85c8595c89
Merge pull request #4108 from stack72/f-aws-route53-spf-record
...
provider/aws: Normalization of SPF records to prevent reporting changes
2015-11-30 13:15:32 +00:00
fece57f83b
Changing the IAM Role resource to allow update of Assume Policy Document
2015-11-30 12:52:07 +00:00
a556c98cde
Adding support for the escapaing of Route53 SPF records
2015-11-30 12:14:39 +00:00
0cca74fe76
Changing the S3 Bucket resource to allow the update of ACL by using PutBucketAcl
2015-11-26 21:45:48 +00:00
5753efa8af
Skip SG ID determination logic for Classic ELBs
2015-11-26 15:34:28 +01:00
632a9147cc
Adding support for Block_Durations to AWS Spot instance
2015-11-26 11:56:04 +00:00
b7a12e3a58
Merge pull request #4009 from apparentlymart/aws-opsworks-acctest-iam
...
provider/aws: AWS Opsworks tests bring their own IAM objects
2015-11-25 21:26:40 +02:00
c262bc72ea
Merge pull request #3895 from br0ch0n/rds_pub_access_param
...
Issue #3894 RDS publicly_accessible param shouldn't force new resource
2015-11-25 21:09:23 +02:00
e9cb722471
providers/aws: Fix issue recreating security group rule if it has been destroyed
2015-11-24 13:50:30 -06:00
288e568272
Merge pull request #4024 from rjeczalik/nil-deref-fix
...
provider/aws: fix for https://github.com/aws/aws-sdk-go/issues/452
2015-11-24 11:52:33 +02:00
9e66e18334
provider/aws: fix for https://github.com/aws/aws-sdk-go/issues/452
2015-11-24 09:30:21 +01:00
99e3d62cd8
provider/aws: Make VPC ID required on subnets
2015-11-23 16:53:49 +02:00
82050ff832
Merge pull request #4005 from hashicorp/b-aws-iam-user-delete
...
provider/aws: Fix issue deleting users who are attached to a group
2015-11-23 08:22:48 -06:00
7772a66b2f
Merge pull request #3940 from hashicorp/b-aws-spot-instance-updates
...
providers/aws: Update Spot Instance request to provide connection information
2015-11-23 08:22:07 -06:00
150e997a96
Changing the AWS ElastiCache cluster maintenance_window to enforce lowercase
2015-11-23 12:54:56 +00:00
52aad04930
Mistake in type refactor in cloudTrailGetLoggingStatus
...
When adjusting the types to prevent casting, I didn't change the error
message to handle the pointer change. "go tool vet" caught this.
2015-11-22 13:23:08 -07:00
9cec40ea3c
Add missing error-checks from code review
...
Some error-checking was omitted.
Specifically, the cloudTrailSetLogging call in the Create function was
ignoring the return and cloudTrailGetLoggingStatus could crash on a
nil-dereference during the return. Fixed both.
Fixed some needless casting in cloudTrailGetLoggingStatus.
Clarified error message in acceptance tests.
Removed needless option from example in docs.
2015-11-22 12:54:11 -07:00
484887c0c5
Change default for logging in CloudTrail to true
...
The default for `enable_logging`, which defines whether CloudTrail
actually logs events was originally written as defaulting to `false`,
since that's how AWS creates trails.
`true` is likely a better default for Terraform users.
Changed the default and updated the docs.
Changed the acceptance tests to verify new default behavior.
2015-11-22 10:47:23 -07:00
c9eeb161e0
Add a comment in tests
...
The purpose of the first test of enable_logging wasn't quite clear.
It's future-proofing against the assumptions made about AWS behavior.
2015-11-21 14:55:08 -07:00
11190144f0
AWS Opsworks tests bring their own IAM objects.
...
Previously we assumed the existence of some default objects that most
Opsworks users have because the Opsworks console creates them by default
when a new stack is created.
However, that meant that these tests wouldn't work correctly for anyone
who either had never used Opsworks via the UI or who had never accepted
the default of having the console create some predefined IAM objects to
use. It may also have led to some weird failures if a particular user had
customized the settings for these default objects.
Now the tests create suitable IAM roles, a policy and an instance profile
and use these when creating Opsworks stacks, avoiding any dependency
on any pre-existing objects.
This fixes #3998 .
2015-11-21 11:13:25 -08:00
f98dbbb580
Tests and docs for AWS CloudTrail "enable_logging"
...
Add acceptance tests for creation, enable, and disable logging.
Add option to docs and example.
2015-11-21 00:18:38 -07:00
52db098292
Add enable_logging to AWS CloudTrail
...
