aws_elasticache_replication_group caused a panic
Fixes#9097
The update for `parameter_group_name` was trying to find the incorrect
value to set `cache_parameter_group_name` - this is what was causing the
panic
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_updateParameterGroup'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/28 11:17:30 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSElasticacheReplicationGroup_updateParameterGroup -timeout
120m
=== RUN TestAccAWSElasticacheReplicationGroup_updateParameterGroup
--- PASS: TestAccAWSElasticacheReplicationGroup_updateParameterGroup
(903.90s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws903.931s
```
values
Fixes#8332
Not all option_group parameters have values. For example, when you
enable the MariaDB option_group, some of the settings have empty values
(see screenshot)
This PR adds a safety net on reading those values back to the statefile
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBOptionGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/26 13:55:21 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDBOptionGroup_ -timeout 120m
=== RUN TestAccAWSDBOptionGroup_importBasic
--- PASS: TestAccAWSDBOptionGroup_importBasic (20.12s)
=== RUN TestAccAWSDBOptionGroup_basic
--- PASS: TestAccAWSDBOptionGroup_basic (18.45s)
=== RUN TestAccAWSDBOptionGroup_basicDestroyWithInstance
--- PASS: TestAccAWSDBOptionGroup_basicDestroyWithInstance (597.90s)
=== RUN TestAccAWSDBOptionGroup_OptionSettings
--- PASS: TestAccAWSDBOptionGroup_OptionSettings (33.27s)
=== RUN TestAccAWSDBOptionGroup_sqlServerOptionsUpdate
--- PASS: TestAccAWSDBOptionGroup_sqlServerOptionsUpdate (33.39s)
=== RUN TestAccAWSDBOptionGroup_multipleOptions
--- PASS: TestAccAWSDBOptionGroup_multipleOptions (19.87s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 723.037s
```
Fixes#6758
We used to throw an error when this was the case - we should refresh
from state so the association can be recreated
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEIPAssociation_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/26 16:42:37 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEIPAssociation_ -timeout 120m
=== RUN TestAccAWSEIPAssociation_basic
--- PASS: TestAccAWSEIPAssociation_basic (272.92s)
=== RUN TestAccAWSEIPAssociation_disappears
--- PASS: TestAccAWSEIPAssociation_disappears (119.62s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws392.559s
```
Fixes#9025
We were assuming there would always be a changeInfo record and then
dereferencing the ID. This wasn't always the case (As noted in #9025)
where it was a delete rather than a delete / create action
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRoute53Record_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/26 11:26:43 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSRoute53Record_ -timeout 120m
=== RUN TestAccAWSRoute53Record_basic
--- PASS: TestAccAWSRoute53Record_basic (114.99s)
=== RUN TestAccAWSRoute53Record_basic_fqdn
--- PASS: TestAccAWSRoute53Record_basic_fqdn (126.64s)
=== RUN TestAccAWSRoute53Record_txtSupport
--- PASS: TestAccAWSRoute53Record_txtSupport (113.25s)
=== RUN TestAccAWSRoute53Record_spfSupport
--- PASS: TestAccAWSRoute53Record_spfSupport (112.89s)
=== RUN TestAccAWSRoute53Record_generatesSuffix
--- PASS: TestAccAWSRoute53Record_generatesSuffix (113.29s)
=== RUN TestAccAWSRoute53Record_wildcard
--- PASS: TestAccAWSRoute53Record_wildcard (163.05s)
=== RUN TestAccAWSRoute53Record_failover
--- PASS: TestAccAWSRoute53Record_failover (121.15s)
=== RUN TestAccAWSRoute53Record_weighted_basic
--- PASS: TestAccAWSRoute53Record_weighted_basic (117.06s)
=== RUN TestAccAWSRoute53Record_alias
--- PASS: TestAccAWSRoute53Record_alias (116.97s)
=== RUN TestAccAWSRoute53Record_s3_alias
--- PASS: TestAccAWSRoute53Record_s3_alias (138.79s)
=== RUN TestAccAWSRoute53Record_weighted_alias
--- PASS: TestAccAWSRoute53Record_weighted_alias (241.48s)
=== RUN TestAccAWSRoute53Record_geolocation_basic
--- PASS: TestAccAWSRoute53Record_geolocation_basic (132.51s)
=== RUN TestAccAWSRoute53Record_latency_basic
--- PASS: TestAccAWSRoute53Record_latency_basic (121.29s)
=== RUN TestAccAWSRoute53Record_TypeChange
--- PASS: TestAccAWSRoute53Record_TypeChange (189.31s)
=== RUN TestAccAWSRoute53Record_empty
--- PASS: TestAccAWSRoute53Record_empty (127.31s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws
2050.012s
```
This commit adds simple logic which allows for a VPC Peering Connection
that is in a failed state (e.g. due to an overlapping IP address ranges,
etc.), to report such failed state as an error, rather then waiting for
the time out to occur.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
In c244e5a6 this resource was converted to a data source, but that was
a mistake since data sources are expected to produce stable results on
each run, and yet certificate requests contain a random nonce as part of
the signature.
