Commit Graph

231 Commits

Author SHA1 Message Date
Mitchell Hashimoto 412a2dca0b Merge pull request #1575 from freshbooks/aws-eni-route
provider/aws: Add Elastic Network Interfaces as route destination
2015-05-05 13:28:48 -07:00
Mitchell Hashimoto 379895931d website: network interface for EIP 2015-05-05 13:25:45 -07:00
Christopher Tiwald d76719bbb8 Add docs for various iam_* resources. 2015-05-05 12:47:20 -04:00
Phil Frost b082117e92 Implement AWS IAM resources
- Users
- Groups
- Roles
- Inline policies for the above three
- Instance profiles
- Managed policies
- Access keys

This is most of the data types provided by IAM. There are a few things
missing, but the functionality here is probably sufficient for 95% of
the cases. Makes a dent in #28.
2015-05-05 12:47:20 -04:00
jba 11ba9b1042 add the auto_accecpt option 2015-05-05 10:37:13 -05:00
Christopher Tiwald 2526379cf0 aws: Document the odd protocol = "-1" behavior in security groups. 2015-05-05 00:04:21 -04:00
Mitchell Hashimoto 9ed909c8fe Merge pull request #1749 from nabeken/aws-proxy-protocol-policy
provider/aws: Add proxy protocol support in ELB
2015-05-04 14:04:53 -07:00
Mitchell Hashimoto 8633c88723 Merge pull request #1775 from TimeIncOSS/r53-alias-record
aws: Add support for Alias records into AWS Route 53
2015-05-04 14:03:29 -07:00
Mitchell Hashimoto 2c90d3a637 Merge pull request #1793 from ctiwald/ct/add-vpn-connection-route
provider/aws: add support for VPN connection routes
2015-05-04 13:58:17 -07:00
Clint c437886a46 Merge pull request #1774 from hashicorp/b-website-parsing
Fix indentation, which was causing a rendering error in middleman
2015-05-04 12:05:54 -05:00
Christopher Tiwald e8976dca6b aws: Add documentation for VPN connection routes. 2015-05-04 12:55:55 -04:00
Christopher Tiwald 4727260987 aws: fix VPN connection acceptance test.
This corrects syntactical errors and uses distinct IP addresses for
each configuration.
2015-05-04 11:34:35 -04:00
Paul Hinze df15757311 docs: fix newline 2015-05-01 19:39:42 -05:00
TANABE Ken-ichi 3b549a9e4f Fix typo 2015-05-02 07:34:22 +09:00
Clint Shryock 3c6cec4fcd Fix indentation, which was causing a rendering error in middleman 2015-05-01 16:52:30 -05:00
Radek Simko 3d665ddfcf provider/aws: Add support for alias record to Route53 2015-05-01 22:43:04 +01:00
Christopher Tiwald 282c96f0e9 aws: Add docs for aws_vpn_connection resources. 2015-05-01 12:23:39 -04:00
Radek Simko bafabf17be provider/aws: Expose zone_id from elb 2015-05-01 08:07:33 +01:00
Camilo Aguilar 338ae601bc providers/aws: Implements DHCP Options Set support. 2015-04-30 17:52:04 -04:00
Paul Hinze a9de720a4e Merge pull request #1708 from hashicorp/f-elb-source-security-group
providers/aws: add source_security_group to elb
2015-04-30 16:10:02 -05:00
Christopher Tiwald 46296db9dc docs: vpn_gateway vpc_ids are optional, not required.
This is simply a mistake in the documentation. The code already leaves
this as optional.
2015-04-30 10:39:56 -04:00
TANABE Ken-ichi 638ca1e0df providers/aws: Add docs for aws_proxy_protocol_policy 2015-04-30 22:24:14 +09:00
Christopher Tiwald 2b4fb16e3a aws: Add docs for aws_customer_gateway. 2015-04-29 21:33:00 -04:00
Mitchell Hashimoto fa85e6b769 Merge pull request #1645 from dtan4/network-acl-tags-doc
website: Add Network ACL tags document
2015-04-28 20:50:47 -07:00
Mitchell Hashimoto 5d4c67c462 website: add ebs_volume 2015-04-28 20:49:21 -07:00
Paul Hinze e4e6ac5d91 providers/aws: add source_security_group to elb 2015-04-28 09:40:19 -05:00
Christopher Tiwald d42441f9cd aws: Add docs for app_cookie_stickiness_policy. 2015-04-26 18:57:40 -04:00
Christopher Tiwald 30f8fd738a aws: Add docs for lb_cookie_stickiness_policy. 2015-04-26 18:05:43 -04:00
