Commit Graph

3541 Commits

Author SHA1 Message Date
Raymond Fallon b30ef0f58d Update Application Auto Scaling to support scaling an Amazon EC2 Spot fleet. (#8697)
* provider/aws: Update Application Auto Scaling service model

  - Add support for automatically scaling an Amazon EC2 Spot fleet.

* Remove duplicate policy_type check.

* Test creating a scalable target for a splot fleet request.

* Test creating a scaling policy for a splot fleet request.

* Update resource docs to support scaling an Amazon EC2 Spot fleet.

  - aws_appautoscaling_policy
  - aws_appautoscaling_target

* Remove arn attribute from aws_appautoscaling_target

  - No arn is generated or returned for this resource.

* Remove optional name attribute from aws_appautoscaling_target

  - ScalableTargets do not have a name
  - I think this was copied from aws_appautoscaling_policy

* AWS Application Autoscaling resource documentation tweaks

  - include a target resource in the policy example
  - sort attributes by alpha
  - fixup markdown
  - add spaces to test config
2017-02-02 09:39:22 +00:00
Clint 8f063d6773 Merge pull request #11621 from hashicorp/b-aws-test-fixes
provider/aws: Some Lambda test fixes
2017-02-01 16:39:15 -06:00
clint shryock f87f0f5ba6 provider/aws: Fix permissions for IAM role in Lambda tests 2017-02-01 15:59:40 -06:00
Jake Champlin 3d22adbd5d
provider/aws: Fix root-block-device bug
Previously the `root_block_device` config map was a `schema.TypeSet` with an empty `Set` function, and a hard-limit of 1 on the attribute block.
This prevented a user from making any real changes inside the attribute block, thus leaving the user with a `Apply complete!` message, and nothing changed.

The schema API has since been updated, and we can now specify the `root_block_device` as a `schema.TypeList` with `MaxItems` set to `1`. This fixes the issue, and allows the user to update the `aws_instance`'s `root_block_device` attribute, and see changes actually propagate.
2017-02-01 16:25:07 -05:00
clint shryock b592f8d35d provider/aws: Fix lambda source mapping tests 2017-02-01 13:25:24 -06:00
Jake Champlin b51edd6175 Merge pull request #11612 from hashicorp/b-fix-beanstalk-env-acctests
provider/aws: Fixes aws beanstalk env acc tests
2017-02-01 13:22:32 -05:00
Paul Stack 851cc46548 provider/aws: Guard against panic in aws_vpc_endpoint_association (#11613)
I believe that if no VPC Endpoints were returned from the AWS API, we
were not guarding against a panic. We were strill trying to inspect the
RouteTableIds. This commit will ensure that no errors are thrown before
trying to use the RouteTableIds

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpcEndpointRouteTableAssociation_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/01 18:06:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpcEndpointRouteTableAssociation_ -timeout 120m
=== RUN   TestAccAWSVpcEndpointRouteTableAssociation_basic
--- PASS: TestAccAWSVpcEndpointRouteTableAssociation_basic (42.83s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	42.859s
```
2017-02-01 18:14:41 +00:00
Jake Champlin f7db75da58
provider/aws: Fixes aws beanstalk env acc tests
Fixes the beanstalk env tests such that they can run in parallel better. Previously, only the beanstalk application was randomized, now the beanstalk environment is also randomized to help better facilitate running our tests in parallel.

