Commit Graph

13259 Commits

Author SHA1 Message Date
stack72 054f46b1f9
provider/aws: Refresh AWS EIP association from state when not found
Fixes #6758

We used to throw an error when this was the case - we should refresh
from state so the association can be recreated

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEIPAssociation_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/26 16:42:37 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEIPAssociation_ -timeout 120m
=== RUN   TestAccAWSEIPAssociation_basic
--- PASS: TestAccAWSEIPAssociation_basic (272.92s)
=== RUN   TestAccAWSEIPAssociation_disappears
--- PASS: TestAccAWSEIPAssociation_disappears (119.62s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws392.559s
```
2016-09-26 16:50:51 +01:00
Paul Stack 14f5833aed Update CHANGELOG.md 2016-09-26 12:03:10 +01:00
Paul Stack a77d55c919 Merge pull request #8806 from optimisticanshul/8793-snapshot-identifier
Changing snapshot_identifier on aws_db_instance resource should force…
2016-09-26 12:01:47 +01:00
stack72 a367f3550f
provider/aws: guard against aws_route53_record delete panic
Fixes #9025

We were assuming there would always be a changeInfo record and then
dereferencing the ID. This wasn't always the case (As noted in #9025)
where it was a delete rather than a delete / create action

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRoute53Record_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/26 11:26:43 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRoute53Record_ -timeout 120m
=== RUN   TestAccAWSRoute53Record_basic
--- PASS: TestAccAWSRoute53Record_basic (114.99s)
=== RUN   TestAccAWSRoute53Record_basic_fqdn
--- PASS: TestAccAWSRoute53Record_basic_fqdn (126.64s)
=== RUN   TestAccAWSRoute53Record_txtSupport
--- PASS: TestAccAWSRoute53Record_txtSupport (113.25s)
=== RUN   TestAccAWSRoute53Record_spfSupport
--- PASS: TestAccAWSRoute53Record_spfSupport (112.89s)
=== RUN   TestAccAWSRoute53Record_generatesSuffix
--- PASS: TestAccAWSRoute53Record_generatesSuffix (113.29s)
=== RUN   TestAccAWSRoute53Record_wildcard
--- PASS: TestAccAWSRoute53Record_wildcard (163.05s)
=== RUN   TestAccAWSRoute53Record_failover
--- PASS: TestAccAWSRoute53Record_failover (121.15s)
=== RUN   TestAccAWSRoute53Record_weighted_basic
--- PASS: TestAccAWSRoute53Record_weighted_basic (117.06s)
=== RUN   TestAccAWSRoute53Record_alias
--- PASS: TestAccAWSRoute53Record_alias (116.97s)
=== RUN   TestAccAWSRoute53Record_s3_alias
--- PASS: TestAccAWSRoute53Record_s3_alias (138.79s)
=== RUN   TestAccAWSRoute53Record_weighted_alias
--- PASS: TestAccAWSRoute53Record_weighted_alias (241.48s)
=== RUN   TestAccAWSRoute53Record_geolocation_basic
--- PASS: TestAccAWSRoute53Record_geolocation_basic (132.51s)
=== RUN   TestAccAWSRoute53Record_latency_basic
--- PASS: TestAccAWSRoute53Record_latency_basic (121.29s)
=== RUN   TestAccAWSRoute53Record_TypeChange
--- PASS: TestAccAWSRoute53Record_TypeChange (189.31s)
=== RUN   TestAccAWSRoute53Record_empty
--- PASS: TestAccAWSRoute53Record_empty (127.31s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws
2050.012s
```
2016-09-26 11:27:56 +01:00
Paul Stack 702c3261b4 Update CHANGELOG.md 2016-09-26 09:30:20 +01:00
Paul Stack 01cef1a63c Merge pull request #9029 from hashicorp/b-cloudwatch-dimensions-read
provider/aws: Fix reading dimensions on cloudwatch alarms
2016-09-26 09:29:27 +01:00
Krzysztof Wilczynski a2a2de5db2
Add test to check for failed state of the VPC Peering Connection.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-09-26 09:17:24 +01:00
James Nugent 1464c8538d Merge pull request #9041 from gepser/master
Fixing broken link and fixing the readme for the digitalocean example
2016-09-25 18:27:43 -05:00
Gepser Hoil 213e89277d Merge pull request #1 from gepser/brokenlinkdo
Fixing broken link and fixing the readme for the digitalocean example
2016-09-25 17:24:35 -06:00
Gepser Hoil 4906440f13 Fixing broken link and fixing the readme for the digitalocean example 2016-09-25 17:22:13 -06:00
Krzysztof Wilczynski a58650c980
Make sure that VPC Peering Connection in a failed state returns an error.
This commit adds simple logic which allows for a VPC Peering Connection
that is in a failed state (e.g. due to an overlapping IP address ranges,
etc.), to report such failed state as an error, rather then waiting for
the time out to occur.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-09-25 15:50:08 +01:00
Evan Brown 0edb68ef5a Merge pull request #8977 from sl1pm4t/b-gcs-storage-class
provider/google: Add support for GCS StorageClass
2016-09-24 21:13:17 -07:00
Martin Atkins 0e3256b6f4 examples: creating VPCs and subnets across two regions
This example demonstrates both creating a network architecture *and* the
use of data resources to minimize the number of variables needed for a
child module by discovering additional data automatically.
2016-09-24 15:19:34 -07:00
Martin Atkins 94c45c67cd provider/aws: aws_region data source
The primary purpose of this data source is to ask the question "what is
my current region?", but it can also be used to retrieve the endpoint
hostname for a particular (possibly non-current) region, should that be
useful for some esoteric case.
2016-09-24 15:19:33 -07:00
Martin Atkins fca9216f53 provider/aws: availability zone data source
This adds a singular data source in addition to the existing plural one.
This allows retrieving data about a specific AZ.

