* added server_side_encryption to s3_bucket_object resource including associated acceptance test and documentation.
* got acceptance tests passing.
* made server_side_encryption a computed attribute and only set kms_key_id attribute if an S3 non-default master key is in use.
* ensured kms api is only interrogated if required.
* Add a new data provider to decrypt AWS KMS secrets
* Address feedback
* Rename aws_kms_secrets to aws_kms_secret
* Add more examples to the documentation
Fixes: #11461
This will allow the user to pass a policy to further restrict the use
of AssumeRole. It is important to note that it will NOT allow an
expansion of access rights
- When creating an `iam_instance_profile` you will receive an error if you have multiple roles defined but have not increased your AWS limit for the number of roles you can assign to an `iam_instance_profile`.
- See more on defaults: http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html
* Added aws_api_gateway_integration request_templates in the documentation
* Added aws_api_gateway_integration_response response_templates in the documentation
* provider/aws: Remove hardcoded https from the ecr repository
When the ECR resource was created, we hardcoded the repository URL to
start with https://
This was a mistake as all interaction with the repository now must
include a replace function for the https:// to "" for this to be usable
We need to note this change in the backward incompatibilities
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEcrRepository_' ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/20 14:37:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEcrRepository_ -timeout 120m
=== RUN TestAccAWSEcrRepository_importBasic
--- PASS: TestAccAWSEcrRepository_importBasic (20.46s)
=== RUN TestAccAWSEcrRepository_basic
--- PASS: TestAccAWSEcrRepository_basic (18.77s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 39.251s
```
* Update ecr_repository.html.markdown
Updates ECS task_definition documentation, and schema validation functions to match the AWS API documentation.
Updates ECS service documentation, and schema validation functions match the AWS API documentation.
```
1 error(s) occurred:
* aws_elasticache_replication_group.cache: Error creating Elasticache Replication Group: InvalidParameterCombination: Expected a parameter group of family redis3.2 but found one of family redis2.8
status code: 400, request id: 9e6563a4-dd91-11e6-bc8b-ed011a44f429
```
Example code fails a validation:
```
Errors:
* aws_elasticache_replication_group.cache: "replication_group_id" must contain from 1 to 20 alphanumeric characters or hyphens
```
statistic
Fixes: #11189
This introduces a new parameter and makes an existing parameter from
`required` to `optional` as both cannot be specified together
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchMetricAlarm_' 2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/13 11:25:24 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchMetricAlarm_ -timeout 120m
=== RUN TestAccAWSCloudWatchMetricAlarm_importBasic
--- PASS: TestAccAWSCloudWatchMetricAlarm_importBasic (19.80s)
=== RUN TestAccAWSCloudWatchMetricAlarm_basic
--- PASS: TestAccAWSCloudWatchMetricAlarm_basic (20.42s)
=== RUN TestAccAWSCloudWatchMetricAlarm_extendedStatistic
--- PASS: TestAccAWSCloudWatchMetricAlarm_extendedStatistic (18.92s)
PASS
```
* provider/aws: New DataSource: aws_elb_hosted_zone_id
This datasource is a list of all of the ELB DualStack Hosted Zone IDs.
This will allow us to reference the correct hosted zone id when creating
route53 alias records
There are many bugs for this - this is just the beginning of fixing them
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElbHostedZoneId_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/04 13:04:32 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSElbHostedZoneId_basic -timeout 120m
=== RUN TestAccAWSElbHostedZoneId_basic
--- PASS: TestAccAWSElbHostedZoneId_basic (20.46s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 20.484s
```
* Update elb_hosted_zone_id.html.markdown
Documentation for the `aws_route_table` data source mentions that it supports a route table `id` as an argument, however it was missing from the actual provider code.
Adds in the missing provider code, adds a test, and updates the documentation to use `rtb_id` as the argument, instead of the more ambiguous `id`.
* provider/aws: New Resource - aws_codedeploy_deployment_config
* provider/aws: Adding acceptance tests for new
aws_codedeploy_deployment_config resource
* provider/aws: Documentation for the aws_codedeploy_deployment_config resource
* Update codedeploy_deployment_config.html.markdown
aws_api_gateway_integration_response
This continues the work carried out in #10696
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAPIGatewayIntegrationResponse_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 14:18:46 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSAPIGatewayIntegrationResponse_ -timeout 120m
=== RUN TestAccAWSAPIGatewayIntegrationResponse_basic
--- PASS: TestAccAWSAPIGatewayIntegrationResponse_basic (57.33s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws57.352s
```