Justin Campbell 17ef529ac3 website: Link to canned ACL list for s3 buckets 2015-04-25 07:35:53 -04:00
Daisuke Fujita 5813c22c3e Remove extra = signs from Network ACL document 2015-04-24 03:11:00 +09:00
Paul Hinze ca8e405273 Merge pull request #1647 from TimeIncOSS/update-docs
Update docs for Route53 + S3 bucket
2015-04-23 07:41:59 -05:00
Radek Simko 17baf0bb2f tags added to s3_bucket docs 2015-04-23 13:25:13 +01:00
Radek Simko 9b182c13dd route53_zone - docs updated (tags + name_servers) 2015-04-23 13:22:04 +01:00
Panagiotis Moustafellos 6bb8947d16 providers/aws: aws_elb incr. idle_timeout to 60s
per docs
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/config-idle-timeout.html
2015-04-23 12:46:52 +03:00
Daisuke Fujita 1182238f81 Add Network ACL tags document 2015-04-23 18:05:07 +09:00
Radek Simko 3aae74f60c route53_record docs - missing newline added 2015-04-22 14:09:06 +01:00
Mitchell Hashimoto 8ca42f832e Merge pull request #1525 from Banno/route53-zone-nameservers
providers/aws: Expose Route53 zone nameservers for parent zone NS record
2015-04-22 12:10:27 +02:00
Mitchell Hashimoto 887f1b3d12 Merge branch 'elb-connection-settings' of https://github.com/jwaldrip/terraform into jwaldrip-elb-connection-settings 2015-04-22 08:38:19 +02:00
Mitchell Hashimoto 70a0579a12 Merge pull request #1578 from TimeIncOSS/route53-weighted-records
provider/aws: Add support for weighted Route53 records
2015-04-22 08:33:28 +02:00
Mitchell Hashimoto b755459ee3 Merge pull request #1358 from rzh/placement_group
provider/aws: support for AWS Placement Group
2015-04-22 08:20:43 +02:00
Radek Simko 555f9dfab3 aws: Support for weighted Route53 records added
- closes #1155
2015-04-17 18:53:36 +01:00
duncan e1ac4b9f90 Add Elastic Network Interfaces as route destination
Fixes #938
2015-04-17 13:22:31 -04:00
Luke Amdor c3f9c12426 Merge remote-tracking branch 'refs/remotes/origin/master' into route53-zone-nameservers 2015-04-17 10:11:53 -05:00
Clint Shryock 3337503eda update test and documentation for vpc ids in instances 2015-04-15 12:17:21 -05:00
Clint Shryock 97b98b1da6 Merge branch 'master' into f-aws-instance-vpc-sec-ids
* master: (511 commits)
  Update CHANGELOG.md
  core: avoid diff mismatch on NewRemoved fields during -/+
  Update CHANGELOG.md
  update CHANGELOG
  Fix minor error in index/count docs
  terraform: remove debug
  terraform: when pruning destroy, only match exact nodes, or exact counts
  up version for dev
  update CHANGELOG
  terraform: prune tainted destroys if no tainted in state [GH-1475]
  update CHANGELOG
  config/lang: support math on variables through implicits
  update CHANGELOG
  update cHANGELOG
  update cHANGELOG
  providers/aws: set id outside if/esle
  providers/aws: set ID after creation
  core: remove dead code from pre-deposed refactor
  website: update LC docs to note name is optional
  security_groups field expects a list of Security Group Group Names, not IDs
  ...
2015-04-15 12:12:17 -05:00
Luke Amdor a4e4ffb87f updating Route53 docs for parent nameserver change 2015-04-14 14:18:38 -05:00
Mitchell Hashimoto c9eb7dc8bf Merge pull request #1465 from tlovett-rmn/fix-security-groups-docs
website: security_groups field expects a list of Group Names, not Group IDs
2015-04-14 08:29:13 -07:00
Mitchell Hashimoto 0bd7856942 website: update LC docs to note name is optional 2015-04-13 16:00:29 -07:00
Jason Waldrip 74bfbece69 Implement Additional ELB Connection Attributes 2015-04-13 14:14:26 -06:00
Thomas Lovett baf1625485 security_groups field expects a list of Security Group Group Names, not IDs 2015-04-13 14:23:11 -05:00
Paul Hinze de3735bd6f docs: move aws SG tags from rules to resource
fixes #1479
2015-04-10 14:29:31 -05:00
Paul Hinze 34c7bbcf4d providers/aws: reduce scope of block_device set hashcodes
Fixes #1409

