This commits changes the documentation of the aws_ecs_task_definition
resource to ensure that the `container_definitions` attribute consumes
a valid JSON document containing a list of valid container definitions,
rather than that the attribute itself is a list, etc.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Added updated instructions for creating app registration in the new ARM portal. Updated instructions for granting permissions to the app registration as well.
Hi there!
Started playing with the Bitbucket provider (great job @cwood!) and wanted to import a few dozen repositories. The documentation currently does not list it, but importing repositories is possible, using the following (for a repository identified as `my-repo`:
```
$ terraform import bitbucket_repository.my-repo my-repo
```
Hope this helps!
Add information under Variable Files to explain how terraform.tfvars file is used. currently that documenation only exists in the getting started guide. The added information was taken directly from the getting started guide.
bootscripts allow you to start Scaleway servers with a specific kernel version.
The `scaleway_server` has always had a bootscript parameter, and the
`scaleway_bootscript` datasource allows you to lookup bootscripts to be used in
conjunction with the `scaleway_server` resource.
Specified that the security group needs to be addressed by it's id and not by its name. This will assist when debugging the error with message "{name} is invalid. Expect fully qualified resource Id that start with azure .properties.networkSecurityGroup.id"
With the addition of github_repository it may be confusing that
github_team_repository only creates relationships, rather than creating
actual repositories. To reduce the chance of confusion, we'll make this
explicit in the docs for github_team_repository.
Also taking this opportunity to make the examples consistent with what
would be produced by hclfmt.
Example addons_config was supposed to show how to disable addons (http_load_balancing and horizontal_pod_autoscaling), but it was enabling them instead.
For AWS Route53 zones the ID is not the domain name, it is the Zone ID.
When I took your "If you're unsure, feel free to just try an ID." advice to heart I figured it out pretty quickly, but still, getting it right the first time would be nice.
panic on the Read func
Fixes#8995
The Diagnostics profile was a badly laid out resource. All we needed to
set was whether it was enabled and the storage account to save the logs
to. The old schema parameter was deprecated and replaced with a much
simplier structure
```
% make testacc TEST=./builtin/providers/azurerm TESTARGS='-run=TestAccAzureRMVirtualMachine_diagnosticsProfile'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/29 12:21:04 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/azurerm -v
-run=TestAccAzureRMVirtualMachine_diagnosticsProfile -timeout 120m
=== RUN TestAccAzureRMVirtualMachine_diagnosticsProfile
--- PASS: TestAccAzureRMVirtualMachine_diagnosticsProfile (1066.76s)
PASS
ok
github.com/hashicorp/terraform/builtin/providers/azurerm1066.776s
```
This adds a note in the `aws_iam_policy_document` documentation that
`resources` is required by AWS if used on an IAM policy. Also added a
note on `aws_iam_policy` that `aws_iam_policy_document` is a good thing
to use when configuring.
Closes#9002
This page did not show how to actually use a list as a list. The
variables page states that "The usage of maps, list, strings, etc. is
documented fully in the interpolation syntax page", but that wasn't the
case.
I've split them out to list them explicitly and provide examples of
each.
Closes#9037
This allows Storage Service Encryption to be enabled.
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMStorageAccount -timeout 120m
=== RUN TestAccAzureRMStorageAccount_importBasic
--- PASS: TestAccAzureRMStorageAccount_importBasic (139.00s)
=== RUN TestAccAzureRMStorageAccount_basic
--- PASS: TestAccAzureRMStorageAccount_basic (151.03s)
=== RUN TestAccAzureRMStorageAccount_blobEncryption
--- PASS: TestAccAzureRMStorageAccount_blobEncryption (149.94s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 440.051s
This commit adds a new HTTP method to a list of valid HTTP methods which
is now accepted by API Gateway.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
A default authorization rule is created by Azure which, if present is exported by
the resource.
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMServiceBusNamespace -timeout 120m
=== RUN TestAccAzureRMServiceBusNamespaceCapacity_validation
--- PASS: TestAccAzureRMServiceBusNamespaceCapacity_validation (0.00s)
=== RUN TestAccAzureRMServiceBusNamespaceSku_validation
--- PASS: TestAccAzureRMServiceBusNamespaceSku_validation (0.00s)
=== RUN TestAccAzureRMServiceBusNamespace_basic
--- PASS: TestAccAzureRMServiceBusNamespace_basic (352.03s)
=== RUN TestAccAzureRMServiceBusNamespace_readDefaultKeys
--- PASS: TestAccAzureRMServiceBusNamespace_readDefaultKeys (349.17s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 701.278s
use us-west-2 region in tests
update test with working config
provider/aws: Update EMR contribution with passing test, polling for instance in DELETE method
remove defaulted role
document emr_cluster
rename aws_emr -> aws_emr_cluster
update docs for name change
update delete timeout/polling
rename emr taskgroup to emr instance group
default instance group count to 0, down from 60
update to ref emr_cluster, emr_instance_group
more cleanups for instance groups; need to read and update
add read, delete method for instance groups
refactor the read method to seperate out the fetching of the specific group
more refactoring for finding instance groups
update emr instance group docs
err check on reading HTTP. Dont' return the error, just log it
refactor the create method to catch optionals
additional cleanups, added a read method
update test to be non-master-only
wrap up the READ method for clusters
poll for instance group to be running after a modification
patch up a possible deref
provider/aws: EMR cleanups
fix test naming
remove outdated docs
randomize emr_profile names
Fixes#9194
Removes the validation for the types and adds an acceptance test to make
sure we get a successful Sql Database created
```
% make testacc TEST=./builtin/providers/azurerm TESTARGS='-run=TestAccAzureRMSqlDatabase_datawarehouse'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/03 21:57:16 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/azurerm -v
-run=TestAccAzureRMSqlDatabase_datawarehouse -timeout 120m
=== RUN TestAccAzureRMSqlDatabase_datawarehouse
--- PASS: TestAccAzureRMSqlDatabase_datawarehouse (307.95s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm307.963s
```
* Parameter is Objective, not Object
* Clarify what resource group needs to be used
* Name paramter is the database name
* Link to Azure docs for SQL Database Tiers/Editions/Size limits
Minor grammar and style edits.