As a helper for writing reusable modules, the AZ letter (without its
usual region name prefix) is exposed so that it can be used in
region-agnostic mappings where a different value is used per AZ, such as
for subnet numbering schemes.
2016-09-24 15:19:33 -07:00
Martin Atkins aa0b6019f8 provider/aws: aws_vpc data source 2016-09-24 15:19:33 -07:00
Martin Atkins 82f958cc17 provider/aws: aws_subnet data source 2016-09-24 15:19:33 -07:00
Martin Atkins de51398b39 provider/aws: utilities for building EC2 filter sets
These functions can be used within various EC2 data sources to support
querying by filter. The following cases are supported:

- Filtering by exact equality with single attribute values
- Filtering by EC2 tag key/value pairs
- Explicitly specifying raw EC2 filters in config

This should cover most of the filter use-cases for Terraform data
sources that are built on EC2's 'Describe...' family of functions.
2016-09-24 15:17:09 -07:00
Martin Atkins ab29eca045 core: don't force data resource id diff to be empty
In an attempt to always show "id" as computed we were producing a
synthetic diff for it, but this causes problems when the id attribute for
a particular data source is actually settable in configuration, since it
masks the setting from the config and forces it to always be empty.

Instead, we'll set it conditionally so that a value provided in the config
can shine through when available.
2016-09-24 12:48:58 -07:00
Martin Atkins 804d714ff6 Restore tls_cert_request to being a managed resource
In c244e5a6 this resource was converted to a data source, but that was
a mistake since data sources are expected to produce stable results on
each run, and yet certificate requests contain a random nonce as part of
the signature.

Additionally, using the data source as a managed resource through the
provided compatibility shim was not actually working, since "Read" was
trying to parse the private key out of a SHA1 hash of the key, which is
what we place in state due to the StateFunc on that attribute.

By restoring this we restore Terraform's ability to produce all of the
parts of a basic PKI/CA, which is useful for creating dev environments
and bootstrapping PKI for production environments.
2016-09-24 12:22:07 -07:00
Martin Atkins 7d2b51e6c5 Merge #9033: Fix crash in aws_ami data source with name_regex 2016-09-24 08:27:57 -07:00
Krzysztof Wilczynski 5af8c8080a
Fix. Handle missing AMI name when matching against image name.
This commit fixes the issues where in a very rare cases the Amazon Machine
Image (AMI) would not have an image name set causing regular expression match
to fail with a nil pointer dereference. Also, the logic of if-else statements
was simplified (reduced branching since return is used a lot).

