Fixes crash in #2431
Decided that `findResourceSecurityGroup` should return an error when
the SG is not found, since the callers cannot happily continue with a
`nil` SG
Also passes through a few error cases that were being swallowed.
/cc @catsby
Some AMIs have a RootDeviceName like "/dev/sda1" that does not appear as a
DeviceName in the BlockDeviceMapping list (which will instead have
something like "/dev/sda")
While this seems like it breaks an invariant of AMIs, it ends up working
on the AWS side, and AMIs like this are common enough that we need to
special case it so Terraform does the right thing.
Our heuristic is: if the RootDeviceName does not appear in the
BlockDeviceMapping, assume that the DeviceName of the first
BlockDeviceMapping entry serves as the root device.
fixes#2224
* master:
Update CHANGELOG.md
Update CHANGELOG.md
Added affinity group resource.
update link to actually work
provider/azure: Fix SQL client name to match upstream
add warning message to explain scenario of conflicting rules
typo
remove debugging
Update CHANGELOG.md
provider/aws: Add docs for autoscaling_policy + cloudwatch_metric_alarm
provider/aws: Add autoscaling_policy
provider/aws: Add cloudwatch_metric_alarm
rename method, update docs
clean up some conflicts with
clean up old, incompatible test
update tests with another example
update test
remove meta usage, stub test
fix existing tests
Consider security groups with source security groups when hashing
* master: (23 commits)
typo
Update CHANGELOG.md
provider/aws: Add docs for autoscaling_policy + cloudwatch_metric_alarm
provider/aws: Add autoscaling_policy
provider/aws: Add cloudwatch_metric_alarm
Update CHANGELOG.md
Update CHANGELOG.md
provider/template: don't error when rendering fails in Exists
Update CHANGELOG.md
Added Azure SQL server and service support.
Update CHANGELOG.md
docs: clarify wording around destroy/apply args
Getting Started: Added a Next Step upon finishing install.
docs: add description of archive format to download page
docs: snapshot plugin dependencies when releasing
add v0.5.3 transitory deps
Fixes support for changing just the read / write capacity of a GSI
Change sleep time for DynamoDB table waits from 3 seconds to 5 seconds
Remove request for attribute changes
Fix AWS SDK imports
...
The Exists function can run in a context where the contents of the
template have changed, but it uses the old set of variables from the
state. This means that when the set of variables changes, rendering will
fail in Exists. This was returning an error, but really it just needs to
be treated as a scenario where the template needs re-rendering.
fixes#2344 and possibly a few other template issues floating around
Previously they would conflict you had multiple security group rules
with the same ingress or egress ports but different source security
groups because only the CIDR blocks were considered (which are empty
when using source security groups).
Updated to include migrations (from clint@ctshryock.com)
Signed-off-by: Clint Shryock <clint@ctshryock.com>
regex solution is extremely complex, which makes it hard to debug and
understand; the original switches and
commenting lay out the various cases in a straightforward fashion. Plus,
implementing namespace/repo support in the original code was a simple
strings.Join call.
This commit converts the openstack compute instances security groups to
a set from a list.
This fixes ordering problems which forces or indicates change to security
groups where none exist, and mimics the functionality in the aws
provider's compute resource.
Includes fixes from dupuy addressing crashes due to an empty state.
I snuck this in with #2263 because thought it was simply a stylistic
clarity thing, but it actually generates a resource-replacement-forcing
diff for existing resources that don't have this set in the config.
Definitely don't want that. :P
/cc @catsby
* master: (91 commits)
update CHANGELOG
update CHANGELOG
state/remote: more canonical Go for skip TLS verify
update CHANGELOG
update CHANGELOG
command/apply: flatten multierrors
provider/aws: improve iam_policy err msgs
acc tests: ensure each resource has a _basic test
aws/provider convert _normal tests to _basic
go fmt
Enpoint type configuration for OpenStack provider
Fix page title for aws_elasticache_cluster
Update CHANGELOG.md
Corrected Frankfurt S3 Website Endpoint fixes#2258
Only run Swift tests when Swift is available
Implement OpenStack/Swift remote
Minor correction to aws_s3_bucket docs
docs: Fix wrong title (aws_autoscaling_notification)
provider/aws: clarify scaling timeout error
Update CHANGELOG.md
...
This is an iteration on the great work done by @dalehamel in PRs #2095
and #2109.
The core team went back and forth on how to best model Spot Instance
Requests, requesting and then rejecting a separate-resource
implementation in #2109.
After more internal discussion, we landed once again on a separate
resource to model Spot Instance Requests. Out of respect for
@dalehamel's already-significant donated time, with this I'm attempting
to pick up the work to take this across the finish line.
Important architectural decisions represented here:
* Spot Instance Requests are always of type "persistent", to properly
match Terraform's declarative model.
* The spot_instance_request resource exports several attributes that
are expected to be constantly changing as the spot market changes:
spot_bid_status, spot_request_state, and instance_id. Creating
additional resource dependencies based on these attributes is not
recommended, as Terraform diffs will be continually generated to keep
up with the live changes.
* When a Spot Instance Request is deleted/canceled, an attempt is made
to terminate the last-known attached spot instance. Race conditions
dictate that this attempt cannot guarantee that the associated spot
instance is terminated immediately.
Implementation notes:
* This version of aws_spot_instance_request borrows a lot of common
code from aws_instance.
* In order to facilitate borrowing, we introduce `awsInstanceOpts`, an
internal representation of instance details that's meant to be shared
between resources. The goal here would be to refactor ASG Launch
Configurations to use the same struct.
* The new aws_spot_instance_request acc. test is passing.
* All aws_instance acc. tests remain passing.
When a user tried to create an `aws_network_interface` resource without specifying the `private_ips` or `security_groups` attributes the API call to AWS would fail with a 500 HTTP error. Length checks have been put in place for both of these attributes before they are added to the `ec2.CreateNetworkInterfaceInput` struct.
Documentation was also added for the `aws_network_interface` resource.
While cidr_block is required for static route creation, there are
apparently cases (involving some combination of VPNs, Customer Gateways,
and automatic route propogation) where the cidr_block can come back nil.
This means we cannot assume it's there in the set hash calculation.
We need to decode both the Raw config and the parsed Config to make
sure all set keys are visible. Otherwise keys that will need to be
interpolated later, will be missing causing the validation to fail.