Commit Graph

158 Commits

Author SHA1 Message Date
Matt Kasa c2e35ae3b5
backend/http: add support for configuration by environment variable (#25439) 2020-09-02 08:35:08 -04:00
James Bardin d46e9a4198
Merge pull request #25770 from hashicorp/f/azure-backend-spcert
backend/azurerm: support for authenticating using a Client Certificate
2020-08-19 13:56:30 -04:00
Angie Pinilla 582fb73a7c deps: Update aws-sdk-go-based to 0.6.0 2020-08-18 12:49:31 -04:00
tombuildsstuff 0d34e5d97c backend/azurerm: support for authenticating using a Client Certificate
fixes #24179
supersedes #19606
dependent on #25769
2020-08-07 11:58:33 +02:00
Kristin Laemmert df244b87c2
command/init: return an error with invalid -backend-config files (#25411)
* command/init: return an error with invalid -backend-config files

The -backend-config flag expects a set of key-value pairs or a file
containing key-value pairs. If the file instead contains a full backend
configuration block, it was silently ignored. This commit adds a check
for blocks in the file and returns an error if they are encountered.

Fixes #24845

* emphasize backend configuration file in docs
2020-06-26 12:49:31 -04:00
Mikuláš Dítě 491733bb8e
Document swift support for locks
Introduced in https://github.com/hashicorp/terraform/pull/20211
2020-06-25 17:56:10 +02:00
Even Holthe 0f85b283b9
Azure backend: support snapshots/versioning (#24069)
* Azure backend: support snapshots/versioning

Co-authored-by: Reda Ahdjoudj <reda.ahdjoudj@gmail.com>
Co-authored-by: Patrick F. Marques <patrickfmarques@gmail.com>

* Azure backend: Versioning -> Snapshot

Co-authored-by: Reda Ahdjoudj <reda.ahdjoudj@gmail.com>
Co-authored-by: Patrick F. Marques <patrickfmarques@gmail.com>
2020-06-25 11:50:16 +02:00
John Houston ec3612c3d0
Fix errors in kubernetes backend documentation 2020-06-10 14:00:01 -04:00
James Bardin 7800ef63d4
Merge pull request #19525 from dramich/k8sback
backend/kubernetes: Add Kubernetes as a backend
2020-06-08 15:59:32 -04:00
Brian Flad ba081aa10a
backend/s3: Updates for Terraform v0.13.0 (#25134)
* deps: Update github.com/hashicorp/aws-sdk-go-base@v0.5.0

Updated via:

```
$ go get github.com/hashicorp/aws-sdk-go-base@v0.5.0
$ go mod tidy
$ go mod vendor
```

* backend/s3: Updates for Terraform v0.13.0

Reference: https://github.com/hashicorp/terraform/issues/13410
Reference: https://github.com/hashicorp/terraform/issues/18774
Reference: https://github.com/hashicorp/terraform/issues/19482
Reference: https://github.com/hashicorp/terraform/issues/20062
Reference: https://github.com/hashicorp/terraform/issues/20599
Reference: https://github.com/hashicorp/terraform/issues/22103
Reference: https://github.com/hashicorp/terraform/issues/22161
Reference: https://github.com/hashicorp/terraform/issues/22601
Reference: https://github.com/hashicorp/terraform/issues/22992
Reference: https://github.com/hashicorp/terraform/issues/24252
Reference: https://github.com/hashicorp/terraform/issues/24253
Reference: https://github.com/hashicorp/terraform/issues/24480
Reference: https://github.com/hashicorp/terraform/issues/25056

Changes:

```
NOTES

* backend/s3: Deprecated `lock_table`, `skip_get_ec2_platforms`, `skip_requesting_account_id` arguments have been removed
* backend/s3: Credential ordering has changed from static, environment, shared credentials, EC2 metadata, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata) to static, environment, shared credentials, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata)
* The `AWS_METADATA_TIMEOUT` environment variable no longer has any effect as we now depend on the default AWS Go SDK EC2 Metadata client timeout of one second with two retries

ENHANCEMENTS

* backend/s3: Always enable shared configuration file support (no longer require `AWS_SDK_LOAD_CONFIG` environment variable)
* backend/s3: Automatically expand `~` prefix for home directories in `shared_credentials_file` argument
* backend/s3: Add `assume_role_duration_seconds`, `assume_role_policy_arns`, `assume_role_tags`, and `assume_role_transitive_tag_keys` arguments

BUG FIXES

* backend/s3: Ensure configured profile is used
* backend/s3: Ensure configured STS endpoint is used during AssumeRole API calls
* backend/s3: Prefer AWS shared configuration over EC2 metadata credentials
* backend/s3: Prefer ECS credentials over EC2 metadata credentials
* backend/s3: Remove hardcoded AWS Provider messaging
```

