Previously we assumed the existence of some default objects that most
Opsworks users have because the Opsworks console creates them by default
when a new stack is created.
However, that meant that these tests wouldn't work correctly for anyone
who either had never used Opsworks via the UI or who had never accepted
the default of having the console create some predefined IAM objects to
use. It may also have led to some weird failures if a particular user had
customized the settings for these default objects.
Now the tests create suitable IAM roles, a policy and an instance profile
and use these when creating Opsworks stacks, avoiding any dependency
on any pre-existing objects.
This fixes#3998.
A "Layer" is a particular service that forms part of the infrastructure for
a set of applications. Some layers are application servers and others are
pure infrastructure, like MySQL servers or load balancers.
Although the AWS API only has one type called "Layer", it actually has
a number of different "soft" types that each have slightly different
validation rules and extra properties that are packed into the Attributes
map.
To make the validation rule differences explicit in Terraform, and to make
the Terraform structure more closely resemble the OpsWorks UI than its
API, we use a separate resource type per layer type, with the common code
factored out into a shared struct type.