The AWS CloudTrail resource is capable of creating CloudTrail resources,
but AWS defaults the actual logging of the trails to `false`, and
Terraform has no method to enable or monitor the status of logging.
CloudTrail trails that are inactive aren't very useful, and it's a
surprise to discover they aren't logging on creation.
Added an `enable_logging` parameter to resource_aws_cloudtrail to enable
logging. This requires some extra API calls, which are wrapped in new
internal functions.
For compatibility with AWS, the default of `enable_logging` is set to
`false`.
2015-11-21 00:18:38 -07:00
233aab6e0a
provider/aws: Fix issue deleting users who are attached to a group
...
If you want to delete an IAM user, that user must not belong to any groups
2015-11-20 16:54:26 -06:00
cc70d25dc5
Merge pull request #3898 from hashicorp/b-aws-elb-iam-cert-delete
...
providers/aws: Retry deleting IAM Server Cert on dependency violation
2015-11-20 14:50:18 -06:00
9edbf6a7fc
Merge pull request #3908 from hashicorp/b-elb-cookie-fix
...
provider/aws: Fix issue with LB Cookie Stickiness and empty expiration period
2015-11-20 14:49:00 -06:00
9eb46c28b2
use a log group resourcE
2015-11-20 13:15:20 -06:00
cf5b32617b
fix vpn gateway refresh/reattach issue
2015-11-20 11:47:10 -06:00
73475edceb
update TestAccAWSFlowLog_subnet to use new cloudwatch resource, not needing env var anymore
2015-11-20 09:39:43 -06:00
fe204bb291
error test when env var is not supplied
2015-11-20 09:39:17 -06:00
4d0699b9dd
mark snapshots as computed for ElastiCache clusters
2015-11-20 09:39:17 -06:00
01b9af40d1
fix resource name in test
2015-11-19 15:44:40 -06:00
0874347478
update ami id for test
2015-11-19 15:37:05 -06:00
fd251e8b45
rename TestAccAWSRoute53Record_weighted to TestAccAWSRoute53Record_weighted_basic to test in isolation
2015-11-18 16:08:23 -06:00
5024d66f3c
Merge pull request #3970 from hashicorp/b-aws-iam-policy-attachfix
...
providers/aws: Fix typo in error checking for IAM Policy Attachments
2015-11-18 13:57:03 -06:00
5482e98927
Fix typo in error checking for IAM Policy Attachments
2015-11-18 13:48:46 -06:00
a211fc3469
Merge pull request #3965 from hashicorp/b-aws-sg-rules-v2-race
...
provider/aws: serialize SG rule access to fix race condition
2015-11-18 12:47:55 -06:00
6b6b5a43c3
provider/aws: serialize SG rule access to fix race condition
...
Because `aws_security_group_rule` resources are an abstraction on top of
Security Groups, they must interact with the AWS Security Group APIs in
a pattern that often results in lots of parallel requests interacting
with the same security group.
We've found that this pattern can trigger race conditions resulting in
inconsistent behavior, including:
* Rules that report as created but don't actually exist on AWS's side
* Rules that show up in AWS but don't register as being created
locally, resulting in follow up attempts to authorize the rule
failing w/ Duplicate errors
Here, we introduce a per-SG mutex that must be held by any security
group before it is allowed to interact with AWS APIs. This protects the
space between `DescribeSecurityGroup` and `Authorize*` / `Revoke*`
calls, ensuring that no other rules interact with the SG during that
span.
The included test exposes the race by applying a security group with
lots of rules, which based on the dependency graph can all be handled in
parallel. This fails most of the time without the new locking behavior.
I've omitted the mutex from `Read`, since it is only called during the
Refresh walk when no changes are being made, meaning a bunch of parallel
`DescribeSecurityGroup` API calls should be consistent in that case.
2015-11-18 12:39:59 -06:00
da8314ce8a
provider/aws: removed build-blocking unused variable.
2015-11-18 15:08:45 +02:00
306046b82b
Merge pull request #3955 from cbusbey/db_subnet_spaces
...
allow spaces in db subnet name
2015-11-17 22:38:36 +00:00
0bd8b32637
Merge pull request #3237 from GrayCoder/group-work
...
provider/aws: add support for group name and path changes with group update function
2015-11-17 16:37:40 -06:00
12d51edeb6
allow spaces in db subnet name
2015-11-17 12:48:56 -08:00
2ed867b5ab
Merge pull request #3945 from hashicorp/b-aws-r53-record-zone-fix
...
provider/aws: Fix crash in Route53 Record if Zone not found
2015-11-17 09:10:50 -06:00
6875e9aaec
Issue #3894 RDS publicly_accessible param shouldn't force new resource
...