Also updated Consul example to not use `demo.consul.io` - seems like a bad idea to hard-code something folks might cut-n-paste to a host that's public. Principle of least risk, etc.
The primary purpose of this data source is to ask the question "what is
my current region?", but it can also be used to retrieve the endpoint
hostname for a particular (possibly non-current) region, should that be
useful for some esoteric case.
This adds a singular data source in addition to the existing plural one.
This allows retrieving data about a specific AZ.
As a helper for writing reusable modules, the AZ letter (without its
usual region name prefix) is exposed so that it can be used in
region-agnostic mappings where a different value is used per AZ, such as
for subnet numbering schemes.
In c244e5a6 this resource was converted to a data source, but that was
a mistake since data sources are expected to produce stable results on
each run, and yet certificate requests contain a random nonce as part of
the signature.
Additionally, using the data source as a managed resource through the
provided compatibility shim was not actually working, since "Read" was
trying to parse the private key out of a SHA1 hash of the key, which is
what we place in state due to the StateFunc on that attribute.
By restoring this we restore Terraform's ability to produce all of the
parts of a basic PKI/CA, which is useful for creating dev environments
and bootstrapping PKI for production environments.
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.
This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.
Fixeshashicorp/terraform#8730.
* provider/aws: Fix importing of EIP by IP address
EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.
This PR does:
- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id
I chose not to document that looking up by IP is a method of import,
because the AWS API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.
Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.
* fix issue with swapping IDs on EC2 Classic
* update docs
* update comment
Based on support case with AWS, CloudWatch Events invoking Lambda should also specify the `source_arn`
Example, the resulting policy needs to be like:
```
{
"Condition": {
"ArnLike": {
"AWS:SourceArn": "arn:aws:events:us-east-1:0123456789:rule/my-cloudwatch-events-rule"
}
},
"Action": "lambda:InvokeFunction",
"Resource": "arn:aws:lambda:us-east-1:0123456789:function:my-lambda-function",
"Effect": "Allow",
"Principal": {
"Service": "events.amazonaws.com"
},
"Sid": "AllowMyCloudWatchEventRuleToCallMyLambda"
}
```
aws_alb_target_group will ForceNew resource
Fixes#8741
The modify-target-group doesn't allow changes to name, port, protocol or
vpc_id - therefore, they should all be ForceNew: true
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/22 16:04:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (50.66s)
=== RUN TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (84.48s)
=== RUN TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (95.89s)
=== RUN TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (85.77s)
=== RUN TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (85.00s)
=== RUN TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (88.11s)
=== RUN TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (82.15s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 572.083s
```
Clarified that to send notifications to more than one Lambda function requires a single `s3_bucket_notification` element with multiple `lambda_function` configuration elements.
If multiple `s3_bucket_notification` elements, each with a single `lambda_function` element are used, one of the configurations is applied, seemingly at random.
Fixes#3605 and adds the functionality suggested in PR #7440.
This PR is using a different appraoch that (IMHO) feels cleaner and (even more important) adds support for Windows at the same time.
- add remote state provider backed by Joyent's Manta
- add documentation of Manta remote state provider
- explicitly check for passphrase-protected SSH keys, which are currently
unsupported, and generate a more helpful error (borrowed from Packer's
solution to the same problem):
https://github.com/mitchellh/packer/blob/master/common/ssh/key.go#L27
When creating a CloudWatch Metric for an Application Load Balancer it is
neccessary to use the suffix of the ARN as the reference to the load
balancer. This commit exposes that as an attribute on the `aws_alb`
resource to prevent the need to use regular expression substitution to
make the reference.
Fixes#8808.
I noticed that Terraform is not (anymore) parsing the value of environment variable `AWS_SECURITY_TOKEN` (which was re-added in May 2015: https://github.com/hashicorp/terraform/pull/1785)
Example ENV:
```
AWS_SECURITY_TOKEN="FQo...vgU="
AWS_ACCESS_KEY_ID="A...A"
AWS_SECRET_ACCESS_KEY="I...t"
AWS_DEFAULT_REGION="eu-west-1"
```
This errors with messages akin to "AWS was not able to validate the provided access credentials".
Setting `AWS_SESSION_TOKEN` instead of `AWS_SECURITY_TOKEN` on the other hand works just fine and seems to be in line with what is suggested in the code: d1ac7d3b2e/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go (L69), making this whole thing a documentation change.
Happy to provide test cases or additional insights though!