Commit Graph

170 Commits

Author SHA1 Message Date
Clint fcdcb4b916 provider/aws: Default Network ACL resource (#6165)
* provider/aws: Default Network ACL resource

Provides a resource to manage the default AWS Network ACL. VPC Only.

* Remove subnet_id update, mark as computed value. Remove extra tag update

* refactor default rule number to be a constant

* refactor revokeRulesForType to be revokeAllNetworkACLEntries

Refactor method to delete all network ACL entries, regardless of type. The
previous implementation was under the assumption that we may only eliminate some
rule types and possibly not others, so the split was necessary.

We're now removing them all, so the logic isn't necessary

Several doc and test cleanups are here as well

* smite subnet_id, improve docs
2016-04-18 11:02:00 -05:00
Martin Atkins 94f338d5de Merge #4276: aws_opsworks_instance resource 2016-04-16 10:14:22 -07:00
Martin Atkins bb7b8d6550 Merge #4419: aws_opsworks_application resource 2016-04-16 09:28:12 -07:00
Chris Marchesi a38ccbe074 CloudFront distribution and origin access identity support (#5221)
* CloudFront implementation v3

* Update tests

* Refactor - new resource: aws_cloudfront_distribution

 * Includes a complete re-write of the old aws_cloudfront_web_distribution
   resource to bring it to feature parity with API and CloudFormation.
 * Also includes the aws_cloudfront_origin_access_identity resource to generate
   origin access identities for use with S3.
2016-04-14 14:55:11 -05:00
Jan Nabbefeld 6bf9f21c39 Opsworks Application support 2016-04-07 14:18:50 -07:00
KOJIMA Kazunori d646682d7a provider/aws: Support S3 bucket notification
* Implement aws_s3_bucket_notification resource
2016-04-04 21:23:06 -05:00
stack72 7e61947c0a provider/aws: Scaffold `aws_iam_user_ssh_key` resource 2016-03-22 01:19:16 +00:00
Radek Simko 3bfcd47238 provider/aws: Add support for CloudWatch Log Metric Filter 2016-03-15 15:01:20 +00:00
Jeff Tang bcd5904eea Add support for Opsworks Instances
New resource checklist
- [x] Acceptance testing
- [x] Documentation
- [x] Well-formed code
2016-03-14 15:12:43 -04:00
Philip Witty 6648df7acc Added AWS KMS key & alias support 2016-03-08 09:30:47 +00:00
clint shryock f0d3176999 provider/aws: Add Elastic Beanstalk Application, Configuration Template, and Environment
This adds support for Elastic Beanstalk Applications, Configuration Templates,
and Environments.

This is a combined work of @catsby, @dharrisio, @Bowbaq, and @jen20
2016-03-07 14:43:23 -06:00
Radek Simko c6c2752211 provider/aws: Sort API Gateway resources alphabetically 2016-03-06 09:29:31 +00:00
Raphael Randschau 6430fca7f6 Add aws_api_gateway_deployment resource 2016-03-05 23:21:58 +01:00
Raphael Randschau 8c59d0861e Add aws_api_gateway_api_key resource 2016-03-05 23:21:54 +01:00
Raphael Randschau b4c99f1009 Add aws_api_gateway_model resource 2016-03-05 23:21:51 +01:00
Raphael Randschau 4da8b3d03a Add aws_api_gateawy_integration_response resource 2016-03-05 23:21:48 +01:00
Raphael Randschau 1593dbe9c8 Add aws_api_gateway_integration resource 2016-03-05 23:21:44 +01:00
Raphael Randschau 91f5206f8d Add aws_api_gateway_method_response resource 2016-03-05 23:21:41 +01:00
Raphael Randschau 032e6081cb Add aws_api_gateway_method resource 2016-03-05 23:21:38 +01:00
Raphael Randschau 7ead800f6a Add aws_api_gateway_resource resource 2016-03-05 23:21:35 +01:00
Raphael Randschau a73721d248 Add aws_api_gateway_rest_api resource 2016-03-05 23:13:38 +01:00
Radek Simko f7f3d95a9b provider/aws: Add support for AWS Account Password Policy 2016-02-26 11:04:25 +00:00
Radek Simko 64539d30bc provider/aws: Add aws_lambda_permission 2016-02-15 17:16:41 +00:00
Radek Simko 61afc6d34d provider/aws: Add CloudWatch Event Target 2016-02-13 13:21:33 +00:00
Radek Simko ab89e5e528 provider/aws: Add CloudWatch Event Rule 2016-02-13 13:21:32 +00:00
Hasan Türken 766dac4d79 update documentation 2016-02-12 09:56:48 -06:00
Hasan Türken e41266e971 Move endpoint options into endpoints block 2016-02-12 09:38:21 -06:00
Hasan Türken 231604e8b7 support custom endpoints for AWS EC2 ELB and IAM 2016-02-12 09:35:50 -06:00
Trevor Pounds 0cd0ff0f8e Use built-in schema.HashString. 2016-02-07 16:29:34 -08:00
James Nugent ace215481a provider/aws: Add profile to provider config
This allows specification of the profile for the shared credentials
provider for AWS to be specified in Terraform configuration. This is
useful if defining providers with aliases, or if you don't want to set
environment variables. Example:

$ aws configure --profile this_is_dog
... enter keys

$ cat main.tf
provider "aws" {
    profile = "this_is_dog"

    # Optionally also specify the path to the credentials file
    shared_credentials_file = "/tmp/credentials"
}

This is equivalent to specifying AWS_PROFILE or
AWS_SHARED_CREDENTIALS_FILE in the environment.
2016-01-14 15:39:35 +00:00
Clint 7f6624e926 Merge pull request #3862 from stack72/aws-redshift
provider/aws: AWS Redshift
2016-01-13 16:52:47 -06:00
Johannes Boyne df7ac2d51b Add AWS lambda alias support and documentation 2016-01-13 10:05:32 -06:00
nextrevision 6a3ed429ad Adding AWS ECR provider resources
Adds ECR aws_ecr_repository and aws_ecr_repository_policy resources to
the AWS provider.
2015-12-22 10:31:30 -05:00
stack72 bf03752552 Adding the documentation for the AWS Redshift Subnet Group resource
also removed the notion of tags from the redshift security group and
parameter group documentation until that has been implemented

Redshift Cluster CRUD and acceptance tests

Removing the Acceptance test for the Cluster Updates. You cannot delete
a cluster immediately after performing an operation on it. We would need
to add a lot of retry logic to the system to get this test to work

Adding some schema validation for RedShift cluster

Adding the last of the pieces of a first draft of the Redshift work - this is the documentation
2015-12-20 20:20:05 +00:00
stack72 48091e37c7 Adding the documentation for the Redshift Parameter Groups
Changed the aws_redshift_security_group and aws_redshift_parameter_group
to remove the tags from the schema. Tags are a little bit more
complicated than originally though - I will revisit this later

Then added the schema, CRUD functionality and basic acceptance tests for
aws_redshift_subnet_group

Adding an acceptance test for the Update of subnet_ids in AWS Redshift Subnet Group
2015-12-20 20:20:03 +00:00
stack72 249e7df76c Adding the documentation for the Redshift security groups
Creation of the schema, CRUD and acceptance tests for Redshift Parameter Group
2015-12-20 20:20:01 +00:00
stack72 85afc7d614 Initial creation of the work for AWS RedShift Support
Finalising the schema and acceptance tests for the Redshift Security Group's
2015-12-20 20:19:55 +00:00
stack72 2df8d7d9b0 Initial Scaffolding of the AWS Network ACL Entry resource 2015-12-18 23:14:54 +00:00
James Nugent 0bdf249f2c provider/aws: Add aws_nat_gateway Resource 2015-12-18 14:12:27 -05:00
clint shryock 5f5459a1fb provider/aws: Refactor AWS Authentication chain
- update auth checking to check metadata header
- refactor tests to not export os env vars
2015-12-15 10:46:10 -06:00
stack72 c965d2278e Adding a resource for aws_autoscaling_schedule 2015-12-11 18:43:38 +00:00
stack72 d84d6796c4 Initial CRUD work for the Autoscaling Group Scheduled Actions 2015-12-11 10:53:46 +00:00
Chris Marchesi 85627630bd New resource (AWS provider) - aws_lambda_event_source_mapping 2015-11-30 07:45:38 -08:00
Rafal Jeczalik 9e66e18334 provider/aws: fix for https://github.com/aws/aws-sdk-go/issues/452 2015-11-24 09:30:21 +01:00
Paul Hinze 6b6b5a43c3 provider/aws: serialize SG rule access to fix race condition
Because `aws_security_group_rule` resources are an abstraction on top of
Security Groups, they must interact with the AWS Security Group APIs in
a pattern that often results in lots of parallel requests interacting
with the same security group.

We've found that this pattern can trigger race conditions resulting in
inconsistent behavior, including:

 * Rules that report as created but don't actually exist on AWS's side
 * Rules that show up in AWS but don't register as being created
   locally, resulting in follow up attempts to authorize the rule
   failing w/ Duplicate errors

Here, we introduce a per-SG mutex that must be held by any security
group before it is allowed to interact with AWS APIs. This protects the
space between `DescribeSecurityGroup` and `Authorize*` / `Revoke*`
calls, ensuring that no other rules interact with the SG during that
span.

The included test exposes the race by applying a security group with
lots of rules, which based on the dependency graph can all be handled in
parallel. This fails most of the time without the new locking behavior.

I've omitted the mutex from `Read`, since it is only called during the
Refresh walk when no changes are being made, meaning a bunch of parallel
`DescribeSecurityGroup` API calls should be consistent in that case.
2015-11-18 12:39:59 -06:00
Rafal Jeczalik 4f25b552bb use single import path for aws-sdk-go 2015-11-16 00:42:08 +01:00
stack72 fc983c5505 Initial Create, Read and Delete work for the S3 part of the Kinesis Firehose resource 2015-11-09 22:26:55 +00:00
stack72 89ce6f7c83 Started the work for the AWS CodeCommit Repository resource
Starting to add the skeleton for the creation and update of a repository
2015-10-30 21:39:04 +00:00
Clint 5c3c1e2327 Merge pull request #3548 from MDL/aws_route
provider/aws: add aws_route resource (finish)
2015-10-29 17:06:56 -05:00
Clint cb2ecf5733 Merge pull request #3255 from Runscope/local-kinesis
provider/aws: allow local kinesis
2015-10-29 08:24:07 -05:00