Resource set hash calculation is a bit of a devil's bargain when it
comes to optional, computed attributes.

If you omit the optional, computed attribute from the hash function,
changing it in an existing config is not properly detected.

If you include the optional, computed attribute in the hash and do not
specify a value for it in the config, then you'll end up with a
perpetual, unresolvable diff.

We'll need to think about how to get the best of both worlds, here, but
for now I'm switching us to the latter and documenting the fact that
changing these attributes requires manual `terraform taint` to apply.
2015-04-09 08:53:09 -05:00
Daisuke Fujita 236d3af646 Remove owner_id argument from document 2015-04-07 16:16:04 +09:00
Nick HS 39598cf1fa Rename False to false in aws_db_instance
False isn't allowed in hcl, just fixing a typo
2015-04-03 15:19:41 -04:00
Nick HS 95270bf68d Change example name in aws_db_paramater_group res
AWS DB Paramater Groups cannot contain underscores, see
http://docs.aws.amazon.com/AmazonRDS/latest/CommandLineReference/CLIReference-cmd-CreateDBParameterGroup.html
2015-04-03 15:16:13 -04:00
Jason Waldrip f77250f17d block device support for launch configurations
- mimics block device support from AWS instance
 - splits the acceptance tests out so they all pass, handling a FIXME
   from #1079
2015-04-02 12:34:13 -05:00
Rui Zhang 94bb3ed513 Support for AWS Placement Group
- add placement_group for aws instance
- update test and document
2015-04-01 23:33:16 -07:00
Clint Shryock e485767694 provider/aws: Add non-destructive updates to AWS RDS
This introduces non-destructive, in-place upgrades to MultiAZ and Engine Version
attributes of AWS RDS instances.
2015-03-31 09:41:37 -05:00
Radek Simko 7950ace399 Documentation for ASG Tags added 2015-03-26 07:35:16 +00:00
Paul Hinze a4e80b6313 providers/aws: derive instance root_block_device name
I was working on building a validation to check the user-provided
"device_name" for "root_block_device" on AWS Instances, when I realized
that if I can check it, I might as well just derive it automatically!

So that's what we do here - when you customize the details of the root
block device, device name is just comes from the selected AMI.
2015-03-23 11:58:45 -05:00
Clint bb4dd8ae77 Merge pull request #1137 from deverton/aws-go-vpn
provider/aws: Add Support For AWS VPN Gateways using aws-sdk-go
2015-03-19 16:12:17 -05:00
Paul Hinze 46b63074e0 Merge pull request #1045 from hashicorp/f-block-devices
providers/aws: rework instance block devices
2015-03-19 09:09:45 -05:00
Paul Hinze 2b23c402ee providers/aws: rework instance block devices
Instance block devices are now managed by three distinct sub-resources:

 * `root_block_device` - introduced previously
 * `ebs_block_device` - all additional ebs-backed volumes
 * `ephemeral_block_device` - instance store / ephemeral devices

The AWS API support around BlockDeviceMapping is pretty confusing. It's
a single collection type that supports these three members each of which
has different fields and different behavior.

My biggest hiccup came from the fact that Instance Store volumes do not
show up in any response BlockDeviceMapping for any EC2 `Describe*` API
calls. They're only available from the instance meta-data service as
queried from inside the node.

This removes `block_device` altogether for a clean break from old
configs. New configs will need to sort their `block_device`
declarations into the three new types. The field has been marked
`Removed` to indicate this to users.

With the new block device format being introduced, we need to ensure
Terraform is able to properly read statefiles written in the old format.
So we use the new `helper/schema` facility of "state migrations" to
transform statefiles in the old format to something that the current
version of the schema can use.