Output from acceptance testing:

```
--- PASS: TestBackend (16.32s)
--- PASS: TestBackendConfig (0.58s)
--- PASS: TestBackendConfig_AssumeRole (0.02s)
--- PASS: TestBackendConfig_conflictingEncryptionSchema (0.00s)
--- PASS: TestBackendConfig_invalidKey (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyEncoding (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyLength (0.00s)
--- PASS: TestBackendExtraPaths (13.21s)
--- PASS: TestBackendLocked (28.98s)
--- PASS: TestBackendPrefixInWorkspace (5.65s)
--- PASS: TestBackendSSECustomerKey (17.60s)
--- PASS: TestBackend_impl (0.00s)
--- PASS: TestForceUnlock (17.50s)
--- PASS: TestKeyEnv (50.25s)
--- PASS: TestRemoteClient (4.78s)
--- PASS: TestRemoteClientLocks (16.85s)
--- PASS: TestRemoteClient_clientMD5 (12.08s)
--- PASS: TestRemoteClient_impl (0.00s)
--- PASS: TestRemoteClient_stateChecksum (17.92s)
```
2020-06-05 16:41:32 -04:00
Matthew Irish e36ed8968b
use example.com address in consul backend config
Currently the example config for the Consul backend uses a live Consul demo cluster at `demo.consul.io`. This results in TF state with sensitive information and all being stored on a public site when users just copy and paste the config. This PR changes it so that the config address isn't the public demo cluster.
2020-06-05 10:35:32 -05:00
John Houston 23fb8f6d21 Add kubernetes backend
Co-authored-by: Dan Ramich <danold215@gmail.com>
2020-06-04 02:29:57 -04:00
Daniel Dreier 1c024aa06f
Merge pull request #24319 from ritarock/improve_doc
improve s3.html.md
2020-05-21 14:33:14 -07:00
charlotte.mach 172d6caf04 Add info on dynamodb locking multiple state files as per issue #15303 2020-05-13 15:04:56 -07:00
kayrus bd344f9d73 Sync auth options with upstream openstack provider 2020-04-25 08:39:33 +02:00
James Bardin f6221100ee
Merge pull request #24149 from mlafeldt/fix-oss-state-locking
Fix & improve state locking of OSS backend
2020-03-11 10:28:12 -04:00
ryota.osaki b948856cbb fix typo 2020-03-09 11:27:33 +09:00
rita a77d5032d3 improve s3.html.md 2020-03-08 15:10:38 +09:00
zzhai 687d74786f
Update remote.html.md
A minor typo
2020-02-26 12:19:10 -08:00
Nick Fagerlund 758bf8500c website: Label backend data source examples as "data source configuration"
"Example referencing" was ambiguous and confusing, especially since these
sections don't show how to reference an output in an expression.
2020-02-20 14:45:04 -08:00
im2nguyen 4f10504ca0
website: add token setup callout to remote backend docs (#24109) 2020-02-18 16:28:12 -08:00
Mathias Lafeldt a4178d12d6
Update website documentation for OSS backend 2020-02-18 16:38:42 +01:00
Li Kexian 76e5b446ba
backend/cos: Add TencentCloud backend cos with lock (#22540)
* add TencentCloud COS backend for remote state

* add vendor of dependence

* fixed error not handle and remove default value for prefix argument

* get appid from TF_COS_APPID environment variables
2020-02-13 11:37:11 -05:00
Nick Fagerlund a797152648 website: Remove extra copy of "Running Terraform in Automation", update links
This document now lives at:

- https://learn.hashicorp.com/terraform/development/running-terraform-in-automation

...and terraform.io has been redirecting to there for quite a while. This commit
removes the extra copy so that the text of the two versions doesn't drift, and
updates existing links to point to the new location.
2020-02-05 14:58:30 -08:00
Martin Atkins 778f1ab138
website: Documentation for the "terraform login" command (#22727)
Co-authored-by: Alisdair McDiarmid <alisdair@users.noreply.github.com>
2020-02-04 11:30:40 -05:00
Paddy Carver b8752c7610 Add a backend-specific env var for the GCS backend.
Right now, the only environment variable available is the same
environment variable that will be picked up by the GCP provider. Users
would like to be able to store state in separate projects or accounts or
otherwise authenticate to the provider with a service account that
doesn't have access to the state. This seems like a reasonable enough
practice to me, and the solution seems straightforward--offer an
environment variable that doesn't mean anything to the provider to
configure the backend credentials. I've added GOOGLE_BACKEND_CREDENTIALS
to manage just the backend credentials, and documented it appropriately.
2019-12-12 03:35:39 -08:00
Jon Schulman 722eae2cec website: Fix example reference for remote backend (#23455)
Example reference had a missing `=` sign on line 133; this causes the workspace reference not to parse properly
2019-11-21 10:18:24 -08:00
Roger Berlind de4ef9c546 website: Clarify workspace concepts for remote backend
There are some differences between the Terraform CLI and Terraform Cloud ideas of workspaces.