Change-Id: I0a10e050ca1c4f2dde5e04f237de6115723522d8
2015-11-16 17:47:35 -08:00
00d0551933
aws: Add missing dereference operator
2015-11-16 23:19:45 +00:00
1413d032ee
provider/aws: Fix crash in Route53 Record if Zone not found
2015-11-16 17:15:17 -06:00
901e5fbf9f
fix log reference
2015-11-16 17:14:02 -06:00
8085e55eda
fix issue with undefined var
2015-11-16 16:29:52 -06:00
a8ceda1b15
Merge pull request #3914 from TimeIncOSS/b-aws-ecs-service-gone
...
provider/aws: Prevent crashing when deleting ecs_service which is gone
2015-11-16 21:46:06 +00:00
70f1c9c1e6
remove duplicate readInstance call
2015-11-16 15:16:41 -06:00
66ad974193
add acceptance test for spot instanace updates
2015-11-16 15:11:44 -06:00
f31b30d4a5
minor tweaks to connection info setup
2015-11-16 14:51:14 -06:00
d998e883fb
providers/aws: Update Spot Instance request to provide connection information
2015-11-16 14:43:24 -06:00
5c59bd95cb
Merge pull request #3924 from TimeIncOSS/b-aws-ecs-td-computed
...
provider/aws: Make all fields in ecs_task_definition ForceNew
2015-11-16 15:31:17 +00:00
4f25b552bb
use single import path for aws-sdk-go
2015-11-16 00:42:08 +01:00
33ca2a796f
Fix typo (Modifier -> Modified)
2015-11-14 12:19:29 +00:00
308edd6dd7
provider/aws: Make all fields in ecs_task_definition ForceNew
...
- fixes https://github.com/hashicorp/terraform/issues/2694
2015-11-14 10:36:01 +00:00
aae8fc8494
provider/aws: Add acceptance test for bugfix for #2694
2015-11-14 10:34:17 +00:00
d5ae5ba062
Merge pull request #3910 from hashicorp/phinze/s3-object-homedir-expand
...
provider/aws: homedir expand in s3 object source
2015-11-14 09:35:09 +00:00
0822776de0
provider/aws: If ecs_service isn't found during Read, delete it
2015-11-13 21:45:21 +00:00
d9a5de7f7d
provider/aws: Prevent crashing when deleting ecs_service which is gone
...
- fixes https://github.com/hashicorp/terraform/issues/3868
2015-11-13 21:42:29 +00:00
7d94c86958
go fmt structure files
2015-11-13 13:53:52 -06:00
bf88ee8ddb
fix test to include creation of placement group
2015-11-13 12:40:19 -06:00
44f259bd74
provider/aws: homedir expand in s3 object source
...
fixes #3856
2015-11-13 11:21:22 -06:00
e94fcdb9df
add validation for cookie stickiness
2015-11-13 10:46:27 -06:00
b81f9a9c52
provider/aws: Fix issue with LB Cookie Stickiness and empty expiration period
2015-11-13 10:34:15 -06:00
839fc5bfee
Merge pull request #3900 from Banno/fix-aws-route53-record-failover-weight
...
provider/aws: fix for creating failover route53 records
2015-11-12 16:56:59 -06:00
6fa69ede1c
add debugging statements to add/remove listeners
2015-11-12 16:20:54 -06:00
10ca0559ae
provider/aws: no weight for all set_identifier
2015-11-12 16:15:05 -06:00
c60a963908
providers/aws: Retry deleting IAM Server Cert on dependency violation
...
This will retry deleting a server cert
if it throws an error about being in use with an ELB (that we've likely just
deleted)
Includes test for ELB+IAM SSL cert bug dependency violation
2015-11-12 16:07:34 -06:00
b6738f13c1
Issue #3894 RDS publicly_accessible param shouldn't force new resource
...
Change-Id: I833f9e07f3fc1f6ee475673ad978b3982f0b6273
2015-11-12 13:33:27 -08:00
5cafe740ff
update wording on ssl cert error
2015-11-12 14:25:50 -06:00
1b2e068b19
add extra test block
2015-11-12 14:25:50 -06:00
fddafd2b96
providers/aws: Document and validate ELB ssl_cert and protocol requirements
2015-11-12 14:25:50 -06:00
dcf40661c8
Merge pull request #3863 from hashicorp/b-aws-elb-access-fix
...
providers/aws: Fix issue with removing access_logs from ELB
2015-11-12 14:24:58 -06:00
12d2ae1438
patch TestExpandElasticacheParameters test
2015-11-12 10:45:49 -06:00
e7e52ed98f
Correct test method names so that they are ran
2015-11-12 10:36:22 -06:00
90d70786ac
Align IAM version number to the current version (2012-10-17)
2015-11-13 00:32:45 +09:00
15a568c806
Merge pull request #3828 from TimeIncOSS/b-aws-ecs-service-del
...