Fixes #858
2015-03-19 09:03:41 -05:00
Dan Everton f7289599cc Merge branch 'master' into aws-go-vpn 2015-03-19 11:03:48 +10:00
Michael H. Oshita 1979d9b792 fix indent
align indentation with the rest of the code.
2015-03-19 03:45:32 +09:00
Clint dc4abb48fa Merge pull request #1195 from hashicorp/f-retire-goamz
provider/aws: Retire goamz
2015-03-16 08:42:40 -05:00
Clint Shryock cd15c9aaf9 clean up docs 2015-03-13 16:04:27 -05:00
Clint Shryock 2d62e55b0e Add note to Intergent Gateway resource on using depends_on 2015-03-13 15:39:17 -05:00
Clint Shryock 580b696e7f Strike 'goamz' from the repo' 2015-03-12 16:49:38 -05:00
Dan Everton 9f50b048e1 Merge branch 'master' into aws-go-vpn 2015-03-12 08:09:27 +10:00
Clint Shryock 64f7e6a19c Update website docs on AWS RDS encryption field 2015-03-11 13:37:56 -05:00
Dan Everton 0900452113 Remove type parameter from vpn_gateway docs 2015-03-10 10:32:49 +10:00
Colin Hebert 268920126e Update documentation to reflect the new vpc_security_group_ids parameter 2015-03-07 17:09:13 +11:00
Dan Everton b741e0c9a3 Add documentation 2015-03-06 08:41:22 +10:00
Paul Hinze 72d4ac73d3 Merge pull request #1103 from suguru/aws-block-device-iops
providers/aws: add iops to block devices
2015-03-04 12:02:10 -06:00
Suguru Namura 68efa3fc21 providers/aws: add iops to block devices 2015-03-03 15:57:08 +09:00
Kevin Yi 0e3f1a865e protocol value for all traffic should be -1
If it is all traffic instead of all tcp traffic , protocol should be equal -1 , otherwise indicate all tcp not all traffic
2015-03-03 10:33:54 +11:00
Jack Pearkes c21c766c3e website: route53 subdomain hosted zones example 2015-02-26 14:20:30 -08:00
Clint Shryock d79b0d7fd1 provider/aws: Convert AWS DB Instance over to awslabs/aws-sdk-go
- Remove check on password for AWS RDS Instance
- Update documentation on AWS RDS Instance regarding DB Security Groups
- Change error handling to check error code from AWS API [ci skip]
2015-02-24 16:51:47 -06:00
Paul Hinze 73d20b4c58 providers/aws: add root_block_device to aws_instance
AWS provides a single `BlockDeviceMapping` to manage three different
kinds of block devices:

 (a) The root volume
 (b) Ephemeral storage
 (c) Additional EBS volumes

Each of these types has slightly different semantics [1].

(a) The root volume is defined by the AMI; it can only be customized
with `volume_size`, `volume_type`, and `delete_on_termination`.

(b) Ephemeral storage is made available based on instance type [2]. It's
attached automatically if _no_ block device mappings are specified, and
must otherwise be defined with block device mapping entries that contain
only DeviceName set to a device like "/dev/sdX" and VirtualName set to
"ephemeralN".

(c) Additional EBS volumes are controlled by mappings that omit
`virtual_name` and can specify `volume_size`, `volume_type`,
`delete_on_termination`, `snapshot_id`, and `encryption`.

After deciding to ignore root block devices to fix #859, we had users
with configurations that were attempting to manage the root block device chime
in on #913.

Terraform does not have the primitives to be able to properly handle a
single collection of resources that is partially managed and partially
computed, so our strategy here is to break out logical sub-resources for
Terraform and hide the BlockDeviceMapping inside the provider
implementation.

Now (a) is supported by the `root_block_device` sub-resource, and (b)
and (c) are still both merged together under `block_device`, though I
have yet to see ephemeral block devices working properly.

Looking into possibly separating out `ephemeral_block_device` and
`ebs_block_device` sub-resources as well, which seem like the logical
next step. We'll wait until the next big release for this, though, since
it will break backcompat.