```
=== RUN   TestAccAWSBeanstalkEnv_outputs
--- PASS: TestAccAWSBeanstalkEnv_outputs (388.74s)
=== RUN   TestAccAWSBeanstalkEnv_cname_prefix
--- PASS: TestAccAWSBeanstalkEnv_cname_prefix (386.78s)
=== RUN   TestAccAWSBeanstalkEnv_config
--- PASS: TestAccAWSBeanstalkEnv_config (532.56s)
=== RUN   TestAccAWSBeanstalkEnv_resource
--- PASS: TestAccAWSBeanstalkEnv_resource (420.47s)
=== RUN   TestAccAWSBeanstalkEnv_vpc
--- PASS: TestAccAWSBeanstalkEnv_vpc (516.02s)
=== RUN   TestAccAWSBeanstalkEnv_template_change
--- PASS: TestAccAWSBeanstalkEnv_template_change (623.38s)
=== RUN   TestAccAWSBeanstalkEnv_basic_settings_update
--- PASS: TestAccAWSBeanstalkEnv_basic_settings_update (705.32s)
```
2017-02-01 13:09:43 -05:00
Doug Neal babc52202c Succeed creating aws_volume_attachment if identical attachment exists (#11060)
If an `aws_volume_attachment` is identical to one that already exists in
the API, don't attempt to re-create it (which fails), simply act as
though the creation command had already been run and continue.

This allows Terraform to cleanly recover from a situation where a volume
attachment action hangs indefinitely, possibly due to a bad instance
state, requiring manual intervention such as an instance reboot. In such
a situation, Terraform believes the attachment has failed, when in fact
it succeeded after the timeout had expired. On the subsequent retry run,
attempting to re-create the attachment will fail outright, due to the
AttachVolume API call being non-idempotent. This patch implements the
idempotency client-side by matching the (name, vID, iID) tuple.

Note that volume attachments are not assigned an ID by the API.
2017-02-01 15:41:53 +00:00
Jake Champlin c83a971efb Merge pull request #11605 from hashicorp/f-add-docs-ecs-cluster-datasource
documentation: Add documentation for the ECS Cluster Data Source
2017-02-01 10:08:03 -05:00
Jake Champlin ac73ce4199
documentation: Add documentation for the ECS Cluster Data Source
Adds documentation for the ECS Cluster Data Source. Also removes duplicate struct declarations from the data source and test.
2017-02-01 09:51:26 -05:00
Paul Stack ef08adeb65 provider/aws: Fix panic in aws_rds_cluster missing parameter error (#11600)
message

Fixes: #11568

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRDSCluster_missingUserNameCausesError'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/01 12:11:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRDSCluster_missingUserNameCausesError -timeout 120m
=== RUN   TestAccAWSRDSCluster_missingUserNameCausesError
--- PASS: TestAccAWSRDSCluster_missingUserNameCausesError (3.22s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	3.243s
```

The error message for a required parameter being missing has a wrong parameter baked into it. Therefore, when the error message tried to fire, it was throwing a panic. Added a test to make sure that we know the condition still fires and with a correct message
2017-02-01 14:42:00 +00:00
Jake Champlin 5566edd86e Merge pull request #11558 from hashicorp/feat/data_aws_ecs_cluster2
provider/aws: add aws_ecs_cluster datasource
2017-02-01 09:33:57 -05:00
Paul Stack 50fe7e1bb0 provider/aws: aws_route53_record import error processing (#11603)
Fixes: #11549

When a user passes the wrong argument to a route53_record import, they
got a crash. This was because we expected the ID to parse correctly. The
crash looked like this:

```
% terraform import aws_route53_record.import1 mike.westredd.com
aws_route53_record.import1: Importing from ID "mike.westredd.com"...
aws_route53_record.import1: Import complete!
  Imported aws_route53_record (ID: mike.westredd.com)
aws_route53_record.import1: Refreshing state... (ID: mike.westredd.com)
Error importing: 1 error(s) occurred:

* aws_route53_record.import1: unexpected EOF
panic: runtime error: index out of range
```

Rather than throwing a panic to the user, we should present them with a more useful message that tells them what the error is:

```
% terraform import aws_route53_record.import mike.westredd.com
aws_route53_record.import: Importing from ID "mike.westredd.com"...
aws_route53_record.import: Import complete!
  Imported aws_route53_record (ID: mike.westredd.com)
aws_route53_record.import: Refreshing state... (ID: mike.westredd.com)
Error importing: 1 error(s) occurred:

* aws_route53_record.import: Error Importing aws_route_53 record. Please make sure the record ID is in the form ZONEID_RECORDNAME_TYPE (i.e. Z4KAPRWWNC7JR_dev_A
```

At least they can work out what the problem is in this case
2017-02-01 14:15:08 +00:00
KOJIMA Kazunori 427b0042bb provider/aws: Add sensitive attribute in master_password (#11584) 2017-02-01 11:10:51 +00:00
Raphael Randschau acb55ecc1b provider/aws: code review feedback 2017-02-01 09:32:19 +01:00
Raphael Randschau 1e847c2148
provider/aws: avoid ecs cluster name collisions 2017-01-31 23:40:31 +01:00
Jake Champlin 039701fa51 Merge pull request #11580 from hashicorp/b-fix-panic-data-azs
provider/aws: Fix panic from AZs Data Source Test
2017-01-31 16:06:08 -05:00
Jake Champlin 421b25cacf
provider/aws: Fix panic from AZs Data Source Test
The `aws_availability_zones` data source test was panicking. This fixes both tests