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
2016-09-24 14:34:00 +01:00
Paul Stack 3a3a424479 Update CHANGELOG.md 2016-09-24 10:27:06 +01:00
Paul Stack 979af97b52 Merge pull request #9031 from kjmkznr/b-aws-s3-lifecycle
provider/aws: Fix failed remove S3 lifecycle_rule
2016-09-24 10:26:18 +01:00
Paul Stack 07edf65337 Update CHANGELOG.md 2016-09-24 09:56:43 +01:00
Paul Stack 464ea2d12a Merge pull request #9032 from AlexanderEkdahl/master
Corrected Seoul S3 Website Endpoint
2016-09-24 09:55:29 +01:00
Alexander Ekdahl d2861be48e Corrected Seoul S3 Website Endpoint 2016-09-24 17:43:58 +09:00
Alexander Ekdahl ec1ee7f2be Corrected Seoul S3 Website Endpoint Test 2016-09-24 17:42:52 +09:00
Kazunori Kojima 71f721cd3e
provider/aws: Fix failed remove S3 lifecycle_rule 2016-09-24 16:56:25 +09:00
Paul Hinze d642e6fbc0 Update CHANGELOG.md 2016-09-23 18:31:48 -05:00
Paul Hinze 12e76c0110 Merge pull request #9021 from kyhavlov/destroy_target_fix
core: Fixed variables not being in scope for destroy -target on modules
2016-09-23 18:31:24 -05:00
Paul Hinze 2449b45087
provider/aws: Fix reading dimensions on cloudwatch alarms
They're structs that need to be unrolled and d.Set was silently failing
on them before. This enhances the basic test to cover the change.
2016-09-23 18:26:04 -05:00
Kyle Havlovitz 3a2819de25 core: Fixed variables not being in scope for destroy -target on modules 2016-09-23 19:05:40 -04:00
Paul Stack bba511e9e7 Merge pull request #9027 from hashicorp/b-s3-life-doc
AWS S3 bucket life_cycle rule IDs must be unique.
2016-09-23 23:33:06 +01:00
Sean Chittenden 31f20a1f31
AWS S3 bucket life_cycle rule IDs must be unique. 2016-09-23 15:09:25 -07:00
Sean Chittenden 74eb2e74c1
Whitespace nit. 2016-09-23 10:59:27 -07:00
Paul Stack 00d88853bf Merge pull request #9017 from AMeng/patch-1
provider/aws: Update docs for aws_flow_log
2016-09-23 18:22:40 +01:00
Alex Meng 79e1c55680 aws_flow_docs
Update aws_flow_log docs with aws_cloudwatch_log_group resource example.
2016-09-23 11:18:17 -06:00
Paul Stack 582ba66e6c Update CHANGELOG.md 2016-09-23 13:48:58 +01:00
Chris Marchesi 5af63c233e
provider/aws: Add query_string_cache_keys to aws_cloudfront_distribution
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.

This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
2016-09-23 13:11:05 +01:00
Chris Marchesi c2b44217dd
provider/aws: Require CloudFront S3 origin origin_access_identity
This fixes an issue where an empty s3_origin_config could be supplied to
aws_cloudfront_distribution, "correctly" setting an empty default value.
Unfortunately the rest of the CloudFront structure helper functions are
not equipped to deal with this kind of scenario, and TF produces
spurious diffs upon future runs.

This removes the default and makes origin_access_identity required when
specifying s3_origin_config.

Note that it has always been intended behaviour that if someone does not
want to use an origin access identity, that s3_origin_config should not
be specified at all. This behaviour still works, as should be evident by
the (still) passing tests.

Fixes hashicorp/terraform#7930.
2016-09-23 13:10:50 +01:00
Chris Marchesi ec2b345ed0
provider/aws: Enable aws_cloudfront_distribution HTTP/2
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.

Fixes hashicorp/terraform#8730.
2016-09-23 13:10:33 +01:00
stack72 cea685099e
Merge branch 'elasticache-cluster-import' of https://github.com/AMeng/terraform into AMeng-elasticache-cluster-import 2016-09-23 10:04:57 +01:00
Paul Stack a8a1f6d166 Merge pull request #9007 from steve-jansen/patch-2
Update aws_lambda_permission doc for CloudWatch Events
2016-09-23 09:00:52 +01:00
tomgoren 208dc514df Fixed typo - no such thing as `aws_target_group` (#9005)
It seems like there was a typo and a reference was made to
`aws_target_group`, when the actual resource name is
`aws_alb_target_group`.
2016-09-22 22:21:03 -05:00
Clint 18e05a52e2 Update CHANGELOG.md 2016-09-22 21:54:31 -05:00
Clint b7ad602993 provider/aws: Fix importing of EIP by IP address (#8970)
* provider/aws: Fix importing of EIP by IP address

EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.

This PR does:

- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id

I chose not to document that looking up by IP is a method of import,
because the AWS  API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.

Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.

* fix issue with swapping IDs on EC2 Classic

* update docs

* update comment
2016-09-22 21:53:21 -05:00
Steve Jansen 2e7e284bc9 Update aws_lambda_permission for CloudWatch Events
Based on support case with AWS, CloudWatch Events invoking Lambda should also specify the `source_arn`

Example, the resulting policy needs to be like:
```
{
    "Condition": {
        "ArnLike": {
            "AWS:SourceArn": "arn:aws:events:us-east-1:0123456789:rule/my-cloudwatch-events-rule"
        }
    },
    "Action": "lambda:InvokeFunction",
    "Resource": "arn:aws:lambda:us-east-1:0123456789:function:my-lambda-function",
    "Effect": "Allow",
    "Principal": {
        "Service": "events.amazonaws.com"
    },
    "Sid": "AllowMyCloudWatchEventRuleToCallMyLambda"
}
```
2016-09-22 20:14:42 -04:00
Jarrod Jackson 50eb2338f0 Correct a typo in the description of the master_password argument. (#9004) 2016-09-22 15:58:02 -05:00
Clint 5a17f4a448 Update CHANGELOG.md 2016-09-22 15:23:05 -05:00