This documentation aims to explain those differences and show different patterns for configuring the remote backend and the implications of different approaches.
2019-11-06 17:03:20 -08:00
He Guimin bfae627112 add a new field ecs_role_name to support more scenario 2019-11-02 00:09:46 +08:00
Pam Selle 2a292340d9 Add website docs 2019-10-17 11:12:00 -04:00
Anil Murty 54239f1002 website: Clarify remote operations for new Terraform Cloud Free tier (#22924) 2019-09-26 17:12:51 -07:00
Paddy 9b24ef7870
Merge pull request #21772 from luis-silva/21680/GCS_OAUTH
Add OAuth2 token support for GCS backend
2019-09-25 16:09:35 -07:00
Souradeep Nanda 8b2668bf56 website/docs oss backend: Clarification for type of primary key (#22591)
The primary key of the TableStore must be a string.
2019-09-06 09:05:05 -04:00
Kristin Laemmert 212d5b0b1c
Mildwonkey/docs updates (#22623)
* website/formatdate: update example

The given example was showing HOUR:MONTH instead of HOUR:MINUTE

Fixes #22598

* website/import: remove reference to no-longer-working option

Users can no longer supply `-config=""` to tell Terraform not to load
configuration for import.

Fixes #22294

* website/provisioners: `host` is required in connection blocks

Fixes #21877

* website/variables: clarify variable definition precedence

It was not entirely obvious that a variable could not be assigned
multiples times in a single source.

Fixes #21682

* website/backend/local: add `workspace_dir` attribute

Fixes #21391

* website/output: `sensitive` outputs are redacted in output

Fixes #21502

* website/backends: sidebar order tweak

It makes sense for backend 'configuration' to appear before 'init'.

Fixes #13796

* Revert "website/formatdate: update example"

This reverts commit ccd93c86ddd15a21625c0767702ee1cc62e77254.
2019-08-28 15:34:22 -04:00
Luis Silva 9ae8eca55d
Merge branch 'master' into 21680/GCS_OAUTH 2019-08-27 16:56:27 +01:00
yanndegat be5280e4e1 remote-state/pg: add option to skip schema creation (#21607)
* add `skip_schema_creation` option
* add sanity check to avoid situations where postgres users
  hasn't been granted the "CREATE SCHEMA" right

closes #21604

Signed-off-by: yann degat <yann@2kmail.net>
2019-08-27 11:14:32 -04:00
Pam Selle 8db00db564
Merge pull request #22559 from kayrus/swift-backend-docs
Backend: add missing swift options into docs
2019-08-26 12:05:37 -04:00
yuanye b69c0b4199 oss backend support profile 2019-08-23 21:04:34 +08:00
James Bardin 10d94fb764
Merge pull request #21967 from williams-brian/SSE-C_Remote_State
Add support for SSE-C to S3 backend
2019-08-22 17:30:28 -04:00
kayrus 270579eac4 Backend: add missing swift options into docs 2019-08-22 11:37:40 +02:00
Nick Fagerlund 3aa909ac6e website: Update URLs and name references for Terraform Cloud rebrand
The Terraform Enterprise brand has now been split into two parts:

- Terraform Cloud is the application that helps teams use Terraform together,
  with remote state storage, a shared run environment, etc.
- Terraform Enterprise is the on-premise distribution that lets enterprises run
  a private instance of the Terraform Cloud application.

The former TFE docs have been split accordingly.
2019-08-16 15:55:29 -07:00
Roger Berlind 64dbba1229 website/docs: Add state commands to remote backend (#21276)
I tested that all state commands work with remote backend using Terraform 0.11.13.
2019-08-16 11:45:27 -04:00
He Guimin a490dfa495 backend/oss: Support for assume role config 2019-07-30 23:27:17 +08:00
David Schmidt 91113aee83
Typo in example artifactory backend subpath 2019-07-15 18:16:56 -04:00
Pam Selle 21b1364535
Merge pull request #21553 from zippy1981/zippy1981-patch-1
Updated docs for using az cli or service principle
2019-07-12 13:55:41 -04:00
Pam Selle 19b8a9c02f
Merge pull request #21715 from petems/minor_spelling_fixes
Minor spelling fixes
2019-07-12 13:54:19 -04:00
Pam Selle 883300f6bc
Merge pull request #21840 from Anbcorp/patch-1
Fix typo in environment variable
2019-07-12 13:53:51 -04:00
Colin Fowler cd7bfba141 rebased to terraform master branch 2019-07-10 18:05:10 +01:00
Brian Williams 5e3c3bafb8 Add support for SSE-C to S3 backend
These changes add support for encrypting terraform remote-state in S3 using customer-supplied encryption keys (SSE-C).
2019-07-06 10:10:54 -05:00
Luis Silva f6c90c1d96 Add OAuth2 token support for GCS backend 2019-07-05 10:06:44 +01:00