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAvailabilityZones'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 15:47:39 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAvailabilityZones -timeout 120m
=== RUN   TestAccAWSAvailabilityZones_basic
--- PASS: TestAccAWSAvailabilityZones_basic (12.56s)
=== RUN   TestAccAWSAvailabilityZones_stateFilter
--- PASS: TestAccAWSAvailabilityZones_stateFilter (13.59s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    26.187s
```
2017-01-31 15:54:17 -05:00
clint shryock 0e5f08e87d change vpc test name to isolate it 2017-01-31 14:50:21 -06:00
Jake Champlin e81231035c Merge pull request #11579 from hashicorp/b-fix-beanstalk-tests
provider/aws: Fix ElasticBeanstalk Acceptance Tests
2017-01-31 15:28:37 -05:00
Gauthier Wallet 4da1451971 Added Step Function resources (State Machine & Activity) (#11420)
* Added Step Function Activity & Step Function State Machine

* Added SFN State Machine documentation

* Added aws_sfn_activity & documentation

* Allowed import of sfn resources

* Added more checks on tests, fixed documentation

* Handled the update case of a SFN function (might be already deleting)

* Removed the State Machine import test file

* Fixed the eventual consistency of the read after delete for SFN functions
2017-01-31 20:17:38 +00:00
Jake Champlin 3541b9254e
provider/aws: Fix ElasticBeanstalk Acceptance Tests
Fixes all the currently failing ElasticBeanstalk Acceptance Tests

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSBeanstalkEnv'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:47:39 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSBeanstalkEnv -timeout 120m
=== RUN   TestAccAWSBeanstalkEnv_basic
--- PASS: TestAccAWSBeanstalkEnv_basic (383.73s)
=== RUN   TestAccAWSBeanstalkEnv_tier
--- PASS: TestAccAWSBeanstalkEnv_tier (629.41s)
=== RUN   TestAccAWSBeanstalkEnv_outputs
--- PASS: TestAccAWSBeanstalkEnv_outputs (374.11s)
=== RUN   TestAccAWSBeanstalkEnv_cname_prefix
--- PASS: TestAccAWSBeanstalkEnv_cname_prefix (429.19s)
=== RUN   TestAccAWSBeanstalkEnv_config
--- PASS: TestAccAWSBeanstalkEnv_config (512.37s)
=== RUN   TestAccAWSBeanstalkEnv_resource
--- PASS: TestAccAWSBeanstalkEnv_resource (358.39s)
=== RUN   TestAccAWSBeanstalkEnv_vpc
--- PASS: TestAccAWSBeanstalkEnv_vpc (479.72s)
=== RUN   TestAccAWSBeanstalkEnv_template_change
--- PASS: TestAccAWSBeanstalkEnv_template_change (792.78s)
=== RUN   TestAccAWSBeanstalkEnv_basic_settings_update
--- PASS: TestAccAWSBeanstalkEnv_basic_settings_update (616.77s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    4576.505s
```
2017-01-31 15:16:22 -05:00
Clint 3cb8557d54 Merge pull request #11565 from hashicorp/b-aws-ecs-service-type-case
provider/aws: Fix issue with ECS Placement Strat. and type casing
2017-01-31 12:16:17 -06:00
clint shryock 7e9bfda31a provider/aws: Fix issue with ECS Placement Strat. and type casing
The API asks you to send lower case values, but returns uppercase ones.
Here we lowercase the returned API values.

There is no migration here because the field in question is nested in a
set, so the hash will change regardless. Anyone using this feature now
has it broken anyway.
2017-01-31 11:33:16 -06:00
Naoto Yokoyama e2b3ee5fbf provider/aws: add `aws_ecs_task_definition` datasource (#8509) 2017-01-31 17:28:11 +00:00
Jake Champlin ab9c94e331 Merge pull request #11563 from hashicorp/b-fix-instance-data-source-acctests
provider/aws: Fix aws instance data source acceptance tests
2017-01-31 12:25:00 -05:00
Jake Champlin f7d9e0b168
provider/aws: Fix aws instance data source acceptance tests
Fixes 2 acceptance tests for the `aws_instance` data source

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSInstanceDataSource_SecurityGroups'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:12:15 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstanceDataSource_SecurityGroups -timeout 120m
=== RUN   TestAccAWSInstanceDataSource_SecurityGroups
--- PASS: TestAccAWSInstanceDataSource_SecurityGroups (119.14s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    119.172s
```

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSInstanceDataSource_tags'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:15:42 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstanceDataSource_tags -timeout 120m
=== RUN   TestAccAWSInstanceDataSource_tags
--- PASS: TestAccAWSInstanceDataSource_tags (118.87s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    118.900s
```
2017-01-31 12:19:25 -05:00
Jake Champlin 7e23340f3a
provider/aws: Fix Cloudwatch Log acceptance tests
Fixes `aws_cloudwatch_log_group` and `aws_cloudwatch_log_metric_filter` acceptance tests

