_importBasic
--- PASS: TestAccAWSSESReceiptFilter_importBasic (18.18s)
=== RUN TestAccAWSSESReceiptFilter_basic
--- PASS: TestAccAWSSESReceiptFilter_basic (18.42s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 36.633s
```
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSESReceiptRuleSet_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSSESReceiptRuleSet_ -timeout 120m
=== RUN TestAccAWSSESReceiptRuleSet_importBasic
--- PASS: TestAccAWSSESReceiptRuleSet_importBasic (18.60s)
=== RUN TestAccAWSSESReceiptRuleSet_basic
--- PASS: TestAccAWSSESReceiptRuleSet_basic (26.92s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 45.550s
```
JUst needed some rejigging of the skip_final_snapshot work as that isn't
returned by the API and skipping it means the destroy fails due to
missing final_snapshot_identifier
```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSDBInstance_' ✹ ✭
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /vendor/)
2016/07/07 15:28:31 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBInstance_
-timeout 120m
=== RUN TestAccAWSDBInstance_importBasic
--- PASS: TestAccAWSDBInstance_importBasic (588.70s)
=== RUN TestAccAWSDBInstance_basic
--- PASS: TestAccAWSDBInstance_basic (595.71s)
=== RUN TestAccAWSDBInstance_kmsKey
--- PASS: TestAccAWSDBInstance_kmsKey (726.46s)
=== RUN TestAccAWSDBInstance_optionGroup
--- PASS: TestAccAWSDBInstance_optionGroup (681.78s)
=== RUN TestAccAWSDBInstance_iops_update
--- PASS: TestAccAWSDBInstance_iops_update
(590.81s)
```
Please note that I cannot run the enhanced monitoring test in my
environment as I have already got it attached to an IAM role. Running
that test gives me this result:
```
```
The symptom is that a route "fails" to create, then every subsequent
`terraform apply` fails with RouteAlreadyExists.
CreateRoute was succeeding but the very next DescribeRouteTables
was not listing the new route.
This fixes#7157. It doesn't change the way aws_ami works
```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSAMICopy'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAMICopy
-timeout 120m
=== RUN TestAccAWSAMICopy
--- PASS: TestAccAWSAMICopy (479.75s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 479.769s
```
Fixes#7433
When an EFS File System is created via Terraform, Deleted from the AWS
console, then Terraform would give us as error as:
```
* aws_efs_file_system.file_system: FileSystemNotFound: File system
'fs-9d739e54' does not exist.
status code: 404, request id:
d505a682-3ec7-11e6-81d3-1d41202f0881
```
On a 404, we now remove the EFS File System from state so that Terraform
can recreate it as expected
allows load balancer policies and their assignment to backend servers or listeners to be configured independently.
this gives flexibility to configure additional policies on aws elastic load balancers aside from the already provided "convenience" wrappers for cookie stickiness
This test function tests both VPC and Classic EC2 modes, but not
all accounts have support for both. Splitting them makes it
easier to understand why a test fails when an account only
supports the VPC mode.
* Added support for redshift destination to firehose delivery streams
* Small documentation fix
* go fmt after rebase
* small fixes after rebase
* provider/aws: Firehose test cleanups
* provider/aws: Update docs
* Convert Redshift and S3 blocks to TypeList
* provider/aws: Add migration for S3 Configuration in Kinesis firehose
* providers/aws: Safety first when building Redshift config options
* restore commented out log statements in the migration
* provider/aws: use MaxItems in schema
* fixed go vet issues on aws provider in master
* added support for dns, dns options and dns search for docker container.
On docker container resource you can specify dns_opts nad dns_search
which maps directly to docker --dns_opt and --dns_search parameters.
Allowing users to setup the embedded dns settings for their containers.
* fixed the asserts for the new features in tests.
fixed tests around DNS, DNS_OPTS and DNS_SEARCH
Fixes an issue where terraform plan or apply will always have a diff.
The Elastic Beanstalk API returns data for the `resource` attribute for
some settings that are not documented. This limits the `resource`
attribute to settings in the `aws:autoscaling:scheduledaction`
namespace.
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVPCPeeringConnection_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVPCPeeringConnection_ -timeout 120m
=== RUN TestAccAWSVPCPeeringConnection_importBasic
--- PASS: TestAccAWSVPCPeeringConnection_importBasic (42.58s)
=== RUN TestAccAWSVPCPeeringConnection_basic
--- PASS: TestAccAWSVPCPeeringConnection_basic (45.00s)
=== RUN TestAccAWSVPCPeeringConnection_plan
--- PASS: TestAccAWSVPCPeeringConnection_plan (40.92s)
=== RUN TestAccAWSVPCPeeringConnection_tags
--- SKIP: TestAccAWSVPCPeeringConnection_tags (0.00s)
resource_aws_vpc_peering_connection_test.go:85: Error: TestAccAWSVPCPeeringConnection_tags requires a peer id to be set
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 128.517s
```
```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSAPIGatewayAccount_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAPIGatewayAccount_importBasic -timeout 120m
=== RUN TestAccAWSAPIGatewayAccount_importBasic
--- PASS: TestAccAWSAPIGatewayAccount_importBasic (16.43s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 16.450s
```
FYI @catsby
The acceptance test was throwing the error:
```
* aws_elb.main: DuplicateLoadBalancerName: Load Balancer named
* foobar-terraform-elb already exists and it is configured with
* different parameters.