Additionally, using the data source as a managed resource through the
provided compatibility shim was not actually working, since "Read" was
trying to parse the private key out of a SHA1 hash of the key, which is
what we place in state due to the StateFunc on that attribute.
By restoring this we restore Terraform's ability to produce all of the
parts of a basic PKI/CA, which is useful for creating dev environments
and bootstrapping PKI for production environments.
This commit fixes the issues where in a very rare cases the Amazon Machine
Image (AMI) would not have an image name set causing regular expression match
to fail with a nil pointer dereference. Also, the logic of if-else statements
was simplified (reduced branching since return is used a lot).
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Looks like AWS updated their API and now our tests are failing
because QueryStringCacheKeys was not included in the distribution
configuration.
This adds support for specifying query string cache keys in the
CloudFront distribution configuration, which ensures that only a subset
of query string keys are actually cached when forwarding query strings,
possibly improving performance.
This fixes an issue where an empty s3_origin_config could be supplied to
aws_cloudfront_distribution, "correctly" setting an empty default value.
Unfortunately the rest of the CloudFront structure helper functions are
not equipped to deal with this kind of scenario, and TF produces
spurious diffs upon future runs.
This removes the default and makes origin_access_identity required when
specifying s3_origin_config.
Note that it has always been intended behaviour that if someone does not
want to use an origin access identity, that s3_origin_config should not
be specified at all. This behaviour still works, as should be evident by
the (still) passing tests.
Fixeshashicorp/terraform#7930.
Added http_version to aws_cloudfront_distribution, which allows
selection of the maximum HTTP version to use in the distribution.
Defaults to http2.
Fixeshashicorp/terraform#8730.
* provider/aws: Fix importing of EIP by IP address
EIPs are meant to be imported by their allocation id, however, importing
by their EIP *appears* to work because this API actually accepts IP
lookup, despite the documentation asking for the allocation id.
This PR does:
- update docs on how to import EIPs
- fix case if user imported by IP, to switch to using the alloc id for
the resource id
I chose not to document that looking up by IP is a method of import,
because the AWS API docs do not explicitly say that looking up by IP is
OK, so I'd rather people not do it if it's not documented to stay that
way.
Alternatively, we could parse the resource ID and reject it (remove from
state with error/warning) if it doesn't match the `eipalloc-*` format,
but I thought this was a bit better UX.