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchLogMetricFilter_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:01:05 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchLogMetricFilter_basic -timeout 120m
=== RUN   TestAccAWSCloudWatchLogMetricFilter_basic
--- PASS: TestAccAWSCloudWatchLogMetricFilter_basic (27.36s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    27.390s
```

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchLogGroup_multiple'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:03:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchLogGroup_multiple -timeout 120m
=== RUN   TestAccAWSCloudWatchLogGroup_multiple
--- PASS: TestAccAWSCloudWatchLogGroup_multiple (16.39s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    16.422s
```
2017-01-31 12:06:06 -05:00
Raphael Randschau 12f55f4747 provider/aws: add aws_ecs_cluster datasource
since remove state is deprecated one needs a way to import an ecs_cluster
2017-01-31 17:48:51 +01:00
Linda Xu 2639ffcbec add Aurora create corss region read replica cluster function (#11428) 2017-01-31 13:39:24 +00:00
Jake Champlin 9de405ca31 provider/aws: Fix AWS EIP Assocaition Tests (#11533)
Fixes `aws_eip_association` acceptance tests

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEIPAssociation_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 18:31:28 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEIPAssociation_basic -timeout 120m
=== RUN   TestAccAWSEIPAssociation_basic
--- PASS: TestAccAWSEIPAssociation_basic (142.33s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    142.354s
```
2017-01-31 11:04:42 +00:00
Matthew 28cee57ef5 S3 Bucket Object Sever Side Encryption (#11261)
* added server_side_encryption to s3_bucket_object resource including associated acceptance test and documentation.

* got acceptance tests passing.

* made server_side_encryption a computed attribute and only set kms_key_id attribute if an S3 non-default master key is in use.

* ensured kms api is only interrogated if required.
2017-01-31 09:20:48 +00:00
Clint be9fc64967 Merge pull request #11530 from hashicorp/b-aws-test-fixes
provider/aws: Handful of Acc configuration tests
2017-01-30 16:13:24 -06:00
clint shryock 2313281eba fix db option group test 2017-01-30 15:48:52 -06:00
Jake Champlin c0c06ee876 Merge pull request #11526 from hashicorp/b-fix-rds-cluster-param-group-tests
provider/aws: Fix AWS RDS Cluster Parameter Group Tests
2017-01-30 16:36:21 -05:00
Jake Champlin 1b713e87b8
provider/aws: Fix AWS RDS Cluster Parameter Group Tests
Fixes `aws_rds_cluster_parameter_group` acceptance tests, which have been broken since aa8c2ac587

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBClusterParameterGroupOnly'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:20:38 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBClusterParameterGroupOnly -timeout 120m
=== RUN   TestAccAWSDBClusterParameterGroupOnly
--- PASS: TestAccAWSDBClusterParameterGroupOnly (15.26s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	15.282s
```

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBClusterParameterGroup_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:22:48 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBClusterParameterGroup_basic -timeout 120m
=== RUN   TestAccAWSDBClusterParameterGroup_basic
--- PASS: TestAccAWSDBClusterParameterGroup_basic (29.48s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	29.510s
```
2017-01-30 16:28:24 -05:00
clint shryock 75121fe00e clean up db subnet name collisiosn 2017-01-30 15:19:24 -06:00
clint shryock 7fcbc0495c randomize Beanstalk test name 2017-01-30 15:06:29 -06:00
Jake Champlin c9dd87d03a
provider/aws: Fix cloudwatch log subscription filter test
Fixes `aws_cloudwatch_log_subscription_filter` acceptance tests that had been failing since mid December

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudwatchLogSubscriptionFilter_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:00:05 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudwatchLogSubscriptionFilter_basic -timeout 120m
=== RUN   TestAccAWSCloudwatchLogSubscriptionFilter_basic
--- PASS: TestAccAWSCloudwatchLogSubscriptionFilter_basic (26.34s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	26.364s
```
2017-01-30 16:03:55 -05:00
Jake Champlin feafe3c0b5
provider/aws: Fix acceptance tests for autoscaling schedule
Fixes acceptance tests for `aws_autoscaling_schedule` resource