```
So randomized the name and the test still passes as expected:
```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSRoute53Record_alias'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRoute53Record_alias -timeout 120m
=== RUN TestAccAWSRoute53Record_alias
--- PASS: TestAccAWSRoute53Record_alias (97.70s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 97.722s
```
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpnConnection_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpnConnection_ -timeout 120m
=== RUN TestAccAWSVpnConnection_importBasic
--- PASS: TestAccAWSVpnConnection_importBasic (201.02s)
=== RUN TestAccAWSVpnConnection_basic
--- PASS: TestAccAWSVpnConnection_basic (336.38s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 537.426s
```
Had to change the way that the tests were working to include a random sqs-queue name due to this error:
```
`aws_sqs_queue.test_queue: Error creating SQS queue: AWS.SimpleQueueService.QueueDeletedRecently: You must wait 60 seconds after deleting a queue before you can create another with the same name.
status code: 400, request id: b58e800a-ae27-556e-b6de-cfe1bbf9dc09``
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSNSTopicSubscription_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSNSTopicSubscription_ -timeout 120m
=== RUN TestAccAWSSNSTopicSubscription_importBasic
--- PASS: TestAccAWSSNSTopicSubscription_importBasic (24.44s)
=== RUN TestAccAWSSNSTopicSubscription_basic
--- PASS: TestAccAWSSNSTopicSubscription_basic (25.26s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 49.722s
```
* Add SES resource
* Detect ReceiptRule deletion outside of Terraform
* Handle order of rule actions
* Add position field to docs
* Fix hashes, add log messages, and other small cleanup
* Fix rebase issue
* Fix formatting
```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSIAMAccountPasswordPolicy_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSIAMAccountPasswordPolicy_ -timeout 120m
=== RUN TestAccAWSIAMAccountPasswordPolicy_importBasic
--- PASS: TestAccAWSIAMAccountPasswordPolicy_importBasic (14.75s)
=== RUN TestAccAWSIAMAccountPasswordPolicy_basic
--- PASS: TestAccAWSIAMAccountPasswordPolicy_basic (26.06s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 40.831s
```
Small change to the test as it was failing sometimes as it was using the
same identifier. The small change has made it more stable when running
it in quick succession as it isn't an update
```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSIAMGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSIAMGroup_
-timeout 120m
=== RUN TestAccAWSIAMGroup_importBasic
--- PASS: TestAccAWSIAMGroup_importBasic (14.14s)
=== RUN TestAccAWSIAMGroup_basic
--- PASS: TestAccAWSIAMGroup_basic (22.88s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 37.040s
```
The Id wasn't being set until after the Read func returned from the API.
I needed to move that Id set up until just after the Create response
returned
The same Id's have been set - username
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUser_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUser_
-timeout 120m
=== RUN TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (14.24s)
=== RUN TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (24.99s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 39.261s
```
Changes required:
* ECR Read func doesn't need to take ``registry_id` as it uses the
current account Id
* `name` wasn't being set in the ECR Read so the import was failing as
name wasn't found
```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSEcrRepository_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEcrRepository_ -timeout 120m
=== RUN TestAccAWSEcrRepository_importBasic
--- PASS: TestAccAWSEcrRepository_importBasic (17.37s)
=== RUN TestAccAWSEcrRepository_basic
--- PASS: TestAccAWSEcrRepository_basic (16.05s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 33.437s
```
this datasource allows terraform to work with externally modified state, e.g.
when you're using an ECS service which is continously updated by your CI via the
AWS CLI.
right now you'd have to wrap terraform into a shell script which looks up the
current image digest, so running terraform won't change the updated service.
using the aws_ecs_container_definition data source you can now leverage
terraform, removing the wrapper entirely.
If an AWS Cookie Stickiness Policy is removed from the listener in
the AWS console the policy isn't deleted. Cross reference the policy
name with those assigned to the listener to determine if the policy
is actually being used.
Since this resource produces a list it feels more intuitive to give its
attribute a plural name, and since the noun "instance" already means
something specific in the AWS provider that doesn't apply here we use
"names" to indicate that these are availability zone names.
Also includes updating the docs to not show a dynamic count example for
now, since we don't support that yet.
When reading an AppCookieStickinessPolicy check for LoadBalancerNotFound
as well as PolicyNotFound. This prevents errors when when destroying a
policy on an ELB that no longer exists.
false
Fixes#7035
A known issue in Terraform means that d.GetOk() on a bool which is false
will mean it doesn't get evaulated. Therefore, when people set
publicly_accessible to false, it will never get evaluated on the Create
We are going to make it default to false now
Fixed the problem where the root_block_device could cause an apply error
by reading back an "encrypted" parameter that was meant for an
ebs_block_device. "encrypted" is not part of the root_block_device
schema, since it can't be set explicitly.
Added a check in Create to fail when the root device is incorrectly
specified as an ebs_block_device, as this causes continual refreshing
due to mismatched state between root_block_device and ebs_block_device.
"encrypted" and "snapshot_id" should be guarded with ConflictsWith, but
that doesn't appear to work on nested resources despite #1926.
Fixes#7062
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticacheSubnetGroup'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSElasticacheSubnetGroup -timeout 120m
=== RUN TestAccAWSElasticacheSubnetGroup_basic
--- PASS: TestAccAWSElasticacheSubnetGroup_basic (44.62s)
=== RUN TestAccAWSElasticacheSubnetGroup_update
--- PASS: TestAccAWSElasticacheSubnetGroup_update (73.74s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 118.379s
* pr-6865:
provider/aws: Add db_param group to RDS Cluster Instance test
remove status attribute
support aurora instance's parameter group and modifyinstance