[1] http://bit.ly/ec2bdmap
[2] http://bit.ly/instancestorebytype

Fixes #913
Refs #858
2015-02-18 13:15:11 -06:00
Mitchell Hashimoto 44c45994c8 Merge pull request #963 from julienba/master
providers/aws: vpc_peering_connection
2015-02-18 06:56:28 -08:00
jba 372035368f allow update 2015-02-18 10:45:12 +01:00
Mitchell Hashimoto 0feb29944c Merge pull request #856 from CashStar/aws_egress
provider/aws: adding support for egress rules in AWS Security Groups
2015-02-17 13:59:47 -08:00
nevins-b b7238ca6f2 adding documentation 2015-02-17 13:23:10 -05:00
Mitchell Hashimoto c5e035361f Merge pull request #896 from bitglue/storage_type
provider/aws: Support storage_type parameter for aws_db_instance
2015-02-17 09:30:03 -08:00
Mitchell Hashimoto f63aa41d67 Merge pull request #897 from bitglue/apply_method
provider/aws: Implement apply_method for RDS parameters
2015-02-17 09:28:24 -08:00
Mitchell Hashimoto 1fa6141a39 Merge pull request #933 from egarbi/master
docs: Added missing line for aws_launch_configuration resource on AWS provider...
2015-02-17 09:24:50 -08:00
jba 101f801846 add aws_vpc_peering_connection 2015-02-12 10:45:29 +01:00
Radek Simko 3366f1924f Add docs for AWS IG tags 2015-02-11 13:33:59 +00:00
jba 3b0b41c9a1 allow vpc_peering_connection_id in aws_route_table 2015-02-10 17:50:29 +01:00
Phil Frost 81b5c238ef Clarify usage of `aws_elb`
Address confusion regarding ELB in VPC or EC2-classic. See #958.
2015-02-10 11:13:54 -05:00
Enrique Garbi 2b3015f66a Added missing line for aws_launch_configuration resource on AWS provider docs 2015-02-05 17:05:14 +00:00
Paul Hinze f852a01c22 providers/aws: docs for aws_main_route_table_association 2015-02-03 15:13:15 -06:00
Phil Frost 8eb5418c4a Implement apply_method for RDS parameters
This is necessary to support creating parameter groups with parameters
that require a reboot, since the RDS API will return an error when
attempting to set those parameters with ApplyMethod "immediate".
2015-01-30 13:06:15 -05:00
Phil Frost bfaf8ccee6 Support storage_type parameter for aws_db_instance
This allows provisioning "gp2" (general purpose SSD) storage for DB
instances.
2015-01-30 13:01:10 -05:00
Phil Frost 254b25a64f Fix aws_db_instance to not recreate each time
Several of the arguments were optional, and if omitted, they are
calculated. Mark them as such in the schema to avoid triggering an
update.

Go back to storing the password in the state file. Without doing so,
there's no way for Terraform to know the password has changed. It should
be hashed, but then interpolating the password yields a hash instead of
the password.

Make the `name` parameter optional. It's not required in any engine, and
in some (MS SQL Server) it's not allowed at all.

Drop the `skip_final_snapshot` argument. If `final_snapshot_identifier`
isn't specified, then don't make a final snapshot. As things were, it
was possible to create a resource with neither of these arguments
specified which would later fail when it was to be deleted since the RDS
API requires exactly one of the two.

Resolves issue #689.
2015-01-28 12:03:26 -05:00
Mitchell Hashimoto 577e2420b0 Revert "docs: consistent use of array configuration syntax"
This reverts commit 4893eb8b55.
2015-01-14 09:28:25 -08:00
Emil Hessman 4893eb8b55 docs: consistent use of array configuration syntax
The Terraform configuration syntax defines what arrays are.
Use the word array consistently throughout the documentation
instead of list.

The corresponding JSON datatype is called array as well, and
since the Terraform configuration syntax is interoperable with
JSON it makes sense to use the term array to describe them.
2015-01-13 06:59:12 +01:00
Sören Blom efca6b0e8a only non-default VPC security groups are referenced by ID. 2015-01-07 12:52:20 +01:00
Armon Dadgar eef75a7a2a Merge pull request #695 from moredip/aws_key_pair-resource
add aws_key_pair resource
2015-01-06 10:46:58 -08:00