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAutoscalingSchedule_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 14:40:34 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAutoscalingSchedule_basic -timeout 120m
=== RUN   TestAccAWSAutoscalingSchedule_basic
--- PASS: TestAccAWSAutoscalingSchedule_basic (170.38s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	170.406s
```

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAutoscalingSchedule_disappears'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 15:00:49 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAutoscalingSchedule_disappears -timeout 120m
=== RUN   TestAccAWSAutoscalingSchedule_disappears
--- PASS: TestAccAWSAutoscalingSchedule_disappears (179.23s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	179.253s
```
2017-01-30 15:07:10 -05:00
Jake Champlin 9cdd7547e1 Merge pull request #11474 from hashicorp/b-fix-aws-alb-import
provider/aws: Import aws_alb_listener_rule fix
2017-01-30 08:49:24 -05:00
yn 8ea5d53954 SNS Topic Subscription: import more attributes (#10408) 2017-01-30 11:52:23 +00:00
snakeb1t 747ca75bfe kms CreateKey: retry if arn in policy not yet seen (#11509)
if KMS service doesn't think a resource exists which is listed in
a Key policy, then CreateKey fails. so retry until it's seen
by KMS service.
2017-01-30 11:23:43 +00:00
Borgstrom ♕ 01a6bd7592 provider/aws: New data provider to decrypt KMS secrets (#11460)
* Add a new data provider to decrypt AWS KMS secrets

* Address feedback

* Rename aws_kms_secrets to aws_kms_secret
* Add more examples to the documentation
2017-01-29 21:01:38 +00:00
Paul Stack 4ebd207803 provider/aws: Add support for policy to AWS provider assume_role (#11501)
Fixes: #11461

This will allow the user to pass a policy to further restrict the use
of AssumeRole. It is important to note that it will NOT allow an
expansion of access rights
2017-01-29 20:32:24 +00:00
julius-bonial 5d8662d5da fix wrong usage of hashicorp/errwrap (#11500)
According to https://github.com/hashicorp/errwrap
'{{err}}' has to be used instead of '%s'

Without this patch, error output from terraform is missing important information:
* aws_cloudwatch_log_group.logs: Error Getting CloudWatch Logs Tag List: %s

With this patch, I get the important information. E.g.:
* aws_cloudwatch_log_group.logs: Error Getting CloudWatch Logs Tag List: AccessDeniedException: User: arn:aws:sts::XYZ:assumed-role/AAA-BBB-CCC/terraform-assuming-role-assume-role-ReadOnly is not authorized to perform: logs:ListTagsLogGroup on resource: arn:aws:logs:us-east-1:XYZ:log-group:logs:log-stream:
2017-01-29 19:19:48 +00:00
Jake Champlin 96f6044908 provider/aws: ECS Placement constraints fix (#11475)
* fixing AWS ECS placement constraints

* correcting AWS ECS task definition doc

* reverting unnecessary change to resource_aws_ecs_task_definition

* provider/aws: ECS Placement constraints fix

Expands upon #11446 from @bgetsug

Adds:
 - Acceptance Test
 - Improves `nil` check on constraint expression

 Fixes: #10968
2017-01-29 16:42:50 +00:00
Jake Champlin 8b66d137d1
provider/aws: Import aws_alb_listener_rule fix
Allows the user to import a default aws_alb_listener_rule. When creating the resource with TF, the AWS API requires that `priority` be an integer.
However, the `DescribeRules` API call returns a string for `priority`. This would work in every case except for the `default` listener rule, which sets the `priority` value to the string "default".

This fixes the previous error:
```
Error importing: 1 error(s) occurred:

* aws_alb_listener_rule.test: Cannot convert rule priority %q to int: strconv.ParseInt: parsing "default": invalid syntax
```

Fixes: #11464
2017-01-27 14:55:34 -05:00
Jack Pearkes b0096abbe3 provider/aws: allow destroy of LB stickiness policy with missing LB (#11462)
Previously an attempt to destroy a LB stickiness policy would
result in an error like this:

```
* aws_lb_cookie_stickiness_policy.foo: Error removing LBCookieStickinessPolicy: LoadBalancerNotFound: There is no ACTIVE Load Balancer named 'tf-test-lb-tqatd'
    status code: 400, request id: 28af1167-e4a4-11e6-8ddd-57ba410cbbb6
```

This checks for a missing load balancer on the policy read and allows
the destroy.

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLBCookieStickinessPolicy_missingLB'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/27 07:21:11 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSLBCookieStickinessPolicy_missingLB -timeout 120m
=== RUN   TestAccAWSLBCookieStickinessPolicy_missingLB
--- PASS: TestAccAWSLBCookieStickinessPolicy_missingLB (28.90s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    28.929s
```
2017-01-27 21:14:23 +02:00