* fix issue with swapping IDs on EC2 Classic
* update docs
* update comment
* provider/aws: Wait for Spot Fleet to drain before removing from state
Ensures the spot fleet is drained before reporting successful destroy
and moving on
* remove unreachable code
* hack to sleep and test regression/leak
* fix broken english in warning
aws_alb_target_group will ForceNew resource
Fixes#8741
The modify-target-group doesn't allow changes to name, port, protocol or
vpc_id - therefore, they should all be ForceNew: true
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/22 16:04:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (50.66s)
=== RUN TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (84.48s)
=== RUN TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (95.89s)
=== RUN TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (85.77s)
=== RUN TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (85.00s)
=== RUN TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (88.11s)
=== RUN TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (82.15s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 572.083s
```
This commits allows for the helper function to return an error which
would bubble up from e.g. JSON parsing, etc.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
This commit also removes unnecessary code from the StateFunc function,
and reduces it so that it only uses the normalizeJsonString helper.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Added the cluster address as a separate attribute to the configuration endpoint. When using the configuration endpoint in conjunction with route 53 it was appending the cluster address with the port and invalidating the route 53 record.
* Add JSON validation to the aws_cloudwatch_event_rule resource.
This commit adds support for new helper function which is used to
normalise and validate JSON string. Also adds new validation function
to wrap around the aforementioned helper.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Re-factor validation function.
This commit changes the logic of the function so that it would check length of
the normalised JSON string over the given string, plus short-circuit early
should JSON would not be valid.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds ValidateFunc to the policy attribute so that JSON parsing
errors can be caught early. Generally, when there is a ValidateFunc set for the
attribute, one can safely assume that before any of the creation and/or update
of the existing resource would happen it would have to succeed validation. Also
adds support for new helper function which is used to normalise JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This commit adds support for new helper function which is used to
normalise and validate JSON string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Add normalizeJsonString and validateJsonString functions.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Add unit test for the normalizeJsonString helper function.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Fix. Remove incrrect format string.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Remove surplus type assertion.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Add unit test for the validateJsonStringhelper function.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Remove surplus whitespaces.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
This comment corrects a simple typo in the error message issued when the
credentials are not working and/or do not offer access to AzureRM, etc.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Fixes#3605 and adds the functionality suggested in PR #7440.
This PR is using a different appraoch that (IMHO) feels cleaner and (even more important) adds support for Windows at the same time.
When creating a CloudWatch Metric for an Application Load Balancer it is
neccessary to use the suffix of the ARN as the reference to the load
balancer. This commit exposes that as an attribute on the `aws_alb`
resource to prevent the need to use regular expression substitution to
make the reference.
Fixes#8808.
In order to satisify scenarios where a lifecycle is block is used, we
would need the AWS ALB name field to be autogenerated. WE follow the
same work as AWS ELB, we prefix it with `tl-lb-`
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/08 12:43:40 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout
120m
=== RUN TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (79.81s)
=== RUN TestAccAWSALB_generatedName
--- PASS: TestAccAWSALB_generatedName (93.81s)
=== RUN TestAccAWSALB_namePrefix
--- PASS: TestAccAWSALB_namePrefix (73.48s)
=== RUN TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (181.32s)
=== RUN TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (66.03s)
=== RUN TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (130.82s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 625.285s
```
* fixed vpc rename bug
* Tweak the suggested fix
There was an assertion error in the fix, and after discussing we felt it was better to split the two changes to make them independant.
enhanced monitoring
Fixes#8699
When configuring enhanced monitoring, a user got the following error:
```
* aws_db_instance.db: unexpected state 'configuring-enhanced-monitoring',
wanted target '[available]'``
We have added this to the list of pending states we have when creating
and updating an RDS instance
This change adds a data source to allow declaring IAM policies, as well as a
new resource to represent an existing GCP project. The project resource may
reference an IAM policy, allowing a user to set project-wide permissions.
Fixes#8541
The Update timeout and delete timeouts were a little short. Bumped them
to 60 mins and 90 mins respectively. I have been on the receiving of the
timeout for the Delete function
Previously the provider accepted non-standard environment variables. We
now accept the standard PGHOST/PGUSER/PGPASSWORD variables that psql
uses in addition the older ones.
This fix changes acceptance tests for VPN tunnel to use the correct ports (UDP
500 and 4500). It also changes the documentation to demonstrate using these
port single ports in a `port_range` field.
stack72