provider/aws: Treat ecs_service w/ Status==INACTIVE as deleted
2015-11-12 00:01:50 +00:00
bcd63f62a3
provider/aws: Log removal of INACTIVE ECS service
2015-11-11 23:53:59 +00:00
7f2244183c
providers/aws: Fix issue with removing access_logs from ELB
2015-11-11 15:25:24 -06:00
b51f425dac
replace big retry func with resource.Retry
2015-11-11 10:53:23 -06:00
1ddfd7ced3
provider/aws: Add a retry function to rescue an error in creating Lifecycle Hooks
2015-11-11 10:25:23 -06:00
caa0baaf87
Merge pull request #3756 from hashicorp/pr-3708
...
providers/aws: Add `access_logs` to ELB resource [GH-3756]
2015-11-11 09:54:43 -06:00
03e7c6cf12
default true for auto_minor_update and allow updates for RDS DB Instance
2015-11-11 09:36:37 -06:00
7dd6b779ca
Add AutoMinorVersionUpgrade to RDS.
2015-11-11 09:35:53 -06:00
ac6efd86ed
Merge pull request #3810 from TimeIncOSS/f-aws-ecs-ephemeral-volumes
...
provider/aws: Support scratch volumes in ecs_task_definition
2015-11-10 23:22:22 +00:00
8c32536f3d
return err if we fail to set access_logs; other cleanups
2015-11-10 16:58:24 -06:00
0a1890c329
Merge branch 'master' into pr-3708
...
* master: (95 commits)
Update CHANGELOG.md
Update CHANGELOG.md
Update CHANGELOG.md
Update CHANGELOG.md
upgrade a warning to error
add some logging around create/update requests for IAM user
Update CHANGELOG.md
Update CHANGELOG.md
Build using `make test` on Travis CI
Update CHANGELOG.md
provider/aws: Fix error format in Kinesis Firehose
Update CHANGELOG.md
Changes to Aws Kinesis Firehouse Docs
Update CHANGELOG.md
modify aws_iam_user_test to correctly check username and path for initial and changed username/path
Update CHANGELOG.md
Update CHANGELOG.md
Prompt for input variables before context validate
Removing the AWS DBInstance Acceptance Test for withoutEngine as this is now part of the checkInstanceAttributes func
Making engine_version be computed in the db_instance provider
...
2015-11-10 16:52:45 -06:00
68764e6def
Merge pull request #3777 from hashicorp/pr-3751
...
provider/aws: fix panic with SNS topic policy if omitted
2015-11-10 16:45:42 -06:00
9e93f655e2
Merge pull request #3829 from hashicorp/b-aws-ecs-cluster-read
...
provider/aws: Fix issue that could occur if no ECS Cluster was found for a give name
2015-11-10 16:43:42 -06:00
dbc008e330
Merge pull request #3574 from hashicorp/b-aws-r53-name-fix
...
provider/aws: Downcase Route 53 record names in statefile
2015-11-10 16:41:40 -06:00
bea8e0b14f
Merge pull request #3780 from hashicorp/b-aws-elb-source-sg-id
...
providers/aws: Provide source security group id for ELBs
2015-11-10 16:38:55 -06:00
7152674f9b
upgrade a warning to error
2015-11-10 16:27:41 -06:00
b16b634e2b
add some logging around create/update requests for IAM user
2015-11-10 16:19:15 -06:00
8b1f7498af
Merge pull request #3227 from GrayCoder/master
...
provider/aws Implement username updates properly for aws-sdk-go
2015-11-10 16:17:07 -06:00
06d493cfb6
Merge pull request #3849 from hashicorp/b-fix-kinesis-firehose-vet
...
provider/aws: Fix error format in Kinesis Firehose
2015-11-10 16:55:53 -05:00
51fd5fafef
Merge pull request #3744 from stack72/f-aws-db-instance
...
provider/aws: Changing the db_instance resource to mark the engine_version as Optional
2015-11-10 15:48:06 -06:00
b48bd30227
provider/aws: Fix error format in Kinesis Firehose
2015-11-10 16:39:23 -05:00
7c50e3ed65
Merge pull request #3833 from stack72/aws-kinesis-firehose
...
provider/aws: Add Kinesis Firehose resource
2015-11-10 16:04:48 -05:00
5708457610
Merge pull request #3802 from pforman/2911-lc-prefix
...
provider/aws: add name_prefix option to launch config
2015-11-10 14:43:08 -06:00
James Nugent